admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-01-17T21:00:27.243000+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-01-17 21:03:53 +00:00
parent d898b7c05c
commit 7508f34b15
95 changed files with 5621 additions and 478 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CVE-2015/CVE-2015-24xx/CVE-2015-2426.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2015-2426",
"sourceIdentifier": "secure@microsoft.com",
"published": "2015-07-20T18:59:01.210",
"lastModified": "2024-11-21T02:27:22.747",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-17T20:23:27.523",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

6
CVE-2021/CVE-2021-39xx/CVE-2021-3918.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-3918",
"sourceIdentifier": "security@huntr.dev",
"published": "2021-11-13T09:15:06.737",
"lastModified": "2024-11-21T06:22:46.393",
"lastModified": "2025-01-17T20:15:26.073",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -193,6 +193,10 @@
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20250117-0004/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}

22
CVE-2022/CVE-2022-462xx/CVE-2022-46286.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-46286",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-03-21T23:15:12.477",
"lastModified": "2024-11-21T07:30:18.723",
"lastModified": "2025-01-17T19:15:26.120",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},

8
CVE-2023/CVE-2023-00xx/CVE-2023-0049.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-0049",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-01-04T16:15:09.047",
"lastModified": "2024-11-21T07:36:27.527",
"lastModified": "2025-01-17T20:15:26.260",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -64,7 +64,7 @@
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -180,6 +180,10 @@
"url": "https://security.gentoo.org/glsa/202305-16",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://security.netapp.com/advisory/ntap-20250117-0005/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://support.apple.com/kb/HT213670",
"source": "af854a3a-2127-422b-91ae-364da2661108"

32
CVE-2023/CVE-2023-279xx/CVE-2023-27923.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-27923",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-05-23T02:15:09.943",
"lastModified": "2024-11-21T07:53:42.473",
"lastModified": "2025-01-17T19:15:26.870",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-279xx/CVE-2023-27925.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-27925",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-05-23T02:15:09.983",
"lastModified": "2024-11-21T07:53:42.590",
"lastModified": "2025-01-17T19:15:27.060",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-279xx/CVE-2023-27926.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-27926",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-05-23T02:15:10.023",
"lastModified": "2024-11-21T07:53:42.710",
"lastModified": "2025-01-17T19:15:27.213",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-283xx/CVE-2023-28367.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-28367",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-05-23T02:15:10.067",
"lastModified": "2024-11-21T07:54:56.047",
"lastModified": "2025-01-17T19:15:27.370",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

22
CVE-2023/CVE-2023-283xx/CVE-2023-28390.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-28390",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-05-23T02:15:10.107",
"lastModified": "2024-11-21T07:54:58.627",
"lastModified": "2025-01-17T19:15:27.540",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 0.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9
}
]
},

32
CVE-2023/CVE-2023-283xx/CVE-2023-28392.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-28392",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-05-23T02:15:10.140",
"lastModified": "2024-11-21T07:54:58.867",
"lastModified": "2025-01-17T19:15:27.707",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-78"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-283xx/CVE-2023-28394.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-28394",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-05-23T02:15:10.180",
"lastModified": "2024-11-21T07:54:59.103",
"lastModified": "2025-01-17T19:15:27.887",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-78"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-284xx/CVE-2023-28408.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-28408",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-05-23T02:15:10.220",
"lastModified": "2024-11-21T07:55:00.487",
"lastModified": "2025-01-17T19:15:28.050",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-22"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-299xx/CVE-2023-29919.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-29919",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-23T01:15:09.820",
"lastModified": "2024-11-21T07:57:38.723",
"lastModified": "2025-01-17T19:15:28.213",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-276"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-303xx/CVE-2023-30382.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-30382",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-23T21:15:09.073",
"lastModified": "2024-11-21T08:00:06.900",
"lastModified": "2025-01-17T19:15:28.400",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-317xx/CVE-2023-31759.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-31759",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-24T00:15:09.450",
"lastModified": "2024-11-21T08:02:15.057",
"lastModified": "2025-01-17T20:15:26.417",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.6,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-294"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-294"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-317xx/CVE-2023-31761.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-31761",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-24T00:15:09.497",
"lastModified": "2024-11-21T08:02:15.193",
"lastModified": "2025-01-17T20:15:26.607",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.6,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-294"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-294"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-317xx/CVE-2023-31762.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-31762",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-24T00:15:09.543",
"lastModified": "2024-11-21T08:02:15.327",
"lastModified": "2025-01-17T20:15:26.797",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.6,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-294"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-294"
}
]
}
],
"configurations": [

6
CVE-2023/CVE-2023-419xx/CVE-2023-41913.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-41913",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-07T05:15:09.173",
"lastModified": "2024-11-21T08:21:54.430",
"lastModified": "2025-01-17T20:15:26.993",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -100,6 +100,10 @@
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPJZPYHBCRXUQGGKQE6TYH4J4RIJH6HO/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://security.netapp.com/advisory/ntap-20250117-0003/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.strongswan.org/blog/2023/11/20/strongswan-vulnerability-%28cve-2023-41913%29.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",

59
CVE-2023/CVE-2023-427xx/CVE-2023-42785.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2023-42785",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:27.083",
"lastModified": "2025-01-14T14:15:27.083",
"vulnStatus": "Received",
"lastModified": "2025-01-17T20:42:36.303",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A null pointer dereference in FortiOS versions 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0 all versions, 6.4 all versions , 6.2 all versions and 6.0 all versions allows attacker to trigger a denial of service via a crafted http request."
},
{
"lang": "es",
"value": "Una desreferencia de puntero nulo en las versiones de FortiOS 7.4.0 a 7.4.1, 7.2.0 a 7.2.5, 7.0 todas las versiones, 6.4 todas las versiones, 6.2 todas las versiones y 6.0 todas las versiones permite a un atacante activar una denegaci\u00f3n de servicio a trav\u00e9s de una solicitud http manipulada."
}
],
"metrics": {
@ -32,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
@ -47,10 +71,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.0.0",
"versionEndExcluding": "7.2.6",
"matchCriteriaId": "C4D18D6E-AD93-4183-B9A9-458E791ED126"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.4.0",
"versionEndExcluding": "7.4.2",
"matchCriteriaId": "4316C2EA-3D6E-4A0C-B81D-ADCE040E03E0"
}
]
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-23-293",
"source": "psirt@fortinet.com"
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-427xx/CVE-2023-42786.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2023-42786",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:27.237",
"lastModified": "2025-01-14T14:15:27.237",
"vulnStatus": "Received",
"lastModified": "2025-01-17T20:42:31.930",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A null pointer dereference in FortiOS versions 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0 all versions, 6.4 all versions , 6.2 all versions and 6.0 all versions allows attacker to trigger a denial of service via a crafted http request."
},
{
"lang": "es",
"value": "Una desreferencia de puntero nulo en las versiones de FortiOS 7.4.0 a 7.4.1, 7.2.0 a 7.2.5, 7.0 todas las versiones, 6.4 todas las versiones, 6.2 todas las versiones y 6.0 todas las versiones permite a un atacante activar una denegaci\u00f3n de servicio a trav\u00e9s de una solicitud http manipulada."
}
],
"metrics": {
@ -32,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
@ -47,10 +71,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.0.0",
"versionEndExcluding": "7.2.6",
"matchCriteriaId": "C4D18D6E-AD93-4183-B9A9-458E791ED126"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.4.0",
"versionEndExcluding": "7.4.2",
"matchCriteriaId": "4316C2EA-3D6E-4A0C-B81D-ADCE040E03E0"
}
]
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-23-293",
"source": "psirt@fortinet.com"
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
]
}
]
}

