admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-04-01T22:00:20.744375+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-04-01 22:03:54 +00:00
parent ca73949030
commit 71988a8d5c
1026 changed files with 13373 additions and 3352 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
CVE-2003/CVE-2003-200xx/CVE-2003-20001.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2003-20001",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-01T21:15:40.450",
"lastModified": "2025-04-01T21:15:40.450",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered on Mitel ICP VoIP 3100 devices. When a remote user attempts to log in via TELNET during the login wait time and an external call comes in, the system incorrectly divulges information about the call and any SMDR records generated by the system. The information provided includes the service type, extension number and other parameters, related to the call activity."
}
],
"metrics": {},
"references": [
{
"url": "http://olografix.org/acme/mitel.txt",
"source": "cve@mitre.org"
},
{
"url": "https://packetstorm.news/files/id/31445",
"source": "cve@mitre.org"
},
{
"url": "https://rb.gy/1smt22",
"source": "cve@mitre.org"
},
{
"url": "https://www.exploit-db.com/exploits/49176",
"source": "cve@mitre.org"
}
]
}

4
CVE-2019/CVE-2019-101xx/CVE-2019-10149.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2019-10149",
"sourceIdentifier": "secalert@redhat.com",
"published": "2019-06-05T14:29:11.293",
"lastModified": "2024-11-21T04:18:31.237",
"vulnStatus": "Modified",
"lastModified": "2025-04-01T20:58:53.647",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2019/CVE-2019-72xx/CVE-2019-7286.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2019-7286",
"sourceIdentifier": "product-security@apple.com",
"published": "2019-12-18T18:15:22.067",
"lastModified": "2025-01-29T18:15:32.340",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-04-01T21:22:53.800",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2020/CVE-2020-06xx/CVE-2020-0618.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-0618",
"sourceIdentifier": "secure@microsoft.com",
"published": "2020-02-11T22:15:13.400",
"lastModified": "2024-11-21T04:53:52.117",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-04-01T21:23:31.500",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

32
CVE-2020/CVE-2020-183xx/CVE-2020-18330.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-18330",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-01-26T21:15:18.723",
"lastModified": "2024-11-21T05:08:32.600",
"lastModified": "2025-04-01T21:15:41.010",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-22"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [

32
CVE-2020/CVE-2020-183xx/CVE-2020-18331.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-18331",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-01-26T21:15:19.080",
"lastModified": "2024-11-21T05:08:32.763",
"lastModified": "2025-04-01T21:15:41.313",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-22"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [

32
CVE-2020/CVE-2020-366xx/CVE-2020-36657.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-36657",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-01-26T21:15:21.893",
"lastModified": "2024-11-21T05:30:01.900",
"lastModified": "2025-04-01T21:15:41.543",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-59"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-202xx/CVE-2022-20214.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-20214",
"sourceIdentifier": "security@android.com",
"published": "2023-01-26T21:15:25.963",
"lastModified": "2024-11-21T06:42:22.140",
"lastModified": "2025-04-01T20:15:15.440",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-1021"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1021"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-204xx/CVE-2022-20490.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-20490",
"sourceIdentifier": "security@android.com",
"published": "2023-01-26T21:15:27.607",
"lastModified": "2024-11-21T06:42:54.810",
"lastModified": "2025-04-01T20:15:15.700",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-770"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"configurations": [

12
CVE-2023/CVE-2023-04xx/CVE-2023-0411.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-0411",
"sourceIdentifier": "cve@gitlab.com",
"published": "2023-01-26T21:18:07.613",
"lastModified": "2024-11-21T07:37:07.900",
"lastModified": "2025-04-01T20:15:16.007",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-834"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-834"
}
]
}
],
"configurations": [

4
CVE-2023/CVE-2023-08xx/CVE-2023-0881.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-0881",
"sourceIdentifier": "security@ubuntu.com",
"published": "2025-03-31T14:15:18.090",
"lastModified": "2025-03-31T14:15:18.090",
"vulnStatus": "Received",
"lastModified": "2025-04-01T20:26:30.593",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

32
CVE-2023/CVE-2023-240xx/CVE-2023-24057.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-24057",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-01-26T21:18:15.960",
"lastModified": "2024-11-21T07:47:20.847",
"lastModified": "2025-04-01T20:15:16.193",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-22"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [

4
CVE-2023/CVE-2023-333xx/CVE-2023-33302.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33302",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-03-31T15:15:41.680",
"lastModified": "2025-03-31T15:15:41.680",
"vulnStatus": "Received",
"lastModified": "2025-04-01T20:26:30.593",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

70
CVE-2024/CVE-2024-107xx/CVE-2024-10721.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-10721",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:19.020",
"lastModified": "2025-03-20T14:15:16.777",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-01T20:35:45.840",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -51,18 +73,44 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/phpipam/phpipam/commit/c1697bb6c4e4a6403d69c0868e1eb1040f98b731",
"source": "security@huntr.dev"
},
"nodes": [
{
"url": "https://huntr.com/bounties/a440a003-84c9-47b5-bfbd-675564abe3d8",
"source": "security@huntr.dev"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://huntr.com/bounties/a440a003-84c9-47b5-bfbd-675564abe3d8",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"vulnerable": true,
"criteria": "cpe:2.3:a:phpipam:phpipam:1.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "94A1B7BC-541E-4793-ABCF-B38C69F6EA6B"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/phpipam/phpipam/commit/c1697bb6c4e4a6403d69c0868e1eb1040f98b731",
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.com/bounties/a440a003-84c9-47b5-bfbd-675564abe3d8",
"source": "security@huntr.dev",
"tags": [
"Exploit"
]
},
{
"url": "https://huntr.com/bounties/a440a003-84c9-47b5-bfbd-675564abe3d8",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit"
]
}
]
}

72
CVE-2024/CVE-2024-107xx/CVE-2024-10727.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-10727",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:19.633",
"lastModified": "2025-03-20T16:15:13.443",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-01T20:35:36.647",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -51,18 +73,46 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/phpipam/phpipam/commit/c1697bb6c4e4a6403d69c0868e1eb1040f98b731",
"source": "security@huntr.dev"
},
"nodes": [
{
"url": "https://huntr.com/bounties/259eed22-4d6f-4229-92e5-04674f302d5d",
"source": "security@huntr.dev"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://huntr.com/bounties/259eed22-4d6f-4229-92e5-04674f302d5d",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"vulnerable": true,
"criteria": "cpe:2.3:a:phpipam:phpipam:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.5.0",
"versionEndIncluding": "1.6",
"matchCriteriaId": "DEC3A383-0A9F-4B31-89F0-4DCDE1657A97"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/phpipam/phpipam/commit/c1697bb6c4e4a6403d69c0868e1eb1040f98b731",
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.com/bounties/259eed22-4d6f-4229-92e5-04674f302d5d",
"source": "security@huntr.dev",
"tags": [
"Exploit"
]
},
{
"url": "https://huntr.com/bounties/259eed22-4d6f-4229-92e5-04674f302d5d",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit"
]
}
]
}

8
CVE-2024/CVE-2024-111xx/CVE-2024-11180.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-11180",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-03-29T08:15:13.603",
"lastModified": "2025-03-29T08:15:13.603",
"vulnStatus": "Received",
"lastModified": "2025-04-01T20:26:30.593",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Countdown Timer Widget ekit_countdown_timer_title parameter in all versions up to, and including, 3.4.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
},
{
"lang": "es",
"value": "El complemento ElementsKit Elementor para WordPress es vulnerable a cross-site scripting almacenado a trav\u00e9s del par\u00e1metro ekit_countdown_timer_title del widget del temporizador de cuenta regresiva en todas las versiones hasta la 3.4.7 incluida, debido a una depuraci\u00f3n de entrada y al escape de salida insuficiente. Esto permite a atacantes autenticados, con acceso de colaborador o superior, inyectar scripts web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n al acceder un usuario a una p\u00e1gina inyectada."
}
],
"metrics": {

69
CVE-2024/CVE-2024-113xx/CVE-2024-11300.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-11300",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:24.777",
"lastModified": "2025-03-20T15:15:40.080",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-01T20:35:24.003",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -49,20 +71,57 @@
"value": "CWE-284"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lunary:lunary:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.6.3",
"matchCriteriaId": "C8E98F12-737E-4F73-B80A-71F7DA277455"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/lunary-ai/lunary/commit/79dc370596d979b756f6ea0250d97a2d02385ecd",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.com/bounties/8dca7994-0d92-491e-a419-02adfe23ffa4",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit"
]
},
{
"url": "https://huntr.com/bounties/8dca7994-0d92-491e-a419-02adfe23ffa4",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit"
]
}
]
}

61
CVE-2024/CVE-2024-118xx/CVE-2024-11822.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-11822",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:25.677",
"lastModified": "2025-03-20T14:15:18.070",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-01T20:35:15.637",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -51,14 +73,37 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://huntr.com/bounties/f3042029-5d4e-41c6-850d-bbe02fae6592",
"source": "security@huntr.dev"
},
"nodes": [
{
"url": "https://huntr.com/bounties/f3042029-5d4e-41c6-850d-bbe02fae6592",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dify:dify:0.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C16C43FE-B75C-433E-9505-349D10CDBD8A"
}
]
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/f3042029-5d4e-41c6-850d-bbe02fae6592",
"source": "security@huntr.dev",
"tags": [
"Exploit"
]
},
{
"url": "https://huntr.com/bounties/f3042029-5d4e-41c6-850d-bbe02fae6592",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit"
]
}
]
}

4
CVE-2024/CVE-2024-120xx/CVE-2024-12021.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-12021",
"sourceIdentifier": "disclosure@synopsys.com",
"published": "2025-03-31T14:15:18.303",
"lastModified": "2025-03-31T14:15:18.303",
"vulnStatus": "Received",
"lastModified": "2025-04-01T20:26:30.593",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-121xx/CVE-2024-12189.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-12189",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-04-01T07:15:38.050",
"lastModified": "2025-04-01T07:15:38.050",
"vulnStatus": "Received",
"lastModified": "2025-04-01T20:26:11.547",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-122xx/CVE-2024-12278.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-12278",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-04-01T07:15:38.507",
"lastModified": "2025-04-01T07:15:38.507",
"vulnStatus": "Received",
"lastModified": "2025-04-01T20:26:11.547",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