8
CVE-2023/CVE-2023-524xx/CVE-2023-52434.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-52434",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-02-20T18:15:50.790",
"lastModified": "2025-01-10T19:04:33.103",
"vulnStatus": "Analyzed",
"lastModified": "2025-01-17T20:15:27.203",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -229,6 +229,10 @@
"tags": [
"Mailing List"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20250117-0009/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}

54
CVE-2024/CVE-2024-05xx/CVE-2024-0588.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0588",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:14.363",
"lastModified": "2024-11-21T08:46:57.253",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-17T19:25:52.137",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -39,22 +39,64 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:strangerstudios:paid_memberships_pro:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.0",
"matchCriteriaId": "056698AA-9625-4637-B733-41DE0235F5E3"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3058329/paid-memberships-pro/tags/3.0/includes/compatibility/lifterlms.php?old=2952976&old_path=paid-memberships-pro/trunk/includes/compatibility/lifterlms.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6fd87d34-2e7f-4c75-8816-b39820309077?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3058329/paid-memberships-pro/tags/3.0/includes/compatibility/lifterlms.php?old=2952976&old_path=paid-memberships-pro/trunk/includes/compatibility/lifterlms.php",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6fd87d34-2e7f-4c75-8816-b39820309077?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

6
CVE-2024/CVE-2024-06xx/CVE-2024-0690.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-0690",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-02-06T12:15:55.530",
"lastModified": "2024-11-21T08:47:09.350",
"lastModified": "2025-01-17T20:15:27.403",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -259,6 +259,10 @@
"Issue Tracking",
"Patch"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20250117-0001/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}

32
CVE-2024/CVE-2024-108xx/CVE-2024-10850.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-10850",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-11-13T02:15:14.873",
"lastModified": "2024-11-13T17:01:16.850",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-17T20:25:39.717",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:razorpay:razorpay_payment_button:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.2.6",
"matchCriteriaId": "AC37BC95-E047-4F97-BCA0-771E7E8E0314"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/razorpay-payment-button-elementor/tags/1.2.5/includes/rzp-payment-buttons.php#L78",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9331aa66-2eee-4745-b286-fa6db3bd9f37?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

37
CVE-2024/CVE-2024-108xx/CVE-2024-10851.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-10851",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-11-13T02:15:15.090",
"lastModified": "2024-11-13T17:01:16.850",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-17T20:19:49.767",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,18 +51,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:razorpay:razorpay_payment_button:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.4.7",
"matchCriteriaId": "0DB7334C-5940-445C-A08C-D42B368CB091"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/razorpay-payment-button/tags/2.4.6/includes/rzp-payment-buttons.php#L78",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/razorpay-payment-button/tags/2.4.6/includes/rzp-subscription-buttons.php#L78",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5c0e8e63-2603-4ee4-88f5-e132f9bc7fae?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

52
CVE-2024/CVE-2024-108xx/CVE-2024-10853.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-10853",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-11-13T02:15:15.503",
"lastModified": "2024-11-13T17:01:16.850",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-17T20:17:28.650",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -19,6 +19,26 @@
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -51,14 +71,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zixn:buy_one_click_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.2.9",
"matchCriteriaId": "9E232F1A-032D-4D5D-8883-51FD705F375C"
}
]
}
]
}
],
"references": [
{
"url": "https://wordpress.org/plugins/buy-one-click-woocommerce/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ad73f105-fea8-4bbe-946b-97e61b4b9e57?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

32
CVE-2024/CVE-2024-108xx/CVE-2024-10854.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-10854",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-11-13T02:15:15.717",
"lastModified": "2024-11-13T17:01:16.850",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-17T20:16:10.667",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zixn:buy_one_click_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.2.9",
"matchCriteriaId": "9E232F1A-032D-4D5D-8883-51FD705F375C"
}
]
}
]
}
],
"references": [
{
"url": "https://wordpress.org/plugins/buy-one-click-woocommerce/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b3d9b755-1e6e-44ac-989a-201237f6dc9f?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

113
CVE-2024/CVE-2024-110xx/CVE-2024-11004.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-11004",
"sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"published": "2024-11-12T17:15:06.943",
"lastModified": "2024-11-21T17:15:10.277",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-17T20:05:17.653",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
@ -49,12 +69,99 @@
"value": "CWE-79"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*",
"versionEndExcluding": "22.7",
"matchCriteriaId": "201EB882-0B2A-47DB-B517-1E72A0542B27"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:-:*:*:*:*:*:*",
"matchCriteriaId": "F788F6D9-5368-4B8E-BFA0-E8FB3CDADB01"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1:*:*:*:*:*:*",
"matchCriteriaId": "2927A40D-E8A3-4DB6-9C93-04A6C6035C3D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.1:*:*:*:*:*:*",
"matchCriteriaId": "1399BBB4-E62B-4FF6-B9E3-6AAC68D4D583"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.2:*:*:*:*:*:*",
"matchCriteriaId": "1EAD1423-4477-4C35-BF93-697A2C0697C6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.3:*:*:*:*:*:*",
"matchCriteriaId": "858353BC-12CB-4014-BFCA-DA7B1B3DD4B9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.4:*:*:*:*:*:*",
"matchCriteriaId": "865F72BF-57B2-4B0C-BACE-3500E0AE6751"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.5:*:*:*:*:*:*",
"matchCriteriaId": "39E11407-E0C0-454F-B731-7DA4CBC696EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2:*:*:*:*:*:*",
"matchCriteriaId": "247E71F8-A03B-4097-B7BF-09F8BF3ED4D6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*",
"versionEndExcluding": "22.7",
"matchCriteriaId": "FAD0FC91-CA1E-4DC3-A37E-1BF98906D07C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:-:*:*:*:*:*:*",
"matchCriteriaId": "1F22B988-2585-4853-9838-AB3746C8B888"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1:*:*:*:*:*:*",
"matchCriteriaId": "FD9BE8C2-43EB-4870-A4B7-267CB17A19F1"
}
]
}
]
}
],
"references": [
{
"url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs",
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75"
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"tags": [
"Vendor Advisory"
]
}
]
}

122
CVE-2024/CVE-2024-110xx/CVE-2024-11005.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-11005",
"sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"published": "2024-11-12T17:15:07.130",
"lastModified": "2024-11-22T17:15:06.803",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-17T20:23:26.140",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 6.0
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
@ -49,12 +69,108 @@
"value": "CWE-78"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.1",
"matchCriteriaId": "3281AC31-EAEC-4C8D-A0AA-3CDD1092D3EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*",
"versionStartExcluding": "9.1",
"versionEndExcluding": "22.7",
"matchCriteriaId": "C8B38BEE-671B-4B29-A230-C92ACEE60C74"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:-:*:*:*:*:*:*",
"matchCriteriaId": "F788F6D9-5368-4B8E-BFA0-E8FB3CDADB01"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1:*:*:*:*:*:*",
"matchCriteriaId": "2927A40D-E8A3-4DB6-9C93-04A6C6035C3D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.1:*:*:*:*:*:*",
"matchCriteriaId": "1399BBB4-E62B-4FF6-B9E3-6AAC68D4D583"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.2:*:*:*:*:*:*",
"matchCriteriaId": "1EAD1423-4477-4C35-BF93-697A2C0697C6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.3:*:*:*:*:*:*",
"matchCriteriaId": "858353BC-12CB-4014-BFCA-DA7B1B3DD4B9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.4:*:*:*:*:*:*",
"matchCriteriaId": "865F72BF-57B2-4B0C-BACE-3500E0AE6751"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.5:*:*:*:*:*:*",
"matchCriteriaId": "39E11407-E0C0-454F-B731-7DA4CBC696EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2:*:*:*:*:*:*",
"matchCriteriaId": "247E71F8-A03B-4097-B7BF-09F8BF3ED4D6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.1",
"matchCriteriaId": "368E8A56-50E4-4400-8C18-B7426B112FFC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*",
"versionStartExcluding": "9.1",
"versionEndExcluding": "22.7",
"matchCriteriaId": "0905A2B5-F9DF-48C9-9DA4-2D4C1C7BC0F5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1:*:*:*:*:*:*",
"matchCriteriaId": "FD9BE8C2-43EB-4870-A4B7-267CB17A19F1"
}
]
}
]
}
],
"references": [
{
"url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs",
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75"
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"tags": [
"Vendor Advisory"
]
}
]
}

122
CVE-2024/CVE-2024-110xx/CVE-2024-11006.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-11006",
"sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"published": "2024-11-12T17:15:07.333",
"lastModified": "2024-11-22T17:15:06.913",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-17T20:23:23.497",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 6.0
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
@ -49,12 +69,108 @@
"value": "CWE-78"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.1",
"matchCriteriaId": "3281AC31-EAEC-4C8D-A0AA-3CDD1092D3EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*",
"versionStartExcluding": "9.1",
"versionEndExcluding": "22.7",
"matchCriteriaId": "C8B38BEE-671B-4B29-A230-C92ACEE60C74"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:-:*:*:*:*:*:*",
"matchCriteriaId": "F788F6D9-5368-4B8E-BFA0-E8FB3CDADB01"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1:*:*:*:*:*:*",
"matchCriteriaId": "2927A40D-E8A3-4DB6-9C93-04A6C6035C3D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.1:*:*:*:*:*:*",
"matchCriteriaId": "1399BBB4-E62B-4FF6-B9E3-6AAC68D4D583"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.2:*:*:*:*:*:*",
"matchCriteriaId": "1EAD1423-4477-4C35-BF93-697A2C0697C6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.3:*:*:*:*:*:*",
"matchCriteriaId": "858353BC-12CB-4014-BFCA-DA7B1B3DD4B9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.4:*:*:*:*:*:*",
"matchCriteriaId": "865F72BF-57B2-4B0C-BACE-3500E0AE6751"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.5:*:*:*:*:*:*",
"matchCriteriaId": "39E11407-E0C0-454F-B731-7DA4CBC696EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2:*:*:*:*:*:*",
"matchCriteriaId": "247E71F8-A03B-4097-B7BF-09F8BF3ED4D6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.1",
"matchCriteriaId": "368E8A56-50E4-4400-8C18-B7426B112FFC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*",
"versionStartExcluding": "9.1",
"versionEndExcluding": "22.7",
"matchCriteriaId": "0905A2B5-F9DF-48C9-9DA4-2D4C1C7BC0F5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1:*:*:*:*:*:*",
"matchCriteriaId": "FD9BE8C2-43EB-4870-A4B7-267CB17A19F1"
}
]
}
]
}
],
"references": [
{
"url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs",
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75"
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"tags": [
"Vendor Advisory"
]
}
]
}

32
CVE-2024/CVE-2024-112xx/CVE-2024-11270.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-11270",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-08T05:15:07.783",
"lastModified": "2025-01-08T05:15:07.783",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-17T20:56:14.373",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:webinarpress:webinarpress:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.33.25",
"matchCriteriaId": "89A09AE5-C4BD-4AA2-A42F-B5AB10FCDC9D"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3216237/wp-webinarsystem/trunk/includes/class-webinarsysteem-ajax.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f1c2cb3f-2f9e-40c5-9e5f-5b85a53e5868?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

54
CVE-2024/CVE-2024-112xx/CVE-2024-11271.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-11271",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-08T05:15:09.273",
"lastModified": "2025-01-08T05:15:09.273",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-17T20:49:14.347",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
@ -51,14 +71,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:webinarpress:webinarpress:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.33.25",
"matchCriteriaId": "89A09AE5-C4BD-4AA2-A42F-B5AB10FCDC9D"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3216237/wp-webinarsystem/trunk/includes/class-webinarsysteem-ajax.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/88508dbd-b7a0-441d-918b-f4cb7a7cd000?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