68
CVE-2024/CVE-2024-124xx/CVE-2024-12450.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-12450",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:28.883",
"lastModified": "2025-03-20T16:15:13.727",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-01T20:35:08.477",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -49,20 +71,56 @@
"value": "CWE-77"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:infiniflow:ragflow:0.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6EDC17D5-855D-4564-ABB4-CED9A5E4F983"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/infiniflow/ragflow/commit/3faae0b2c2f8a26233ee1442ba04874b3406f6e9",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.com/bounties/da06360c-87c3-4ba9-be67-29f6eff9d44a",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit"
]
},
{
"url": "https://huntr.com/bounties/da06360c-87c3-4ba9-be67-29f6eff9d44a",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit"
]
}
]
}

63
CVE-2024/CVE-2024-125xx/CVE-2024-12537.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-12537",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:29.140",
"lastModified": "2025-03-20T15:15:40.673",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-01T20:34:58.990",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -49,16 +71,49 @@
"value": "CWE-400"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openwebui:open_webui:0.3.32:*:*:*:*:*:*:*",
"matchCriteriaId": "9D070B86-0839-459E-9C0F-D8F945F82337"
}
]
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/edabd06c-acc0-428c-a481-271f333755bc",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit"
]
},
{
"url": "https://huntr.com/bounties/edabd06c-acc0-428c-a481-271f333755bc",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit"
]
}
]
}

61
CVE-2024/CVE-2024-127xx/CVE-2024-12779.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-12779",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:30.600",
"lastModified": "2025-03-20T13:15:35.893",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-01T20:34:50.027",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -51,14 +73,37 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://huntr.com/bounties/3cc748ba-2afb-4bfe-8553-10eb6d6dd4f0",
"source": "security@huntr.dev"
},
"nodes": [
{
"url": "https://huntr.com/bounties/3cc748ba-2afb-4bfe-8553-10eb6d6dd4f0",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:infiniflow:ragflow:0.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6EDC17D5-855D-4564-ABB4-CED9A5E4F983"
}
]
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/3cc748ba-2afb-4bfe-8553-10eb6d6dd4f0",
"source": "security@huntr.dev",
"tags": [
"Exploit"
]
},
{
"url": "https://huntr.com/bounties/3cc748ba-2afb-4bfe-8553-10eb6d6dd4f0",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit"
]
}
]
}

63
CVE-2024/CVE-2024-128xx/CVE-2024-12869.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-12869",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:31.087",
"lastModified": "2025-03-20T15:15:41.003",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-01T20:34:43.100",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -49,16 +71,49 @@
"value": "CWE-287"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:infiniflow:ragflow:0.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6EDC17D5-855D-4564-ABB4-CED9A5E4F983"
}
]
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/768b1a56-1e79-416a-8445-65953568b04a",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit"
]
},
{
"url": "https://huntr.com/bounties/768b1a56-1e79-416a-8445-65953568b04a",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit"
]
}
]
}

61
CVE-2024/CVE-2024-128xx/CVE-2024-12871.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-12871",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:31.340",
"lastModified": "2025-03-20T14:15:18.563",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-01T20:34:33.523",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -51,14 +73,37 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://huntr.com/bounties/7903945c-2839-4dd5-9d40-9ef47fe53118",
"source": "security@huntr.dev"
},
"nodes": [
{
"url": "https://huntr.com/bounties/7903945c-2839-4dd5-9d40-9ef47fe53118",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:infiniflow:ragflow:0.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6EDC17D5-855D-4564-ABB4-CED9A5E4F983"
}
]
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/7903945c-2839-4dd5-9d40-9ef47fe53118",
"source": "security@huntr.dev",
"tags": [
"Exploit"
]
},
{
"url": "https://huntr.com/bounties/7903945c-2839-4dd5-9d40-9ef47fe53118",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit"
]
}
]
}

71
CVE-2024/CVE-2024-129xx/CVE-2024-12910.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-12910",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:31.960",
"lastModified": "2025-03-20T14:15:18.657",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-01T20:34:25.510",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -51,18 +73,45 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/run-llama/llama_index/commit/159ce485a1168100bb219dc1b93133f1121579d9",
"source": "security@huntr.dev"
},
"nodes": [
{
"url": "https://huntr.com/bounties/27883f22-35ff-49df-aaa5-05031c7d6ad8",
"source": "security@huntr.dev"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://huntr.com/bounties/27883f22-35ff-49df-aaa5-05031c7d6ad8",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"vulnerable": true,
"criteria": "cpe:2.3:a:llamaindex:llamaindex:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.12.9",
"matchCriteriaId": "79445BC3-EEAC-4038-8893-1B2BC969CD4D"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/run-llama/llama_index/commit/159ce485a1168100bb219dc1b93133f1121579d9",
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.com/bounties/27883f22-35ff-49df-aaa5-05031c7d6ad8",
"source": "security@huntr.dev",
"tags": [
"Exploit"
]
},
{
"url": "https://huntr.com/bounties/27883f22-35ff-49df-aaa5-05031c7d6ad8",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit"
]
}
]
}

71
CVE-2024/CVE-2024-130xx/CVE-2024-13060.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-13060",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:32.210",
"lastModified": "2025-03-20T15:15:41.097",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-01T20:34:17.010",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -51,18 +73,45 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/mintplex-labs/anything-llm/commit/696af19c45473172ad4d3ca749281800a4d1a45a",
"source": "security@huntr.dev"
},
"nodes": [
{
"url": "https://huntr.com/bounties/98a49c90-e095-441f-900c-59d463dc8e8f",
"source": "security@huntr.dev"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://huntr.com/bounties/98a49c90-e095-441f-900c-59d463dc8e8f",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"vulnerable": true,
"criteria": "cpe:2.3:a:mintplexlabs:anythingllm_docker:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.3.1",
"matchCriteriaId": "D3E9A0B7-118F-4BFE-B218-BE8AF5BDC211"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/mintplex-labs/anything-llm/commit/696af19c45473172ad4d3ca749281800a4d1a45a",
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.com/bounties/98a49c90-e095-441f-900c-59d463dc8e8f",
"source": "security@huntr.dev",
"tags": [
"Exploit"
]
},
{
"url": "https://huntr.com/bounties/98a49c90-e095-441f-900c-59d463dc8e8f",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit"
]
}
]
}

4
CVE-2024/CVE-2024-135xx/CVE-2024-13553.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-13553",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-04-01T12:15:14.643",
"lastModified": "2025-04-01T12:15:14.643",
"vulnStatus": "Received",
"lastModified": "2025-04-01T20:26:11.547",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

8
CVE-2024/CVE-2024-135xx/CVE-2024-13557.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-13557",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-03-29T07:15:12.983",
"lastModified": "2025-03-29T07:15:12.983",
"vulnStatus": "Received",
"lastModified": "2025-04-01T20:26:30.593",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Shortcodes by United Themes plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.1.6. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes."
},
{
"lang": "es",
"value": "El complemento Shortcodes de United Themes para WordPress es vulnerable a la ejecuci\u00f3n de shortcodes arbitrarios en todas las versiones hasta la 5.1.6 incluida. Esto se debe a que el software permite a los usuarios ejecutar una acci\u00f3n que no valida correctamente un valor antes de ejecutar do_shortcode. Esto permite que atacantes no autenticados ejecuten shortcodes arbitrarios. "
}
],
"metrics": {

4
CVE-2024/CVE-2024-135xx/CVE-2024-13567.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-13567",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-04-01T06:15:46.900",
"lastModified": "2025-04-01T06:15:46.900",
"vulnStatus": "Received",
"lastModified": "2025-04-01T20:26:11.547",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-138xx/CVE-2024-13804.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-13804",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2025-03-30T22:15:14.510",
"lastModified": "2025-04-01T00:15:14.200",
"vulnStatus": "Received",
"lastModified": "2025-04-01T20:26:30.593",
"vulnStatus": "Awaiting Analysis",
"cveTags": [
{
"sourceIdentifier": "security-alert@hpe.com",

149
CVE-2024/CVE-2024-139xx/CVE-2024-13941.json Normal file
View File

@ -0,0 +1,149 @@
{
"id": "CVE-2024-13941",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-04-01T21:15:41.807",
"lastModified": "2025-04-01T21:15:41.807",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in ouch-org ouch up to 0.3.1. It has been classified as critical. This affects the function ouch::archive::zip::convert_zip_date_time of the file zip.rs. The manipulation of the argument month leads to memory corruption. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. Upgrading to version 0.4.0 is able to address this issue. It is recommended to upgrade the affected component."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P",
"baseScore": 4.3,
"accessVector": "LOCAL",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 3.1,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
],
"references": [
{
"url": "https://github.com/ouch-org/ouch/issues/707",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/ouch-org/ouch/releases/tag/0.4.0",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/rustsec/advisory-db/pull/2084/files",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/user-attachments/files/16767988/ouch.crash.report.docx",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.302055",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.302055",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.524511",
"source": "cna@vuldb.com"
}
]
}

4
CVE-2024/CVE-2024-242xx/CVE-2024-24292.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-24292",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-28T21:15:15.833",
"lastModified": "2025-04-01T19:15:42.573",
"vulnStatus": "Received",
"lastModified": "2025-04-01T20:26:30.593",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-244xx/CVE-2024-24456.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-24456",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2025-03-31T21:15:44.513",
"lastModified": "2025-03-31T21:15:44.513",
"vulnStatus": "Received",
"lastModified": "2025-04-01T20:26:22.890",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

295
CVE-2024/CVE-2024-267xx/CVE-2024-26788.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26788",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-04T09:15:08.347",
"lastModified": "2024-11-21T09:03:04.450",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-04-01T20:35:20.977",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,67 +15,246 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: dmaengine: fsl-qdma: init irq after reg inicializaci\u00f3n Inicialice qDMA irqs despu\u00e9s de configurar los registros para que las interrupciones que puedan haber estado pendientes de un kernel primario no sean procesadas por el controlador irq antes de que est\u00e9 listo y cause p\u00e1nico con el siguiente rastreo: Rastreo de llamadas: fsl_qdma_queue_handler+0xf8/0x3e8 __handle_irq_event_percpu+0x78/0x2b0 handle_irq_event_percpu+0x1c/0x68 handle_irq_event+0x44/0x78 handle_fasteoi_irq+0xc8/0x 178 generic_handle_irq+0x24/0x38 __handle_domain_irq +0x90/0x100 gic_handle_irq+0x5c/0xb8 el1_irq+0xb8/0x180 _raw_spin_unlock_irqrestore+0x14/0x40 __setup_irq+0x4bc/0x798 request_threaded_irq+0xd8/0x190 devm_request_threaded_irq+0x74/ 0xe8 fsl_qdma_probe+0x4d4/0xca8 plataforma_drv_probe+0x50/0xa0 very_probe+0xe0/0x3f8 driver_probe_device +0x64/0x130 dispositivo_driver_attach+0x6c/0x78 __driver_attach+0xbc/0x158 bus_for_each_dev+0x5c/0x98 driver_attach+0x20/0x28 bus_add_driver+0x158/0x220 driver_register+0x60/0x110 __platform_driver_register+0x 44/0x50 fsl_qdma_driver_init+0x18/0x20 do_one_initcall+0x48/0x258 kernel_init_freeable +0x1a4/0x23c kernel_init+0x10/0xf8 ret_from_fork+0x10/0x18"
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/3cc5fb824c2125aa3740d905b3e5b378c8a09478",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/4529c084a320be78ff2c5e64297ae998c6fdf66b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/474d521da890b3e3585335fb80a6044cb2553d99",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/677102a930643c31f1b4c512b041407058bdfef8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/87a39071e0b639f45e05d296cc0538eef44ec0bd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9579a21e99fe8dab22a253050ddff28d340d74e1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a69c8bbb946936ac4eb6a6ae1e849435aa8d947d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/3cc5fb824c2125aa3740d905b3e5b378c8a09478",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/4529c084a320be78ff2c5e64297ae998c6fdf66b",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/474d521da890b3e3585335fb80a6044cb2553d99",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/677102a930643c31f1b4c512b041407058bdfef8",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/87a39071e0b639f45e05d296cc0538eef44ec0bd",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/9579a21e99fe8dab22a253050ddff28d340d74e1",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/a69c8bbb946936ac4eb6a6ae1e849435aa8d947d",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "CWE-908"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.1",
"versionEndExcluding": "5.4.271",
"matchCriteriaId": "6A4B5A96-B786-4F9E-AC8D-21120839B09B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.212",
"matchCriteriaId": "01B34738-A022-44A9-9250-DCBC76539CB9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.151",
"matchCriteriaId": "EEAFD33E-C22F-4FB1-A417-9C96AB3E0358"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.81",
"matchCriteriaId": "EC825B0E-DFCA-4034-9B92-F111A4E2A732"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.21",
"matchCriteriaId": "B19074A2-9FE5-4E7D-9E2D-020F95013ADA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.7.9",
"matchCriteriaId": "1C538467-EDA0-4A9A-82EB-2925DE9FF827"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9F4EA73-0894-400F-A490-3A397AB7A517"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc2:*:*:*:*:*:*",
"matchCriteriaId": "056BD938-0A27-4569-B391-30578B309EE3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc3:*:*:*:*:*:*",
"matchCriteriaId": "F02056A5-B362-4370-9FF8-6F0BD384D520"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc4:*:*:*:*:*:*",
"matchCriteriaId": "62075ACE-B2A0-4B16-829D-B3DA5AE5CC41"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc5:*:*:*:*:*:*",
"matchCriteriaId": "A780F817-2A77-4130-A9B7-5C25606314E3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc6:*:*:*:*:*:*",
"matchCriteriaId": "AEB9199B-AB8F-4877-8964-E2BA95B5F15C"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/3cc5fb824c2125aa3740d905b3e5b378c8a09478",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4529c084a320be78ff2c5e64297ae998c6fdf66b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/474d521da890b3e3585335fb80a6044cb2553d99",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/677102a930643c31f1b4c512b041407058bdfef8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/87a39071e0b639f45e05d296cc0538eef44ec0bd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9579a21e99fe8dab22a253050ddff28d340d74e1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a69c8bbb946936ac4eb6a6ae1e849435aa8d947d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3cc5fb824c2125aa3740d905b3e5b378c8a09478",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4529c084a320be78ff2c5e64297ae998c6fdf66b",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/474d521da890b3e3585335fb80a6044cb2553d99",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/677102a930643c31f1b4c512b041407058bdfef8",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/87a39071e0b639f45e05d296cc0538eef44ec0bd",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9579a21e99fe8dab22a253050ddff28d340d74e1",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a69c8bbb946936ac4eb6a6ae1e849435aa8d947d",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
}
]
}

211
CVE-2024/CVE-2024-267xx/CVE-2024-26798.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26798",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-04T09:15:08.897",
"lastModified": "2024-11-21T09:03:05.853",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-04-01T20:35:32.650",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,47 +15,182 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: fbcon: restaurar siempre los datos de fuentes antiguos en fbcon_do_set_font() commit a5a923038d70 (fbdev: fbcon: revertir correctamente los cambios cuando fall\u00f3 vc_resize()) comenz\u00f3 a restaurar los datos de fuentes antiguos en caso de falla (de vc_resize ()). Pero funciona s\u00f3lo para fuentes de usuario. Significa que las fuentes internas/del \"SYSTEM\" no se restauran en absoluto. Entonces, como resultado, la primera llamada a fbcon_do_set_font() no realiza ninguna restauraci\u00f3n al fallar vc_resize(). Syzkaller puede reproducir esto para bloquear el SYSTEM en la siguiente invocaci\u00f3n de font_get(). Es bastante dif\u00edcil solucionar el error de asignaci\u00f3n en vc_resize() en el primer font_set(), pero no imposible. Esp. si se utiliza la inyecci\u00f3n de fallos para ayudar en la ejecuci\u00f3n/fallo. Sirius lo demostr\u00f3: ERROR: no se puede manejar el error de p\u00e1gina para la direcci\u00f3n: fffffffffffffff8 #PF: acceso de lectura del supervisor en modo kernel #PF: error_code(0x0000) - p\u00e1gina no presente PGD cb7b067 P4D cb7b067 PUD cb7d067 PMD 0 Ups: 0000 [ #1] PREEMPT SMP KASAN CPU: 1 PID: 8007 Comm: poc No contaminado 6.7.0-g9d1694dc91ce #20 Nombre del hardware: PC est\u00e1ndar QEMU (i440FX + PIIX, 1996), BIOS 1.15.0-1 01/04/2014 RIP : 0010:fbcon_get_font+0x229/0x800 drivers/video/fbdev/core/fbcon.c:2286 Seguimiento de llamadas: con_font_get drivers/tty/vt/vt.c:4558 [en l\u00ednea] con_font_op+0x1fc/0xf20 drivers/tty /vt/vt.c:4673 controladores vt_k_ioctl/tty/vt/vt_ioctl.c:474 [en l\u00ednea] vt_ioctl+0x632/0x2ec0 controladores/tty/vt/vt_ioctl.c:752 tty_ioctl+0x6f8/0x1570 controladores/tty/tty_io. c:2803 vfs_ioctl fs/ioctl.c:51 [en l\u00ednea] ... As\u00ed que restaure los datos de fuente en cualquier caso, no solo para las fuentes del usuario. Tenga en cuenta que el 'if' posterior ahora est\u00e1 protegido por 'old_userfont' y no por 'old_data' ya que este \u00faltimo siempre est\u00e1 configurado ahora. (Y se supone que no es NULL. De lo contrario, volver\u00edamos a ver el error anterior)."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/00d6a284fcf3fad1b7e1b5bc3cd87cbfb60ce03f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/20a4b5214f7bee13c897477168c77bbf79683c3d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/2f91a96b892fab2f2543b4a55740c5bee36b1a6b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/73a6bd68a1342f3a44cac9dffad81ad6a003e520",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a2c881413dcc5d801bdc9535e51270cc88cb9cd8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/00d6a284fcf3fad1b7e1b5bc3cd87cbfb60ce03f",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/20a4b5214f7bee13c897477168c77bbf79683c3d",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/2f91a96b892fab2f2543b4a55740c5bee36b1a6b",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/73a6bd68a1342f3a44cac9dffad81ad6a003e520",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/a2c881413dcc5d801bdc9535e51270cc88cb9cd8",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "CWE-770"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.15.64",
"versionEndExcluding": "5.15.151",
"matchCriteriaId": "C6852C0F-A534-43B3-BDC6-ECFEF26AB7DB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.0",
"versionEndExcluding": "6.1.81",
"matchCriteriaId": "89A51AC3-83B4-4F44-B496-385D10612456"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.21",
"matchCriteriaId": "B19074A2-9FE5-4E7D-9E2D-020F95013ADA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.7.9",
"matchCriteriaId": "1C538467-EDA0-4A9A-82EB-2925DE9FF827"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9F4EA73-0894-400F-A490-3A397AB7A517"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc2:*:*:*:*:*:*",
"matchCriteriaId": "056BD938-0A27-4569-B391-30578B309EE3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc3:*:*:*:*:*:*",
"matchCriteriaId": "F02056A5-B362-4370-9FF8-6F0BD384D520"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc4:*:*:*:*:*:*",
"matchCriteriaId": "62075ACE-B2A0-4B16-829D-B3DA5AE5CC41"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc5:*:*:*:*:*:*",
"matchCriteriaId": "A780F817-2A77-4130-A9B7-5C25606314E3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc6:*:*:*:*:*:*",
"matchCriteriaId": "AEB9199B-AB8F-4877-8964-E2BA95B5F15C"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/00d6a284fcf3fad1b7e1b5bc3cd87cbfb60ce03f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/20a4b5214f7bee13c897477168c77bbf79683c3d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/2f91a96b892fab2f2543b4a55740c5bee36b1a6b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/73a6bd68a1342f3a44cac9dffad81ad6a003e520",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a2c881413dcc5d801bdc9535e51270cc88cb9cd8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/00d6a284fcf3fad1b7e1b5bc3cd87cbfb60ce03f",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/20a4b5214f7bee13c897477168c77bbf79683c3d",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/2f91a96b892fab2f2543b4a55740c5bee36b1a6b",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/73a6bd68a1342f3a44cac9dffad81ad6a003e520",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a2c881413dcc5d801bdc9535e51270cc88cb9cd8",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