112
CVE-2024/CVE-2024-116xx/CVE-2024-11633.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-11633",
"sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"published": "2024-12-10T19:15:19.443",
"lastModified": "2024-12-10T19:15:19.443",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-17T19:35:05.380",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 6.0
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
@ -49,12 +69,98 @@
"value": "CWE-88"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-88"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*",
"versionEndExcluding": "22.7",
"matchCriteriaId": "201EB882-0B2A-47DB-B517-1E72A0542B27"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:-:*:*:*:*:*:*",
"matchCriteriaId": "F788F6D9-5368-4B8E-BFA0-E8FB3CDADB01"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1:*:*:*:*:*:*",
"matchCriteriaId": "2927A40D-E8A3-4DB6-9C93-04A6C6035C3D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.1:*:*:*:*:*:*",
"matchCriteriaId": "1399BBB4-E62B-4FF6-B9E3-6AAC68D4D583"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.2:*:*:*:*:*:*",
"matchCriteriaId": "1EAD1423-4477-4C35-BF93-697A2C0697C6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.3:*:*:*:*:*:*",
"matchCriteriaId": "858353BC-12CB-4014-BFCA-DA7B1B3DD4B9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.4:*:*:*:*:*:*",
"matchCriteriaId": "865F72BF-57B2-4B0C-BACE-3500E0AE6751"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.5:*:*:*:*:*:*",
"matchCriteriaId": "39E11407-E0C0-454F-B731-7DA4CBC696EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2:*:*:*:*:*:*",
"matchCriteriaId": "247E71F8-A03B-4097-B7BF-09F8BF3ED4D6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.1:*:*:*:*:*:*",
"matchCriteriaId": "E0059C69-4A18-4153-9D9A-5C1B03AD1453"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.2:*:*:*:*:*:*",
"matchCriteriaId": "FC523C88-115E-4CD9-A8CB-AE6E6610F7D4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.3:*:*:*:*:*:*",
"matchCriteriaId": "3447428E-DBCD-4553-B51D-AC08ECAFD881"
}
]
}
]
}
],
"references": [
{
"url": "https://forums.ivanti.com/s/article/December-2024-Security-Advisory-Ivanti-Connect-Secure-ICS-and-Ivanti-Policy-Secure-IPS-Multiple-CVEs",
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75"
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"tags": [
"Vendor Advisory"
]
}
]
}

128
CVE-2024/CVE-2024-116xx/CVE-2024-11634.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-11634",
"sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"published": "2024-12-10T19:15:19.570",
"lastModified": "2024-12-10T19:15:19.570",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-17T19:32:48.327",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 6.0
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
@ -49,12 +69,114 @@
"value": "CWE-77"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*",
"versionEndExcluding": "22.7",
"matchCriteriaId": "201EB882-0B2A-47DB-B517-1E72A0542B27"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:-:*:*:*:*:*:*",
"matchCriteriaId": "F788F6D9-5368-4B8E-BFA0-E8FB3CDADB01"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1:*:*:*:*:*:*",
"matchCriteriaId": "2927A40D-E8A3-4DB6-9C93-04A6C6035C3D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.1:*:*:*:*:*:*",
"matchCriteriaId": "1399BBB4-E62B-4FF6-B9E3-6AAC68D4D583"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.2:*:*:*:*:*:*",
"matchCriteriaId": "1EAD1423-4477-4C35-BF93-697A2C0697C6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.3:*:*:*:*:*:*",
"matchCriteriaId": "858353BC-12CB-4014-BFCA-DA7B1B3DD4B9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.4:*:*:*:*:*:*",
"matchCriteriaId": "865F72BF-57B2-4B0C-BACE-3500E0AE6751"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.5:*:*:*:*:*:*",
"matchCriteriaId": "39E11407-E0C0-454F-B731-7DA4CBC696EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2:*:*:*:*:*:*",
"matchCriteriaId": "247E71F8-A03B-4097-B7BF-09F8BF3ED4D6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.1:*:*:*:*:*:*",
"matchCriteriaId": "E0059C69-4A18-4153-9D9A-5C1B03AD1453"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.2:*:*:*:*:*:*",
"matchCriteriaId": "FC523C88-115E-4CD9-A8CB-AE6E6610F7D4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*",
"versionEndExcluding": "22.7",
"matchCriteriaId": "FAD0FC91-CA1E-4DC3-A37E-1BF98906D07C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:-:*:*:*:*:*:*",
"matchCriteriaId": "1F22B988-2585-4853-9838-AB3746C8B888"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1:*:*:*:*:*:*",
"matchCriteriaId": "FD9BE8C2-43EB-4870-A4B7-267CB17A19F1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1.1:*:*:*:*:*:*",
"matchCriteriaId": "C8915BB2-C1C0-4189-A847-DDB2EF161D62"
}
]
}
]
}
],
"references": [
{
"url": "https://forums.ivanti.com/s/article/December-2024-Security-Advisory-Ivanti-Connect-Secure-ICS-and-Ivanti-Policy-Secure-IPS-Multiple-CVEs",
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75"
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"tags": [
"Vendor Advisory"
]
}
]
}

57
CVE-2024/CVE-2024-116xx/CVE-2024-11639.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-11639",
"sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"published": "2024-12-10T19:15:19.690",
"lastModified": "2024-12-10T19:15:19.690",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-17T19:40:09.763",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 6.0
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,12 +69,43 @@
"value": "CWE-288"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:cloud_services_appliance:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.0.3",
"matchCriteriaId": "60628283-69C1-4274-9BC8-5C2B91A7AA6E"
}
]
}
]
}
],
"references": [
{
"url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Cloud-Services-Application-CSA-CVE-2024-11639-CVE-2024-11772-CVE-2024-11773",
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75"
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"tags": [
"Vendor Advisory"
]
}
]
}

57
CVE-2024/CVE-2024-117xx/CVE-2024-11772.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-11772",
"sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"published": "2024-12-10T19:15:19.817",
"lastModified": "2024-12-10T19:15:19.817",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-17T19:40:52.337",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 6.0
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
@ -49,12 +69,43 @@
"value": "CWE-77"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:cloud_services_appliance:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.0.3",
"matchCriteriaId": "60628283-69C1-4274-9BC8-5C2B91A7AA6E"
}
]
}
]
}
],
"references": [
{
"url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Cloud-Services-Application-CSA-CVE-2024-11639-CVE-2024-11772-CVE-2024-11773",
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75"
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"tags": [
"Vendor Advisory"
]
}
]
}

57
CVE-2024/CVE-2024-117xx/CVE-2024-11773.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-11773",
"sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"published": "2024-12-10T19:15:19.943",
"lastModified": "2024-12-10T19:15:19.943",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-17T19:41:50.450",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 6.0
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
@ -49,12 +69,43 @@
"value": "CWE-89"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:cloud_services_appliance:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.0.3",
"matchCriteriaId": "60628283-69C1-4274-9BC8-5C2B91A7AA6E"
}
]
}
]
}
],
"references": [
{
"url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Cloud-Services-Application-CSA-CVE-2024-11639-CVE-2024-11772-CVE-2024-11773",
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75"
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"tags": [
"Vendor Advisory"
]
}
]
}