211
CVE-2024/CVE-2024-268xx/CVE-2024-26803.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26803",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-04T09:15:09.163",
"lastModified": "2024-11-21T09:03:06.517",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-04-01T20:35:43.953",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,47 +15,182 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: veth: borra GRO al borrar XDP incluso cuando est\u00e1 desactivado veth configura NETIF_F_GRO autom\u00e1ticamente cuando XDP est\u00e1 habilitado, porque ambas funciones utilizan la misma maquinaria NAPI. La l\u00f3gica para borrar NETIF_F_GRO se encuentra en veth_disable_xdp(), que se llama tanto en ndo_stop como cuando XDP est\u00e1 desactivado. Para evitar que la bandera se borre cuando se baja el dispositivo, la eliminaci\u00f3n se omite cuando IFF_UP no est\u00e1 configurado. De hecho, bajar el dispositivo no deber\u00eda modificar sus caracter\u00edsticas. Desafortunadamente, esto significa que la limpieza tambi\u00e9n se omite cuando XDP est\u00e1 deshabilitado _mientras_ el dispositivo est\u00e1 inactivo. Y no hay nada en el camino abierto para volver a sincronizar las funciones del dispositivo. IOW, si el usuario habilita XDP, lo deshabilita y luego enciende el dispositivo, terminaremos con un indicador GRO perdido pero sin instancias NAPI. No dependemos del indicador GRO en la ruta de datos, por lo que la ruta de datos no fallar\u00e1. Nos bloquearemos (o colgaremos), sin embargo, la pr\u00f3xima vez que se sincronicen las funciones (ya sea por el usuario a trav\u00e9s de ethtool o por un compa\u00f1ero cambiando su configuraci\u00f3n). La bandera GRO desaparecer\u00e1 y Veth intentar\u00e1 desactivar las NAPI. Pero el camino abierto nunca los cre\u00f3 ya que XDP estaba desactivado, la bandera GRO estaba perdida. Si NAPI se inicializ\u00f3 antes, colgaremos napi_disable(). Si nunca fue as\u00ed, fallaremos al intentar detener el hrtimer no inicializado. Mueva las actualizaciones del indicador GRO a las rutas de activaci\u00f3n/desactivaci\u00f3n de XDP, en lugar de mezclarlas con las rutas ndo_open/ndo_close."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/16edf51f33f52dff70ed455bc40a6cc443c04664",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/7985d73961bbb4e726c1be7b9cd26becc7be8325",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/8f7a3894e58e6f5d5815533cfde60e3838947941",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/f011c103e654d83dc85f057a7d1bd0960d02831c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/fe9f801355f0b47668419f30f1fac1cf4539e736",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/16edf51f33f52dff70ed455bc40a6cc443c04664",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/7985d73961bbb4e726c1be7b9cd26becc7be8325",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/8f7a3894e58e6f5d5815533cfde60e3838947941",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/f011c103e654d83dc85f057a7d1bd0960d02831c",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/fe9f801355f0b47668419f30f1fac1cf4539e736",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "CWE-459"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.13",
"versionEndExcluding": "5.15.151",
"matchCriteriaId": "853CEBB6-8069-462F-83BC-C65A106236DB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.81",
"matchCriteriaId": "EC825B0E-DFCA-4034-9B92-F111A4E2A732"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.21",
"matchCriteriaId": "B19074A2-9FE5-4E7D-9E2D-020F95013ADA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.7.9",
"matchCriteriaId": "1C538467-EDA0-4A9A-82EB-2925DE9FF827"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9F4EA73-0894-400F-A490-3A397AB7A517"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc2:*:*:*:*:*:*",
"matchCriteriaId": "056BD938-0A27-4569-B391-30578B309EE3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc3:*:*:*:*:*:*",
"matchCriteriaId": "F02056A5-B362-4370-9FF8-6F0BD384D520"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc4:*:*:*:*:*:*",
"matchCriteriaId": "62075ACE-B2A0-4B16-829D-B3DA5AE5CC41"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc5:*:*:*:*:*:*",
"matchCriteriaId": "A780F817-2A77-4130-A9B7-5C25606314E3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc6:*:*:*:*:*:*",
"matchCriteriaId": "AEB9199B-AB8F-4877-8964-E2BA95B5F15C"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/16edf51f33f52dff70ed455bc40a6cc443c04664",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7985d73961bbb4e726c1be7b9cd26becc7be8325",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8f7a3894e58e6f5d5815533cfde60e3838947941",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f011c103e654d83dc85f057a7d1bd0960d02831c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/fe9f801355f0b47668419f30f1fac1cf4539e736",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/16edf51f33f52dff70ed455bc40a6cc443c04664",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7985d73961bbb4e726c1be7b9cd26becc7be8325",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8f7a3894e58e6f5d5815533cfde60e3838947941",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f011c103e654d83dc85f057a7d1bd0960d02831c",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/fe9f801355f0b47668419f30f1fac1cf4539e736",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

4
CVE-2024/CVE-2024-389xx/CVE-2024-38985.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-38985",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-28T21:15:16.867",
"lastModified": "2025-04-01T19:15:42.743",
"vulnStatus": "Received",
"lastModified": "2025-04-01T20:26:30.593",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-389xx/CVE-2024-38988.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-38988",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-28T21:15:16.967",
"lastModified": "2025-04-01T19:15:42.913",
"vulnStatus": "Received",
"lastModified": "2025-04-01T20:26:30.593",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-408xx/CVE-2024-40864.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-40864",
"sourceIdentifier": "product-security@apple.com",
"published": "2025-03-31T23:15:15.157",
"lastModified": "2025-04-01T14:15:19.753",
"vulnStatus": "Received",
"lastModified": "2025-04-01T20:26:22.890",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

8
CVE-2024/CVE-2024-431xx/CVE-2024-43186.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-43186",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-03-29T00:15:23.620",
"lastModified": "2025-03-29T00:15:23.620",
"vulnStatus": "Received",
"lastModified": "2025-04-01T20:26:30.593",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information that is stored locally under certain conditions."
},
{
"lang": "es",
"value": "IBM InfoSphere Information Server 11.7 podr\u00eda permitir que un usuario autenticado obtenga informaci\u00f3n confidencial almacenada localmente bajo determinadas condiciones."
}
],
"metrics": {

43
CVE-2024/CVE-2024-475xx/CVE-2024-47552.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-47552",
"sourceIdentifier": "security@apache.org",
"published": "2025-03-20T09:15:12.803",
"lastModified": "2025-03-24T15:15:15.180",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-01T20:36:04.663",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,41 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://lists.apache.org/thread/652o82vzk9qrtgksk55cfgpbvdgtkch0",
"source": "security@apache.org"
},
"nodes": [
{
"url": "http://www.openwall.com/lists/oss-security/2025/03/19/5",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:seata:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.0.0",
"versionEndExcluding": "2.2.0",
"matchCriteriaId": "F54F8C85-25F7-48C3-9BC9-A88E91969EFE"
}
]
}
]
}
],
"references": [
{
"url": "https://lists.apache.org/thread/652o82vzk9qrtgksk55cfgpbvdgtkch0",
"source": "security@apache.org",
"tags": [
"Mailing List",
"Vendor Advisory"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/03/19/5",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
]
}
]
}

30
CVE-2024/CVE-2024-485xx/CVE-2024-48590.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-48590",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-20T14:15:20.830",
"lastModified": "2025-03-24T15:15:15.467",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-01T20:20:06.210",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,30 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/GCatt-AS/CVE-2024-48590/blob/main/README.md",
"source": "cve@mitre.org"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:inflectra:spirateam:7.2.00:*:*:*:*:*:*:*",
"matchCriteriaId": "056C821A-C884-4EAB-BF82-157F7094C4B0"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/GCatt-AS/CVE-2024-48590/blob/main/README.md",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

30
CVE-2024/CVE-2024-485xx/CVE-2024-48591.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-48591",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-20T15:15:43.270",
"lastModified": "2025-03-21T19:15:45.090",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-01T20:19:00.520",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,30 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/GCatt-AS/CVE-2024-48591",
"source": "cve@mitre.org"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:inflectra:spirateam:7.2.00:*:*:*:*:*:*:*",
"matchCriteriaId": "056C821A-C884-4EAB-BF82-157F7094C4B0"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/GCatt-AS/CVE-2024-48591",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

61
CVE-2024/CVE-2024-49xx/CVE-2024-4990.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-4990",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:32.603",
"lastModified": "2025-03-20T14:15:20.940",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-01T20:34:07.170",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -51,14 +73,37 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://huntr.com/bounties/4fbdd965-02b6-42e4-b57b-f98f93415b8f",
"source": "security@huntr.dev"
},
"nodes": [
{
"url": "https://huntr.com/bounties/4fbdd965-02b6-42e4-b57b-f98f93415b8f",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:yiiframework:yii:2.0.48:*:*:*:*:*:*:*",
"matchCriteriaId": "AD3527DB-B167-495B-82CE-369A37FE4ACF"
}
]
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/4fbdd965-02b6-42e4-b57b-f98f93415b8f",
"source": "security@huntr.dev",
"tags": [
"Exploit"
]
},
{
"url": "https://huntr.com/bounties/4fbdd965-02b6-42e4-b57b-f98f93415b8f",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit"
]
}
]
}

8
CVE-2024/CVE-2024-514xx/CVE-2024-51477.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-51477",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-03-29T00:15:23.950",
"lastModified": "2025-03-29T00:15:23.950",
"vulnStatus": "Received",
"lastModified": "2025-04-01T20:26:30.593",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM InfoSphere Information Server 11.7 \n\ncould allow an authenticated to obtain sensitive username information due to an observable response discrepancy."
},
{
"lang": "es",
"value": "IBM InfoSphere Information Server 11.7 podr\u00eda permitir que un usuario autenticado obtenga informaci\u00f3n de nombre de usuario confidencial debido a una discrepancia de respuesta observable."
}
],
"metrics": {

40
CVE-2024/CVE-2024-533xx/CVE-2024-53348.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-53348",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-21T16:15:17.867",
"lastModified": "2025-03-24T18:15:20.017",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-01T20:21:41.540",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,38 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://gist.github.com/HouqiyuA/8c734c849c1a9b69ac96c46eba4acbcb",
"source": "cve@mitre.org"
},
"nodes": [
{
"url": "https://github.com/loxilb-io/loxilb",
"source": "cve@mitre.org"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:loxilb:loxilb:*:*:*:*:*:*:*:*",
"versionEndIncluding": "0.9.7",
"matchCriteriaId": "E826B3FE-5796-4333-9155-E9CC6D573B42"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/HouqiyuA/8c734c849c1a9b69ac96c46eba4acbcb",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/loxilb-io/loxilb",
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

49
CVE-2024/CVE-2024-533xx/CVE-2024-53349.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-53349",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-21T16:15:18.057",
"lastModified": "2025-03-24T18:15:20.177",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-01T20:21:31.210",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,18 +51,45 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://gist.github.com/HouqiyuA/2a34c8f95dac7d9d8d7df7732403f383",
"source": "cve@mitre.org"
},
"nodes": [
{
"url": "https://github.com/Kuadrant/kuadrant-operator",
"source": "cve@mitre.org"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://www.cncf.io/projects/kuadrant/",
"source": "cve@mitre.org"
"vulnerable": true,
"criteria": "cpe:2.3:a:linuxfoundation:kuadrant:*:*:*:*:*:*:*:*",
"versionEndIncluding": "0.11.3",
"matchCriteriaId": "FCF51F2E-444B-4404-87F7-3E0FF321DCA3"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/HouqiyuA/2a34c8f95dac7d9d8d7df7732403f383",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/Kuadrant/kuadrant-operator",
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://www.cncf.io/projects/kuadrant/",
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

49
CVE-2024/CVE-2024-533xx/CVE-2024-53350.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-53350",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-21T17:15:38.527",
"lastModified": "2025-03-24T18:15:20.337",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-01T20:21:20.827",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,18 +51,45 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://gist.github.com/HouqiyuA/1cb964206e0d6bebd1c57a124c55fa03",
"source": "cve@mitre.org"
},
"nodes": [
{
"url": "https://github.com/kubeslice/kubeslice",
"source": "cve@mitre.org"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://kubeslice.io/documentation/open-source/1.3.0",
"source": "cve@mitre.org"
"vulnerable": true,
"criteria": "cpe:2.3:a:kubeslice:kubeslice:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.3.1",
"matchCriteriaId": "9175D18B-A090-4856-83AA-A8C39F176F16"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/HouqiyuA/1cb964206e0d6bebd1c57a124c55fa03",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/kubeslice/kubeslice",
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://kubeslice.io/documentation/open-source/1.3.0",
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

49
CVE-2024/CVE-2024-533xx/CVE-2024-53351.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-53351",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-21T17:15:38.673",
"lastModified": "2025-03-24T15:15:15.680",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-01T20:21:11.107",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,18 +51,45 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://gist.github.com/HouqiyuA/948a808b8bd48b17b37a4d5e0b6fb005",
"source": "cve@mitre.org"
},
"nodes": [
{
"url": "https://github.com/pipe-cd/pipecd",
"source": "cve@mitre.org"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://pipecd.dev/",
"source": "cve@mitre.org"
"vulnerable": true,
"criteria": "cpe:2.3:a:linuxfoundation:pipecd:*:*:*:*:*:*:*:*",
"versionEndIncluding": "0.49.3",
"matchCriteriaId": "E4081E37-1853-44F7-A321-E424C1045F96"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/HouqiyuA/948a808b8bd48b17b37a4d5e0b6fb005",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/pipe-cd/pipecd",
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://pipecd.dev/",
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

43
CVE-2024/CVE-2024-540xx/CVE-2024-54016.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-54016",
"sourceIdentifier": "security@apache.org",
"published": "2025-03-20T09:15:12.963",
"lastModified": "2025-03-20T19:15:30.597",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-01T20:35:54.023",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,41 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://lists.apache.org/thread/grn0x8tmssx07qc9z50lwgmrkwzrrhzg",
"source": "security@apache.org"
},
"nodes": [
{
"url": "http://www.openwall.com/lists/oss-security/2025/03/19/6",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:seata:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.0.0",
"versionEndExcluding": "2.3.0",
"matchCriteriaId": "CBB1A8DC-8C4F-484E-B06B-803A2B4D6A40"
}
]
}
]
}
],
"references": [
{
"url": "https://lists.apache.org/thread/grn0x8tmssx07qc9z50lwgmrkwzrrhzg",
"source": "security@apache.org",
"tags": [
"Mailing List",
"Vendor Advisory"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/03/19/6",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
]
}
]
}

4
CVE-2024/CVE-2024-545xx/CVE-2024-54533.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-54533",
"sourceIdentifier": "product-security@apple.com",
"published": "2025-03-31T23:15:16.027",
"lastModified": "2025-04-01T19:15:43.083",
"vulnStatus": "Received",
"lastModified": "2025-04-01T20:26:22.890",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-548xx/CVE-2024-54802.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-54802",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-31T21:15:47.203",
"lastModified": "2025-03-31T21:15:47.203",
"vulnStatus": "Received",
"lastModified": "2025-04-01T20:26:22.890",
"vulnStatus": "Awaiting Analysis",
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",

4
CVE-2024/CVE-2024-548xx/CVE-2024-54803.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-54803",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-31T21:15:47.377",
"lastModified": "2025-03-31T21:15:47.377",
"vulnStatus": "Received",
"lastModified": "2025-04-01T20:26:22.890",
"vulnStatus": "Awaiting Analysis",
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",

4
CVE-2024/CVE-2024-548xx/CVE-2024-54804.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-54804",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-31T21:15:47.560",
"lastModified": "2025-03-31T21:15:47.560",
"vulnStatus": "Received",
"lastModified": "2025-04-01T20:26:22.890",
"vulnStatus": "Awaiting Analysis",
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",

4
CVE-2024/CVE-2024-548xx/CVE-2024-54805.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-54805",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-31T21:15:47.737",
"lastModified": "2025-03-31T21:15:47.737",
"vulnStatus": "Received",
"lastModified": "2025-04-01T20:26:22.890",
"vulnStatus": "Awaiting Analysis",
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",

4
CVE-2024/CVE-2024-548xx/CVE-2024-54806.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-54806",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-31T21:15:47.923",
"lastModified": "2025-03-31T21:15:47.923",
"vulnStatus": "Received",
"lastModified": "2025-04-01T20:26:22.890",
"vulnStatus": "Awaiting Analysis",
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",

4
CVE-2024/CVE-2024-548xx/CVE-2024-54807.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-54807",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-31T21:15:48.090",
"lastModified": "2025-03-31T21:15:48.090",
"vulnStatus": "Received",
"lastModified": "2025-04-01T20:26:22.890",
"vulnStatus": "Awaiting Analysis",
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",

4
CVE-2024/CVE-2024-548xx/CVE-2024-54808.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-54808",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-31T21:15:48.310",
"lastModified": "2025-03-31T21:15:48.310",
"vulnStatus": "Received",
"lastModified": "2025-04-01T20:26:22.890",
"vulnStatus": "Awaiting Analysis",
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",

4
CVE-2024/CVE-2024-548xx/CVE-2024-54809.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-54809",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-31T21:15:48.527",
"lastModified": "2025-03-31T21:15:48.527",
"vulnStatus": "Received",
"lastModified": "2025-04-01T20:26:22.890",
"vulnStatus": "Awaiting Analysis",
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",

4
CVE-2024/CVE-2024-550xx/CVE-2024-55093.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-55093",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-31T13:15:42.160",
"lastModified": "2025-03-31T13:15:42.160",
"vulnStatus": "Received",
"lastModified": "2025-04-01T20:26:30.593",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

8
CVE-2024/CVE-2024-558xx/CVE-2024-55895.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-55895",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-03-29T13:15:40.410",
"lastModified": "2025-03-29T13:15:40.410",
"vulnStatus": "Received",
"lastModified": "2025-04-01T20:26:30.593",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system."
},
{
"lang": "es",
"value": "IBM InfoSphere Information Server 11.7 podr\u00eda permitir que un atacante remoto obtenga informaci\u00f3n confidencial al recibir un mensaje de error t\u00e9cnico detallado en el navegador. Esta informaci\u00f3n podr\u00eda utilizarse en futuros ataques contra el sistema."
}
],
"metrics": {

4
CVE-2024/CVE-2024-563xx/CVE-2024-56325.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-56325",
"sourceIdentifier": "security@apache.org",
"published": "2025-04-01T09:15:15.240",
"lastModified": "2025-04-01T10:15:15.360",
"vulnStatus": "Received",
"lastModified": "2025-04-01T20:26:11.547",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

45
CVE-2024/CVE-2024-569xx/CVE-2024-56975.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2024-56975",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-28T21:15:17.207",
"lastModified": "2025-03-28T21:15:17.207",
"vulnStatus": "Received",
"lastModified": "2025-04-01T20:26:30.593",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "InvoicePlane (all versions tested as of December 2024) v.1.6.11 and before contains a remote code execution vulnerability in the upload_file method of the Upload controller."
},
{
"lang": "es",
"value": "InvoicePlane (todas las versiones probadas a diciembre de 2024) v.1.6.11 y anteriores contienen una vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en el m\u00e9todo upload_file del controlador Upload."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/InvoicePlane/InvoicePlane/pull/1127",