37
CVE-2024/CVE-2024-118xx/CVE-2024-11816.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-11816",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-08T04:15:06.380",
"lastModified": "2025-01-08T04:15:06.380",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-17T21:00:00.330",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,18 +51,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpextended:ultimate_wordpress_toolkit:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.0.12",
"matchCriteriaId": "9EB4F58D-71E8-446B-BF79-8BCFCD2531E2"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/wpextended/trunk/includes/modules/core_extensions/wpext_snippets/wpext_snippets.php#L705",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3213331%40wpextended&new=3213331%40wpextended&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b3ce53e5-8666-4227-83d3-58f35db0ce68?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

66
CVE-2024/CVE-2024-119xx/CVE-2024-11916.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-11916",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-08T04:15:06.537",
"lastModified": "2025-01-08T04:15:06.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-17T20:58:37.443",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L",
@ -36,29 +36,83 @@
},
"exploitabilityScore": 3.1,
"impactScore": 3.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpextended:ultimate_wordpress_toolkit:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.0.12",
"matchCriteriaId": "9EB4F58D-71E8-446B-BF79-8BCFCD2531E2"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3213331%40wpextended&new=3213331%40wpextended&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/747d7649-bdf5-46d0-a496-59cb7eac77ac?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

54
CVE-2024/CVE-2024-128xx/CVE-2024-12851.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-12851",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-08T07:15:27.027",
"lastModified": "2025-01-08T07:15:27.027",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-17T20:47:22.757",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -51,14 +71,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bdthemes:element_pack:*:*:*:*:lite:wordpress:*:*",
"versionEndExcluding": "5.10.15",
"matchCriteriaId": "35BDF86A-06B8-4EF2-9941-D7A669B95569"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3212890%40bdthemes-element-pack-lite&new=3212890%40bdthemes-element-pack-lite&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/39b0af74-f773-4a56-b169-2ee11e923813?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

85
CVE-2024/CVE-2024-130xx/CVE-2024-13026.json Normal file
View File

@ -0,0 +1,85 @@
{
"id": "CVE-2024-13026",
"sourceIdentifier": "5cdcf916-2b10-4ec8-bfc1-d054821e439e",
"published": "2025-01-17T20:15:27.600",
"lastModified": "2025-01-17T20:15:27.600",
"vulnStatus": "Received",
"cveTags": [
{
"sourceIdentifier": "5cdcf916-2b10-4ec8-bfc1-d054821e439e",
"tags": [
"unsupported-when-assigned"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability exists in Algo Edge up to 2.1.1 - a previously used (legacy) component of navify\u00ae Algorithm Suite. The vulnerability impacts the authentication mechanism of this component and could allow an attacker with adjacent access to the laboratory network and the Algo Edge system to craft valid authentication tokens and access the component. Other components of navify\u00ae Algorithm Suite are not affected."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "5cdcf916-2b10-4ec8-bfc1-d054821e439e",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:A/V:D/RE:L/U:Clear",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "HIGH",
"vulnerableSystemAvailability": "HIGH",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NEGLIGIBLE",
"automatable": "NO",
"recovery": "AUTOMATIC",
"valueDensity": "DIFFUSE",
"vulnerabilityResponseEffort": "LOW",
"providerUrgency": "CLEAR"
}
}
]
},
"weaknesses": [
{
"source": "5cdcf916-2b10-4ec8-bfc1-d054821e439e",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-326"
}
]
}
],
"references": [
{
"url": "https://diagnostics.roche.com/content/dam/diagnostics/Blueprint/en/pdf/Algo%20Edge%20-%20Authentication%20Vulnerability%20-%20Product%20Security%20Advisory.pdf",
"source": "5cdcf916-2b10-4ec8-bfc1-d054821e439e"
}
]
}

84
CVE-2024/CVE-2024-13xx/CVE-2024-1358.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1358",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:19.870",
"lastModified": "2024-11-21T08:50:24.403",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-17T19:52:41.687",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,33 +36,101 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:webtechstreet:elementor_addon_elements:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.13",
"matchCriteriaId": "A7CA62DB-FA1A-4082-A265-E544B1E05957"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.12.12/modules/shape-separator/widgets/shape-separator.php#L89",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3037925/addon-elements-for-elementor-page-builder/trunk/modules/shape-separator/widgets/shape-separator.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/20cd3fff-0488-4bc2-961b-2427925e6a96?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.12.12/modules/shape-separator/widgets/shape-separator.php#L89",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3037925/addon-elements-for-elementor-page-builder/trunk/modules/shape-separator/widgets/shape-separator.php",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/20cd3fff-0488-4bc2-961b-2427925e6a96?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

84
CVE-2024/CVE-2024-13xx/CVE-2024-1391.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1391",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:21.387",
"lastModified": "2024-11-21T08:50:28.720",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-17T19:52:57.843",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,33 +36,101 @@
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:webtechstreet:elementor_addon_elements:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.13",
"matchCriteriaId": "A7CA62DB-FA1A-4082-A265-E544B1E05957"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.12.12/modules/bg-slider/module.php#L255",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.13/modules/bg-slider/module.php#L255",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/977bab12-969d-4b15-9942-2b17c8541f61?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.12.12/modules/bg-slider/module.php#L255",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.13/modules/bg-slider/module.php#L255",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/977bab12-969d-4b15-9942-2b17c8541f61?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

84
CVE-2024/CVE-2024-13xx/CVE-2024-1392.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1392",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:21.590",
"lastModified": "2024-11-21T08:50:28.840",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-17T19:53:57.010",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,33 +36,101 @@
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:webtechstreet:elementor_addon_elements:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.13",
"matchCriteriaId": "A7CA62DB-FA1A-4082-A265-E544B1E05957"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.12.12/modules/dual-button/widgets/dual-button.php#L885",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.13/modules/dual-button/widgets/dual-button.php#L885",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/33d7dc4d-bb41-456a-bd1a-37d8f2aada30?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.12.12/modules/dual-button/widgets/dual-button.php#L885",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.13/modules/dual-button/widgets/dual-button.php#L885",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/33d7dc4d-bb41-456a-bd1a-37d8f2aada30?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

84
CVE-2024/CVE-2024-13xx/CVE-2024-1393.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1393",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:21.770",
"lastModified": "2024-11-21T08:50:28.977",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-17T19:54:07.350",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,33 +36,101 @@
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:webtechstreet:elementor_addon_elements:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.13",
"matchCriteriaId": "A7CA62DB-FA1A-4082-A265-E544B1E05957"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.12.12/modules/content-switcher/skins/skin-3.php#L39",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.13/modules/content-switcher/skins/skin-3.php#L39",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bb0888d6-30e6-4957-b270-1968eace462e?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.12.12/modules/content-switcher/skins/skin-3.php#L39",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.13/modules/content-switcher/skins/skin-3.php#L39",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bb0888d6-30e6-4957-b270-1968eace462e?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