49
CVE-2024/CVE-2024-570xx/CVE-2024-57083.json
View File

@ -2,20 +2,63 @@
"id": "CVE-2024-57083",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-28T21:15:17.307",
"lastModified": "2025-03-28T21:15:17.307",
"vulnStatus": "Received",
"lastModified": "2025-04-01T20:26:30.593",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A prototype pollution in the component Module.mergeObjects (redoc/bundles/redoc.lib.js:2) of redoc <= 2.2.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload."
},
{
"lang": "es",
"value": "Un prototipo de contaminaci\u00f3n en el componente Module.mergeObjects (redoc/bundles/redoc.lib.js:2) de redoc &lt;= 2.2.0 permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) mediante el suministro de un payload manipulado."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1321"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/Redocly/redoc/issues/2499",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/Redocly/redoc/issues/2499",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

40
CVE-2024/CVE-2024-571xx/CVE-2024-57151.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-57151",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-18T21:15:31.663",
"lastModified": "2025-03-31T15:15:42.897",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-01T20:37:14.433",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,38 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/jcxj/jcxj/blob/master/source/_posts/%E4%BF%A1%E5%91%BCoa%E5%AE%A1%E8%AE%A1.md",
"source": "cve@mitre.org"
},
"nodes": [
{
"url": "https://github.com/l1uyi/cve-list/blob/main/cve-list/xinhu-CVE-2024-57171.md",
"source": "cve@mitre.org"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rockoa:xinhu:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.6.5",
"matchCriteriaId": "A05AFE82-3E79-4B4C-8FA3-34DF34E27DBA"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/jcxj/jcxj/blob/master/source/_posts/%E4%BF%A1%E5%91%BCoa%E5%AE%A1%E8%AE%A1.md",
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "https://github.com/l1uyi/cve-list/blob/main/cve-list/xinhu-CVE-2024-57171.md",
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

43
CVE-2024/CVE-2024-574xx/CVE-2024-57490.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-57490",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-21T14:15:15.120",
"lastModified": "2025-03-24T18:15:21.473",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-01T20:23:36.507",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Guangzhou Hongfan Technology Co., LTD. iOffice20 has any user login vulnerability. An attacker can log in to any system account including the system administrator through a logical flaw."
},
{
"lang": "es",
"value": "iOffice20 de Guangzhou Hongfan Technology Co., LTD. presenta una vulnerabilidad de inicio de sesi\u00f3n. Un atacante puede iniciar sesi\u00f3n en cualquier cuenta del sistema, incluyendo la del administrador, mediante una falla l\u00f3gica."
}
],
"metrics": {
@ -47,14 +51,37 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://gist.github.com/NaliangzzZ/44bfcc1d9c2cf275d2b6683ca9e20980",
"source": "cve@mitre.org"
},
"nodes": [
{
"url": "https://www.ioffice.cn",
"source": "cve@mitre.org"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ioffice:ioffice20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D395BD7D-09D8-4A38-B011-BFE6B49B6485"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/NaliangzzZ/44bfcc1d9c2cf275d2b6683ca9e20980",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.ioffice.cn",
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

8
CVE-2024/CVE-2024-581xx/CVE-2024-58128.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-58128",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-28T22:15:17.197",
"lastModified": "2025-03-28T23:15:17.707",
"vulnStatus": "Received",
"lastModified": "2025-04-01T20:26:30.593",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In MISP before 2.4.193, menu_custom_right_link parameters can be set via the UI (i.e., without using the CLI) and thus attackers with admin privileges can conduct XSS attacks via a global menu link."
},
{
"lang": "es",
"value": "En MISP anterior a 2.4.193, los par\u00e1metros menu_custom_right_link se pueden configurar a trav\u00e9s de la interfaz de usuario (es decir, sin utilizar la CLI) y, por lo tanto, los atacantes con privilegios de administrador pueden realizar ataques XSS a trav\u00e9s de un enlace de men\u00fa global."
}
],
"metrics": {

8
CVE-2024/CVE-2024-581xx/CVE-2024-58129.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-58129",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-28T22:15:17.333",
"lastModified": "2025-03-28T23:15:17.860",
"vulnStatus": "Received",
"lastModified": "2025-04-01T20:26:30.593",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In MISP before 2.4.193, menu_custom_right_link_html parameters can be set via the UI (i.e., without using the CLI) and thus attackers with admin privileges can conduct XSS attacks against every page."
},
{
"lang": "es",
"value": "En MISP anterior a 2.4.193, los par\u00e1metros menu_custom_right_link_html se pueden configurar a trav\u00e9s de la interfaz de usuario (es decir, sin utilizar la CLI) y, por lo tanto, los atacantes con privilegios de administrador pueden realizar ataques XSS contra cada p\u00e1gina."
}
],
"metrics": {

8
CVE-2024/CVE-2024-581xx/CVE-2024-58130.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-58130",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-28T22:15:17.463",
"lastModified": "2025-03-28T23:15:18.013",
"vulnStatus": "Received",
"lastModified": "2025-04-01T20:26:30.593",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In app/Controller/Component/RestResponseComponent.php in MISP before 2.4.193, REST endpoints have a lack of sanitization for non-JSON responses."
},
{
"lang": "es",
"value": "En app/Controller/Component/RestResponseComponent.php en MISP anterior a 2.4.193, los endpoints REST carecen de depuraci\u00f3n para respuestas que no sean JSON."
}
],
"metrics": {

61
CVE-2024/CVE-2024-68xx/CVE-2024-6838.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-6838",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:33.620",
"lastModified": "2025-03-20T15:15:44.157",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-01T20:33:56.510",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -51,14 +73,37 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://huntr.com/bounties/8ad52cb2-2cda-4eb0-aec9-586060ee43e0",
"source": "security@huntr.dev"
},
"nodes": [
{
"url": "https://huntr.com/bounties/8ad52cb2-2cda-4eb0-aec9-586060ee43e0",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lfprojects:mlflow:2.13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2AC00A6B-F1BE-4DA6-892D-C24FEE5FA97D"
}
]
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/8ad52cb2-2cda-4eb0-aec9-586060ee43e0",
"source": "security@huntr.dev",
"tags": [
"Exploit"
]
},
{
"url": "https://huntr.com/bounties/8ad52cb2-2cda-4eb0-aec9-586060ee43e0",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit"
]
}
]
}

8
CVE-2024/CVE-2024-68xx/CVE-2024-6875.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-6875",
"sourceIdentifier": "secalert@redhat.com",
"published": "2025-03-28T21:15:17.400",
"lastModified": "2025-03-28T21:15:17.400",
"vulnStatus": "Received",
"lastModified": "2025-04-01T20:26:30.593",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in the Infinispan component in Red Hat Data Grid. The REST compare API may have a buffer leak and an out of memory error can occur when sending continual requests with large POST data to the REST API."
},
{
"lang": "es",
"value": "Se detect\u00f3 una vulnerabilidad en el componente Infinispan de Red Hat Data Grid. La API de comparaci\u00f3n REST podr\u00eda tener una fuga de b\u00fafer y un error de memoria insuficiente al enviar solicitudes continuas con grandes cantidades de datos POST a la API REST."
}
],
"metrics": {

61
CVE-2024/CVE-2024-70xx/CVE-2024-7053.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7053",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:36.217",
"lastModified": "2025-03-20T14:15:21.553",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-01T20:33:49.153",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"baseScore": 9.0,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -51,14 +73,37 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://huntr.com/bounties/947f8191-0abf-4adf-b7c4-d4c19683aba2",
"source": "security@huntr.dev"
},
"nodes": [
{
"url": "https://huntr.com/bounties/947f8191-0abf-4adf-b7c4-d4c19683aba2",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openwebui:open_webui:0.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "7BFA5C2D-BD4F-4BD5-8D4E-D3BE4036FFA4"
}
]
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/947f8191-0abf-4adf-b7c4-d4c19683aba2",
"source": "security@huntr.dev",
"tags": [
"Exploit"
]
},
{
"url": "https://huntr.com/bounties/947f8191-0abf-4adf-b7c4-d4c19683aba2",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit"
]
}
]
}

8
CVE-2024/CVE-2024-75xx/CVE-2024-7577.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-7577",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-03-29T00:15:24.257",
"lastModified": "2025-03-29T00:15:24.257",
"vulnStatus": "Received",
"lastModified": "2025-04-01T20:26:30.593",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM InfoSphere Information Server 11.7 could disclose sensitive user credentials from log files during new installation of the product."
},
{
"lang": "es",
"value": "IBM InfoSphere Information Server 11.7 podr\u00eda revelar credenciales de usuario confidenciales de los archivos de registro durante una nueva instalaci\u00f3n del producto."
}
],
"metrics": {

61
CVE-2024/CVE-2024-77xx/CVE-2024-7765.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7765",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:36.867",
"lastModified": "2025-03-20T15:15:44.283",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-01T20:33:36.027",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -51,14 +73,37 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://huntr.com/bounties/0e58b1a5-bdca-4e60-af92-09de9c76a9ff",
"source": "security@huntr.dev"
},
"nodes": [
{
"url": "https://huntr.com/bounties/0e58b1a5-bdca-4e60-af92-09de9c76a9ff",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:h2o:h2o:3.46.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E878E124-1F83-48A9-9DEF-CAABDEBAB8BA"
}
]
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/0e58b1a5-bdca-4e60-af92-09de9c76a9ff",
"source": "security@huntr.dev",
"tags": [
"Exploit"
]
},
{
"url": "https://huntr.com/bounties/0e58b1a5-bdca-4e60-af92-09de9c76a9ff",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit"
]
}
]
}