94
CVE-2024/CVE-2024-14xx/CVE-2024-1422.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1422",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:22.457",
"lastModified": "2024-11-21T08:50:33.127",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-17T19:56:49.607",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,41 +36,115 @@
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:webtechstreet:elementor_addon_elements:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.13",
"matchCriteriaId": "A7CA62DB-FA1A-4082-A265-E544B1E05957"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/trunk/modules/modal-popup/widgets/modal-popup.php#L1048",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/trunk/modules/modal-popup/widgets/modal-popup.php#L1062",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3037925%40addon-elements-for-elementor-page-builder%2Ftrunk&old=3031349%40addon-elements-for-elementor-page-builder%2Ftrunk&sfp_email=&sfph_mail=#file26",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4ba28184-b5c3-4a5c-a376-29b3c6a2aa20?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/trunk/modules/modal-popup/widgets/modal-popup.php#L1048",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/trunk/modules/modal-popup/widgets/modal-popup.php#L1062",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3037925%40addon-elements-for-elementor-page-builder%2Ftrunk&old=3031349%40addon-elements-for-elementor-page-builder%2Ftrunk&sfp_email=&sfph_mail=#file26",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4ba28184-b5c3-4a5c-a376-29b3c6a2aa20?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

54
CVE-2024/CVE-2024-19xx/CVE-2024-1904.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1904",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:20.680",
"lastModified": "2024-11-21T08:51:33.987",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-17T19:22:36.853",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -39,22 +39,64 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:stylemixthemes:masterstudy_lms:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.3.0",
"matchCriteriaId": "2C2E0A32-DC59-4E43-B711-143AD4BFDDBA"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3050967/masterstudy-lms-learning-management-system",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1be686d3-16b1-4ec7-b304-848ca4d7162c?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3050967/masterstudy-lms-learning-management-system",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1be686d3-16b1-4ec7-b304-848ca4d7162c?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

64
CVE-2024/CVE-2024-19xx/CVE-2024-1990.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1990",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:21.703",
"lastModified": "2024-11-21T08:51:44.900",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-17T19:30:21.120",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -39,30 +39,78 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:metagauss:registrationmagic:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "5.3.2.0",
"matchCriteriaId": "EFDE3263-C1AE-4DBE-9B26-AF13F57287CB"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3049490/custom-registration-form-builder-with-submission-manager/trunk/public/class_rm_public.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3057216/custom-registration-form-builder-with-submission-manager/trunk/public/class_rm_public.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6478cdbc-a20e-4fe2-bbd6-8a550e5da895?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3049490/custom-registration-form-builder-with-submission-manager/trunk/public/class_rm_public.php",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3057216/custom-registration-form-builder-with-submission-manager/trunk/public/class_rm_public.php",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6478cdbc-a20e-4fe2-bbd6-8a550e5da895?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

84
CVE-2024/CVE-2024-20xx/CVE-2024-2042.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2042",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-16T03:15:07.143",
"lastModified": "2024-11-21T09:08:54.860",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-17T19:57:25.747",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,33 +36,101 @@
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpmet:elements_kit_elementor_addons:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.0.6",
"matchCriteriaId": "B84C60D7-8C96-4E02-B38D-6B87C0D499EA"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/elementskit-lite/tags/3.0.4/widgets/image-accordion/image-accordion.php#L962",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3050248%40elementskit-lite&new=3050248%40elementskit-lite&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/be4ce3e6-8baa-419f-a48e-4256c306fbc1?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/elementskit-lite/tags/3.0.4/widgets/image-accordion/image-accordion.php#L962",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3050248%40elementskit-lite&new=3050248%40elementskit-lite&sfp_email=&sfph_mail=",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/be4ce3e6-8baa-419f-a48e-4256c306fbc1?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

8
CVE-2024/CVE-2024-214xx/CVE-2024-21409.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21409",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-09T17:15:34.803",
"lastModified": "2025-01-08T16:41:34.453",
"vulnStatus": "Analyzed",
"lastModified": "2025-01-17T20:15:27.787",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -449,6 +449,10 @@
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20250117-0002/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}

14
CVE-2024/CVE-2024-216xx/CVE-2024-21641.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-21641",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-05T21:15:43.337",
"lastModified": "2024-11-21T08:54:47.033",
"lastModified": "2025-01-17T19:15:28.590",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -22,19 +22,19 @@
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
@ -62,7 +62,7 @@
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

54
CVE-2024/CVE-2024-22xx/CVE-2024-2242.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2242",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T22:15:12.173",
"lastModified": "2024-11-21T09:09:20.130",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-17T19:57:07.283",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -39,22 +39,64 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rocklobster:contact_form_7:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "5.9.2",
"matchCriteriaId": "357F32F3-4A95-4E33-998F-0ADF9EFF7649"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3049594/contact-form-7/trunk/admin/edit-contact-form.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d5bf4972-424a-4470-a0bc-7dcc95378e0e?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3049594/contact-form-7/trunk/admin/edit-contact-form.php",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d5bf4972-424a-4470-a0bc-7dcc95378e0e?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

74
CVE-2024/CVE-2024-25xx/CVE-2024-2539.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2539",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-10T06:15:06.530",
"lastModified": "2024-11-21T09:09:58.333",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-17T19:20:18.470",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,25 +36,87 @@
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:livemeshelementor:addons_for_elementor:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "8.3.7",
"matchCriteriaId": "68D44D58-3CEE-486E-90C7-CED414B3E13F"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3065560/addons-for-elementor/trunk/templates/addons/marquee-text/content.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/52d79cdd-739f-4ae9-9214-bc64ca7d8ecb?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3065560/addons-for-elementor/trunk/templates/addons/marquee-text/content.php",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/52d79cdd-739f-4ae9-9214-bc64ca7d8ecb?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

74
CVE-2024/CVE-2024-26xx/CVE-2024-2655.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2655",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-10T06:15:06.940",
"lastModified": "2024-11-21T09:10:13.457",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-17T19:18:36.207",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,25 +36,87 @@
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:livemeshelementor:addons_for_elementor:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "8.3.6",
"matchCriteriaId": "CCF3EDE8-523A-4719-963E-26312EB2A4CD"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/addons-for-elementor/trunk/templates/post-meta/author.php#L8",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/69f2fc37-4c02-48da-b1e8-350ecc8ba086?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/addons-for-elementor/trunk/templates/post-meta/author.php#L8",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/69f2fc37-4c02-48da-b1e8-350ecc8ba086?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