61
CVE-2024/CVE-2024-77xx/CVE-2024-7767.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7767",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:37.007",
"lastModified": "2025-03-20T14:15:21.697",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-01T20:32:42.353",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -51,14 +73,37 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://huntr.com/bounties/1425dada-72d8-4bd9-a3e7-2863bb3e1a6c",
"source": "security@huntr.dev"
},
"nodes": [
{
"url": "https://huntr.com/bounties/1425dada-72d8-4bd9-a3e7-2863bb3e1a6c",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:onyx:onyx:0.3.94:*:*:*:*:*:*:*",
"matchCriteriaId": "27CB937B-3A49-4F61-9EA4-572AD261D653"
}
]
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/1425dada-72d8-4bd9-a3e7-2863bb3e1a6c",
"source": "security@huntr.dev",
"tags": [
"Exploit"
]
},
{
"url": "https://huntr.com/bounties/1425dada-72d8-4bd9-a3e7-2863bb3e1a6c",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit"
]
}
]
}

61
CVE-2024/CVE-2024-81xx/CVE-2024-8101.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-8101",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:41.130",
"lastModified": "2025-03-20T13:15:36.007",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-01T20:32:35.820",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -51,14 +73,37 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://huntr.com/bounties/60cf2b93-a9a2-435e-a222-3d6abde26adb",
"source": "security@huntr.dev"
},
"nodes": [
{
"url": "https://huntr.com/bounties/60cf2b93-a9a2-435e-a222-3d6abde26adb",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:aimstack:aim:3.23.0:*:*:*:*:*:*:*",
"matchCriteriaId": "99D76F67-9F8E-413B-B64B-108170DE3764"
}
]
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/60cf2b93-a9a2-435e-a222-3d6abde26adb",
"source": "security@huntr.dev",
"tags": [
"Exploit"
]
},
{
"url": "https://huntr.com/bounties/60cf2b93-a9a2-435e-a222-3d6abde26adb",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit"
]
}
]
}

71
CVE-2024/CVE-2024-81xx/CVE-2024-8156.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-8156",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:41.247",
"lastModified": "2025-03-20T14:15:22.073",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-01T20:32:28.977",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -51,18 +73,45 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/significant-gravitas/autogpt/commit/1df7d527dd37dff8363dc162fb58d300f072e302",
"source": "security@huntr.dev"
},
"nodes": [
{
"url": "https://huntr.com/bounties/959efe87-f109-4cef-94d8-90ff2c7aef51",
"source": "security@huntr.dev"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://huntr.com/bounties/959efe87-f109-4cef-94d8-90ff2c7aef51",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"vulnerable": true,
"criteria": "cpe:2.3:a:agpt:autogpt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.5.1",
"matchCriteriaId": "797BDA77-D20F-4764-AD3B-AB54F757AB49"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/significant-gravitas/autogpt/commit/1df7d527dd37dff8363dc162fb58d300f072e302",
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.com/bounties/959efe87-f109-4cef-94d8-90ff2c7aef51",
"source": "security@huntr.dev",
"tags": [
"Exploit"
]
},
{
"url": "https://huntr.com/bounties/959efe87-f109-4cef-94d8-90ff2c7aef51",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit"
]
}
]
}

71
CVE-2024/CVE-2024-84xx/CVE-2024-8400.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-8400",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:42.110",
"lastModified": "2025-03-20T16:15:14.417",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-01T20:32:15.687",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -51,18 +73,45 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/gaizhenbiao/chuanhuchatgpt/commit/2cca68e34f029babbe4eaa5a77d220dad68fdd49",
"source": "security@huntr.dev"
},
"nodes": [
{
"url": "https://huntr.com/bounties/405f16b8-848e-427d-a61a-ea7d3fd6f0e3",
"source": "security@huntr.dev"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://huntr.com/bounties/405f16b8-848e-427d-a61a-ea7d3fd6f0e3",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"vulnerable": true,
"criteria": "cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "20240410",
"matchCriteriaId": "938D1F89-AA32-4C06-AE3E-39A84D69FE34"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/gaizhenbiao/chuanhuchatgpt/commit/2cca68e34f029babbe4eaa5a77d220dad68fdd49",
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.com/bounties/405f16b8-848e-427d-a61a-ea7d3fd6f0e3",
"source": "security@huntr.dev",
"tags": [
"Exploit"
]
},
{
"url": "https://huntr.com/bounties/405f16b8-848e-427d-a61a-ea7d3fd6f0e3",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit"
]
}
]
}

61
CVE-2024/CVE-2024-84xx/CVE-2024-8487.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-8487",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:42.360",
"lastModified": "2025-03-20T13:15:36.117",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-01T20:32:06.197",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -51,14 +73,37 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://huntr.com/bounties/7aca7507-a94e-4e63-83a2-15648e5c4067",
"source": "security@huntr.dev"
},
"nodes": [
{
"url": "https://huntr.com/bounties/7aca7507-a94e-4e63-83a2-15648e5c4067",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:modelscope:agentscope:0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D90FB84B-BF69-41F6-875D-BFB3C19EB9CC"
}
]
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/7aca7507-a94e-4e63-83a2-15648e5c4067",
"source": "security@huntr.dev",
"tags": [
"Exploit"
]
},
{
"url": "https://huntr.com/bounties/7aca7507-a94e-4e63-83a2-15648e5c4067",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit"
]
}
]
}

61
CVE-2024/CVE-2024-85xx/CVE-2024-8501.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-8501",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:42.610",
"lastModified": "2025-03-20T15:15:44.657",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-01T20:31:58.713",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -51,14 +73,37 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://huntr.com/bounties/83e433c0-ed2d-4b10-8358-d3c1eee0a47c",
"source": "security@huntr.dev"
},
"nodes": [
{
"url": "https://huntr.com/bounties/83e433c0-ed2d-4b10-8358-d3c1eee0a47c",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:modelscope:agentscope:0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D90FB84B-BF69-41F6-875D-BFB3C19EB9CC"
}
]
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/83e433c0-ed2d-4b10-8358-d3c1eee0a47c",
"source": "security@huntr.dev",
"tags": [
"Exploit"
]
},
{
"url": "https://huntr.com/bounties/83e433c0-ed2d-4b10-8358-d3c1eee0a47c",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit"
]
}
]
}

61
CVE-2024/CVE-2024-85xx/CVE-2024-8524.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-8524",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:42.853",
"lastModified": "2025-03-20T15:15:44.790",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-01T20:31:52.367",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -51,14 +73,37 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://huntr.com/bounties/cc4acf33-700d-4220-8a8a-db28f5c4cc8f",
"source": "security@huntr.dev"
},
"nodes": [
{
"url": "https://huntr.com/bounties/cc4acf33-700d-4220-8a8a-db28f5c4cc8f",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:modelscope:agentscope:0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D90FB84B-BF69-41F6-875D-BFB3C19EB9CC"
}
]
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/cc4acf33-700d-4220-8a8a-db28f5c4cc8f",
"source": "security@huntr.dev",
"tags": [
"Exploit"
]
},
{
"url": "https://huntr.com/bounties/cc4acf33-700d-4220-8a8a-db28f5c4cc8f",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit"
]
}
]
}

62
CVE-2024/CVE-2024-85xx/CVE-2024-8556.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-8556",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:43.230",
"lastModified": "2025-03-20T13:15:36.213",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-01T20:31:16.397",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -51,14 +73,38 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://huntr.com/bounties/8439f16b-5256-4466-bb7d-371572572a4b",
"source": "security@huntr.dev"
},
"nodes": [
{
"url": "https://huntr.com/bounties/8439f16b-5256-4466-bb7d-371572572a4b",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:modelscope:agentscope:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2024-08-09",
"matchCriteriaId": "5726D6D6-9147-4E3C-910A-4BCAC19B5764"
}
]
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/8439f16b-5256-4466-bb7d-371572572a4b",
"source": "security@huntr.dev",
"tags": [
"Exploit"
]
},
{
"url": "https://huntr.com/bounties/8439f16b-5256-4466-bb7d-371572572a4b",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit"
]
}
]
}

63
CVE-2024/CVE-2024-87xx/CVE-2024-8736.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-8736",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:43.720",
"lastModified": "2025-03-20T16:15:14.520",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-01T20:31:03.013",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -49,16 +71,49 @@
"value": "CWE-400"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lollms:lollms_web_ui:12:*:*:*:*:*:*:*",
"matchCriteriaId": "13C2AF1C-0ECA-4677-8686-A1F6F67A5E0B"
}
]
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/935dbc03-1b43-4dbb-b6cd-1aa95a789d4f",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit"
]
},
{
"url": "https://huntr.com/bounties/935dbc03-1b43-4dbb-b6cd-1aa95a789d4f",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit"
]
}
]
}

64
CVE-2024/CVE-2024-87xx/CVE-2024-8769.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-8769",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:44.220",
"lastModified": "2025-03-20T13:15:36.303",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-01T20:30:56.033",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -49,16 +71,50 @@
"value": "CWE-29"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:aimstack:aim:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.24.0",
"matchCriteriaId": "246E76E0-EE63-475C-BB5B-B08F82996A34"
}
]
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/59d3472f-f581-4beb-a090-afd36a00ecf7",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit"
]
},
{
"url": "https://huntr.com/bounties/59d3472f-f581-4beb-a090-afd36a00ecf7",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit"
]
}
]
}

70
CVE-2024/CVE-2024-88xx/CVE-2024-8898.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-8898",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:44.590",
"lastModified": "2025-03-20T17:15:37.863",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-01T20:30:45.970",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -51,18 +73,44 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/parisneo/lollms-webui/commit/6d07c8a0dd0a15cc060becc73fda9fe8e788eb23",
"source": "security@huntr.dev"
},
"nodes": [
{
"url": "https://huntr.com/bounties/6072371f-0ddc-42e3-9207-1c6d6b18d32f",
"source": "security@huntr.dev"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://huntr.com/bounties/6072371f-0ddc-42e3-9207-1c6d6b18d32f",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"vulnerable": true,
"criteria": "cpe:2.3:a:lollms:lollms_web_ui:12:*:*:*:*:*:*:*",
"matchCriteriaId": "13C2AF1C-0ECA-4677-8686-A1F6F67A5E0B"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/parisneo/lollms-webui/commit/6d07c8a0dd0a15cc060becc73fda9fe8e788eb23",
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.com/bounties/6072371f-0ddc-42e3-9207-1c6d6b18d32f",
"source": "security@huntr.dev",
"tags": [
"Exploit"
]
},
{
"url": "https://huntr.com/bounties/6072371f-0ddc-42e3-9207-1c6d6b18d32f",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit"
]
}
]
}