6
CVE-2024/CVE-2024-294xx/CVE-2024-29415.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-29415",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-27T20:15:08.970",
"lastModified": "2024-11-21T09:08:01.093",
"lastModified": "2025-01-17T20:15:27.950",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -79,6 +79,10 @@
{
"url": "https://github.com/indutny/node-ip/pull/144",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://security.netapp.com/advisory/ntap-20250117-0010/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}

52
CVE-2024/CVE-2024-313xx/CVE-2024-31343.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-31343",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-10T17:15:55.417",
"lastModified": "2024-11-21T09:13:20.033",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-17T19:32:04.977",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -51,14 +71,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sonaar:mp3_audio_player_for_music\\,_radio_\\&_podcast:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "5.0",
"matchCriteriaId": "700F62E4-A3E8-4A05-AE2D-B25E58D0742B"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/mp3-music-player-by-sonaar/wordpress-mp3-audio-player-for-music-radio-podcast-by-sonaar-plugin-4-10-1-arbitrary-file-download-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://patchstack.com/database/vulnerability/mp3-music-player-by-sonaar/wordpress-mp3-audio-player-for-music-radio-podcast-by-sonaar-plugin-4-10-1-arbitrary-file-download-vulnerability?_s_id=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

64
CVE-2024/CVE-2024-31xx/CVE-2024-3136.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-3136",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:39.720",
"lastModified": "2024-11-21T09:28:58.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-17T19:21:25.430",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -39,30 +39,78 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:stylemixthemes:masterstudy_lms:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.3.4",
"matchCriteriaId": "DECBBEDC-BB3C-4584-81D4-1B6C300F2535"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3064337/masterstudy-lms-learning-management-system/trunk/_core/lms/classes/helpers.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3064337/masterstudy-lms-learning-management-system/trunk/_core/lms/classes/templates.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9a573740-cdfe-4b58-b33b-5e50bcbc4779?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3064337/masterstudy-lms-learning-management-system/trunk/_core/lms/classes/helpers.php",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3064337/masterstudy-lms-learning-management-system/trunk/_core/lms/classes/templates.php",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9a573740-cdfe-4b58-b33b-5e50bcbc4779?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

81
CVE-2024/CVE-2024-321xx/CVE-2024-32118.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-32118",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2024-11-12T19:15:09.287",
"lastModified": "2024-11-13T17:01:16.850",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-17T20:42:17.053",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
@ -51,10 +71,65 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2.0",
"versionEndExcluding": "7.2.6",
"matchCriteriaId": "FF6CA5B2-29DE-4FB3-8D7D-D248A593AB79"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.4.0",
"versionEndExcluding": "7.4.3",
"matchCriteriaId": "AF309EFD-1770-44AF-B192-3D9816F792CB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortianalyzer_big_data:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2.1",
"versionEndExcluding": "7.2.8",
"matchCriteriaId": "1A9C272F-2E14-4BC3-B3A3-1EF4E93BDBFF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortianalyzer_big_data:7.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "80598594-A45A-4E69-B968-1DD3DBD30FF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2.0",
"versionEndExcluding": "7.2.6",
"matchCriteriaId": "A3F113AF-AA71-466D-9841-15A5243ECFF0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.4.0",
"versionEndExcluding": "7.4.3",
"matchCriteriaId": "E4490512-36ED-4212-9D34-D74739A56E84"
}
]
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-116",
"source": "psirt@fortinet.com"
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
]
}
]
}

88
CVE-2024/CVE-2024-335xx/CVE-2024-33510.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-33510",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2024-11-12T19:15:09.723",
"lastModified": "2024-11-13T17:01:16.850",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-17T20:35:31.247",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,25 +36,105 @@
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-358"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.0.0",
"versionEndExcluding": "7.0.17",
"matchCriteriaId": "C98BE382-7A23-4231-9D1B-5D7946848F99"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.2.0",
"versionEndExcluding": "7.2.10",
"matchCriteriaId": "EDFFA2C3-0A23-4884-B751-785BE598DFF3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.4.0",
"versionEndExcluding": "7.4.4",
"matchCriteriaId": "3F2C29AD-A11F-4A5F-8BB0-8600D5F77E72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.0.0",
"versionEndExcluding": "7.2.9",
"matchCriteriaId": "AC7395B0-2864-49E3-8B70-935A17EF3162"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.4.0",
"versionEndExcluding": "7.4.4",
"matchCriteriaId": "1FDDB5F3-D229-4208-9110-8860A03C8B59"
}
]
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-033",
"source": "psirt@fortinet.com"
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
]
}
]
}

74
CVE-2024/CVE-2024-352xx/CVE-2024-35274.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35274",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2024-11-12T19:15:09.993",
"lastModified": "2024-11-13T17:01:16.850",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-17T20:29:43.327",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,25 +36,91 @@
},
"exploitabilityScore": 0.8,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 2.3,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 0.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-23"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2.0",
"versionEndExcluding": "7.4.3",
"matchCriteriaId": "452AE920-49A0-4A7C-840C-4AD5510B7AF2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortianalyzer_big_data:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2.1",
"versionEndExcluding": "7.4.1",
"matchCriteriaId": "35854F9A-432E-4185-A6D2-8C6D59A4CE98"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2.0",
"versionEndExcluding": "7.4.3",
"matchCriteriaId": "D7F7A7D1-A7E0-429D-B4F8-BD64A6E2497F"
}
]
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-179",
"source": "psirt@fortinet.com"
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
]
}
]
}

6
CVE-2024/CVE-2024-388xx/CVE-2024-38807.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-38807",
"sourceIdentifier": "security@vmware.com",
"published": "2024-08-23T09:15:07.453",
"lastModified": "2024-08-23T16:18:28.547",
"lastModified": "2025-01-17T20:15:28.130",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -43,6 +43,10 @@
{
"url": "https://spring.io/security/cve-2024-38807",
"source": "security@vmware.com"
},
{
"url": "https://security.netapp.com/advisory/ntap-20250117-0006/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}

6
CVE-2024/CVE-2024-399xx/CVE-2024-39908.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-39908",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-07-16T18:15:08.167",
"lastModified": "2024-11-21T09:28:32.747",
"lastModified": "2025-01-17T20:15:28.250",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -64,6 +64,10 @@
"url": "https://github.com/ruby/rexml/security/advisories/GHSA-4xqq-m2hx-25v8",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://security.netapp.com/advisory/ntap-20250117-0008/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.ruby-lang.org/en/news/2024/07/16/dos-rexml-cve-2024-39908",
"source": "af854a3a-2127-422b-91ae-364da2661108"

8
CVE-2024/CVE-2024-419xx/CVE-2024-41946.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41946",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-08-01T15:15:14.100",
"lastModified": "2024-09-05T16:09:45.503",
"vulnStatus": "Analyzed",
"lastModified": "2025-01-17T20:15:28.380",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -127,6 +127,10 @@
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20250117-0007/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}