61
CVE-2024/CVE-2024-89xx/CVE-2024-8952.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-8952",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:44.720",
"lastModified": "2025-03-20T16:15:14.620",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-01T20:30:34.327",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -51,14 +73,37 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://huntr.com/bounties/d1acdd38-10d7-45df-9df0-9fc71f0e1c2a",
"source": "security@huntr.dev"
},
"nodes": [
{
"url": "https://huntr.com/bounties/d1acdd38-10d7-45df-9df0-9fc71f0e1c2a",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:composio:composio:0.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0DF257CD-DA4B-4ECD-B5E6-13EFBD953859"
}
]
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/d1acdd38-10d7-45df-9df0-9fc71f0e1c2a",
"source": "security@huntr.dev",
"tags": [
"Exploit"
]
},
{
"url": "https://huntr.com/bounties/d1acdd38-10d7-45df-9df0-9fc71f0e1c2a",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit"
]
}
]
}

63
CVE-2024/CVE-2024-89xx/CVE-2024-8953.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-8953",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:44.843",
"lastModified": "2025-03-20T19:15:33.943",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-01T20:30:28.420",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -49,16 +71,49 @@
"value": "CWE-627"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-913"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:composio:composio:0.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "17A3924D-B2D4-467A-935A-CF760AA17B7D"
}
]
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/8203d721-e05f-4500-a5bc-c0bec980420c",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit"
]
},
{
"url": "https://huntr.com/bounties/8203d721-e05f-4500-a5bc-c0bec980420c",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit"
]
}
]
}

61
CVE-2024/CVE-2024-89xx/CVE-2024-8958.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-8958",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:45.220",
"lastModified": "2025-03-20T14:15:22.220",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-01T20:30:20.887",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -51,14 +73,37 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://huntr.com/bounties/e152b094-0593-428e-b813-068d2390ce68",
"source": "security@huntr.dev"
},
"nodes": [
{
"url": "https://huntr.com/bounties/e152b094-0593-428e-b813-068d2390ce68",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:composio:composio:0.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "17A3924D-B2D4-467A-935A-CF760AA17B7D"
}
]
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/e152b094-0593-428e-b813-068d2390ce68",
"source": "security@huntr.dev",
"tags": [
"Exploit"
]
},
{
"url": "https://huntr.com/bounties/e152b094-0593-428e-b813-068d2390ce68",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit"
]
}
]
}

63
CVE-2024/CVE-2024-89xx/CVE-2024-8966.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-8966",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:45.340",
"lastModified": "2025-03-20T16:15:14.727",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-01T20:30:12.443",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -49,16 +71,49 @@
"value": "CWE-400"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gradio:video:0.10.2:*:*:*:*:gradio:*:*",
"matchCriteriaId": "A1A0C389-21D5-42BC-9E24-9B1BD2614543"
}
]
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/7b5932bb-58d1-4e71-b85c-43dc40522ff2",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit"
]
},
{
"url": "https://huntr.com/bounties/7b5932bb-58d1-4e71-b85c-43dc40522ff2",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit"
]
}
]
}

69
CVE-2024/CVE-2024-89xx/CVE-2024-8998.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-8998",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:45.707",
"lastModified": "2025-03-20T16:15:14.823",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-01T20:30:00.360",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -49,20 +71,57 @@
"value": "CWE-400"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1333"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lunary:lunary:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.4.26",
"matchCriteriaId": "7F305269-C264-41FA-9611-4F271C6CF9EE"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/lunary-ai/lunary/commit/f2bfa036caf2c48686474f4560a9c5abcf5f43b7",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.com/bounties/4dbd8648-1dca-4f95-b74f-978ef030e97e",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit"
]
},
{
"url": "https://huntr.com/bounties/4dbd8648-1dca-4f95-b74f-978ef030e97e",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit"
]
}
]
}

4
CVE-2025/CVE-2025-04xx/CVE-2025-0416.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-0416",
"sourceIdentifier": "db4dfee8-a97e-4877-bfae-eba6d14a2166",
"published": "2025-04-01T04:15:37.727",
"lastModified": "2025-04-01T04:15:37.727",
"vulnStatus": "Received",
"lastModified": "2025-04-01T20:26:11.547",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2025/CVE-2025-04xx/CVE-2025-0417.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-0417",
"sourceIdentifier": "db4dfee8-a97e-4877-bfae-eba6d14a2166",
"published": "2025-04-01T04:15:38.363",
"lastModified": "2025-04-01T04:15:38.363",
"vulnStatus": "Received",
"lastModified": "2025-04-01T20:26:11.547",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2025/CVE-2025-04xx/CVE-2025-0418.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-0418",
"sourceIdentifier": "db4dfee8-a97e-4877-bfae-eba6d14a2166",
"published": "2025-04-01T04:15:39.550",
"lastModified": "2025-04-01T04:15:39.550",
"vulnStatus": "Received",
"lastModified": "2025-04-01T20:26:11.547",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

8
CVE-2025/CVE-2025-06xx/CVE-2025-0613.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-0613",
"sourceIdentifier": "contact@wpscan.com",
"published": "2025-03-31T06:15:29.463",
"lastModified": "2025-03-31T15:15:43.133",
"vulnStatus": "Received",
"lastModified": "2025-04-01T20:26:30.593",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Photo Gallery by 10Web WordPress plugin before 1.8.34 does not sanitised and escaped comment added on images by unauthenticated users, leading to an Unauthenticated Stored-XSS attack when comments are displayed"
},
{
"lang": "es",
"value": "El complemento Photo Gallery de 10Web para WordPress anterior a la versi\u00f3n 1.8.34 no depura ni escapa los comentarios agregados en im\u00e1genes por usuarios no autenticados, lo que genera un ataque XSS almacenado no autenticado cuando se muestran los comentarios. "
}
],
"metrics": {

68
CVE-2025/CVE-2025-06xx/CVE-2025-0655.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-0655",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:53.533",
"lastModified": "2025-03-20T16:15:15.167",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-01T20:20:55.063",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -49,20 +71,56 @@
"value": "CWE-77"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:man:d-tale:3.15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7A997E4-E5BE-404F-8067-45416F578627"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/man-group/dtale/commit/1e26ed3ca12fe83812b90f12a2b3e5fb0b740f7a",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.com/bounties/f63af7bd-5438-4b36-a39b-4c90466cff13",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit"
]
},
{
"url": "https://huntr.com/bounties/f63af7bd-5438-4b36-a39b-4c90466cff13",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit"
]
}
]
}

71
CVE-2025/CVE-2025-10xx/CVE-2025-1040.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-1040",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:53.653",
"lastModified": "2025-03-20T16:15:15.267",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-01T20:19:55.317",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -51,18 +73,45 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/significant-gravitas/autogpt/commit/6dba31e0215549604bdcc1aed24e3a1714e75ee2",
"source": "security@huntr.dev"
},
"nodes": [
{
"url": "https://huntr.com/bounties/b74ef75f-61d5-4422-ab15-9550c8b4f185",
"source": "security@huntr.dev"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://huntr.com/bounties/b74ef75f-61d5-4422-ab15-9550c8b4f185",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"vulnerable": true,
"criteria": "cpe:2.3:a:agpt:autogpt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.4.0",
"matchCriteriaId": "E09F2450-EC08-47EB-9E52-35D1155629B2"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/significant-gravitas/autogpt/commit/6dba31e0215549604bdcc1aed24e3a1714e75ee2",
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.com/bounties/b74ef75f-61d5-4422-ab15-9550c8b4f185",
"source": "security@huntr.dev",
"tags": [
"Exploit"
]
},
{
"url": "https://huntr.com/bounties/b74ef75f-61d5-4422-ab15-9550c8b4f185",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit"
]
}
]
}

8
CVE-2025/CVE-2025-12xx/CVE-2025-1217.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-1217",
"sourceIdentifier": "security@php.net",
"published": "2025-03-29T06:15:36.557",
"lastModified": "2025-03-31T14:15:18.850",
"vulnStatus": "Received",
"lastModified": "2025-04-01T20:26:30.593",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when http request module parses HTTP response obtained from a server, folded headers are parsed incorrectly, which may lead to misinterpreting the response and using incorrect headers, MIME types, etc."
},
{
"lang": "es",
"value": "En PHP desde 8.1.* antes de 8.1.32, desde 8.2.* antes de 8.2.28, desde 8.3.* antes de 8.3.19, desde 8.4.* antes de 8.4.5, cuando el m\u00f3dulo de solicitud http analiza la respuesta HTTP obtenida de un servidor, los encabezados plegados se analizan incorrectamente, lo que puede llevar a una mala interpretaci\u00f3n de la respuesta y al uso de encabezados incorrectos, tipos MIME, etc."
}
],
"metrics": {

8
CVE-2025/CVE-2025-12xx/CVE-2025-1219.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-1219",
"sourceIdentifier": "security@php.net",
"published": "2025-03-30T06:15:13.570",
"lastModified": "2025-03-31T13:15:42.940",
"vulnStatus": "Received",
"lastModified": "2025-04-01T20:26:30.593",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when requesting a HTTP resource using the DOM or SimpleXML extensions, the wrong content-type\u00a0header is used to determine the charset when the requested resource performs a redirect. This may cause the resulting document to be parsed incorrectly or bypass validations."
},
{
"lang": "es",
"value": "En PHP (versi\u00f3n 8.1.* anterior a 8.1.32, 8.2.* anterior a 8.2.28, 8.3.* anterior a 8.3.19 y 8.4.* anterior a 8.4.5), al solicitar un recurso HTTP mediante las extensiones DOM o SimpleXML, se utiliza un encabezado de tipo de contenido incorrecto para determinar el conjunto de caracteres cuando el recurso solicitado realiza una redirecci\u00f3n. Esto puede provocar que el documento resultante se analice incorrectamente o que se omitan las validaciones."
}
],
"metrics": {

Some files were not shown because too many files have changed in this diff Show More