141
CVE-2024/CVE-2024-479xx/CVE-2024-47906.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-47906",
"sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"published": "2024-11-12T16:15:22.670",
"lastModified": "2024-11-22T17:15:08.483",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-17T20:27:14.100",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -53,12 +73,127 @@
"value": "CWE-426"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-426"
},
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.1",
"matchCriteriaId": "3281AC31-EAEC-4C8D-A0AA-3CDD1092D3EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*",
"versionStartExcluding": "9.1",
"versionEndExcluding": "22.7",
"matchCriteriaId": "C8B38BEE-671B-4B29-A230-C92ACEE60C74"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:-:*:*:*:*:*:*",
"matchCriteriaId": "F788F6D9-5368-4B8E-BFA0-E8FB3CDADB01"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1:*:*:*:*:*:*",
"matchCriteriaId": "2927A40D-E8A3-4DB6-9C93-04A6C6035C3D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.1:*:*:*:*:*:*",
"matchCriteriaId": "1399BBB4-E62B-4FF6-B9E3-6AAC68D4D583"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.2:*:*:*:*:*:*",
"matchCriteriaId": "1EAD1423-4477-4C35-BF93-697A2C0697C6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.3:*:*:*:*:*:*",
"matchCriteriaId": "858353BC-12CB-4014-BFCA-DA7B1B3DD4B9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.4:*:*:*:*:*:*",
"matchCriteriaId": "865F72BF-57B2-4B0C-BACE-3500E0AE6751"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.5:*:*:*:*:*:*",
"matchCriteriaId": "39E11407-E0C0-454F-B731-7DA4CBC696EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2:*:*:*:*:*:*",
"matchCriteriaId": "247E71F8-A03B-4097-B7BF-09F8BF3ED4D6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.1:*:*:*:*:*:*",
"matchCriteriaId": "E0059C69-4A18-4153-9D9A-5C1B03AD1453"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.2:*:*:*:*:*:*",
"matchCriteriaId": "FC523C88-115E-4CD9-A8CB-AE6E6610F7D4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.1",
"matchCriteriaId": "368E8A56-50E4-4400-8C18-B7426B112FFC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*",
"versionStartExcluding": "9.1",
"versionEndExcluding": "22.7",
"matchCriteriaId": "0905A2B5-F9DF-48C9-9DA4-2D4C1C7BC0F5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1:*:*:*:*:*:*",
"matchCriteriaId": "FD9BE8C2-43EB-4870-A4B7-267CB17A19F1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1.1:*:*:*:*:*:*",
"matchCriteriaId": "C8915BB2-C1C0-4189-A847-DDB2EF161D62"
}
]
}
]
}
],
"references": [
{
"url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs",
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75"
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"tags": [
"Vendor Advisory"
]
}
]
}

25
CVE-2024/CVE-2024-528xx/CVE-2024-52870.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-52870",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-17T20:15:28.527",
"lastModified": "2025-01-17T20:15:28.527",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Teradata Vantage Editor 1.0.1 is mostly intended for SQL database access and docs.teradata.com access, but provides unintended functionality (including Chromium Developer Tools) that can result in a client user accessing arbitrary remote websites."
}
],
"metrics": {},
"references": [
{
"url": "https://chrismanson.com/CVE/cve-2024-52870.html",
"source": "cve@mitre.org"
},
{
"url": "https://www.teradata.com/trust-security-center/data-security",
"source": "cve@mitre.org"
}
]
}

25
CVE-2024/CVE-2024-570xx/CVE-2024-57030.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-57030",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-17T20:15:28.667",
"lastModified": "2025-01-17T20:15:28.667",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Wegia < 3.2.0 is vulnerable to Cross Site Scripting (XSS) in /geral/documentos_funcionario.php via the id parameter."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/nmmorette/vulnerability-research/tree/main/CVE-2024-57030",
"source": "cve@mitre.org"
},
{
"url": "https://www.wegia.org/",
"source": "cve@mitre.org"
}
]
}

25
CVE-2024/CVE-2024-570xx/CVE-2024-57031.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-57031",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-17T20:15:28.790",
"lastModified": "2025-01-17T20:15:28.790",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "WeGIA < 3.2.0 is vulnerable to SQL Injection in /funcionario/remuneracao.php via the id_funcionario parameter."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/nmmorette/vulnerability-research/tree/main/CVE-2024-57031",
"source": "cve@mitre.org"
},
{
"url": "https://www.wegia.org/",
"source": "cve@mitre.org"
}
]
}

25
CVE-2024/CVE-2024-570xx/CVE-2024-57032.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-57032",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-17T20:15:28.910",
"lastModified": "2025-01-17T20:15:28.910",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "WeGIA < 3.2.0 is vulnerable to Incorrect Access Control in controle/control.php. The application does not validate the value of the old password, so it is possible to change the password by placing any value in the senha_antiga field."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/nmmorette/vulnerability-research/blob/main/CVE-2024-57032",
"source": "cve@mitre.org"
},
{
"url": "https://www.wegia.org/",
"source": "cve@mitre.org"
}
]
}

25
CVE-2024/CVE-2024-570xx/CVE-2024-57034.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-57034",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-17T20:15:29.020",
"lastModified": "2025-01-17T20:15:29.020",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "WeGIA < 3.2.0 is vulnerable to SQL Injection in query_geracao_auto.php via the query parameter."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/nmmorette/vulnerability-research/tree/main/CVE-2024-57034",
"source": "cve@mitre.org"
},
{
"url": "https://www.wegia.org",
"source": "cve@mitre.org"
}
]
}

29
CVE-2024/CVE-2024-573xx/CVE-2024-57369.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-57369",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-17T20:15:29.140",
"lastModified": "2025-01-17T20:15:29.140",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Clickjacking vulnerability in typecho v1.2.1."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/typecho/typecho",
"source": "cve@mitre.org"
},
{
"url": "https://royblume.github.io/CVE-2024-57369/",
"source": "cve@mitre.org"
},
{
"url": "https://typecho.org/",
"source": "cve@mitre.org"
}
]
}

29
CVE-2024/CVE-2024-573xx/CVE-2024-57370.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-57370",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-17T20:15:29.303",
"lastModified": "2025-01-17T20:15:29.303",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting vulnerability in sunnygkp10 Online Exam System master version allows a remote attacker to obtain sensitive information via the w parameter."
}
],
"metrics": {},
"references": [
{
"url": "http://sunnygkp10.com",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/sunnygkp10/Online-Exam-System",
"source": "cve@mitre.org"
},
{
"url": "https://royblume.github.io/CVE-2024-57370/",
"source": "cve@mitre.org"
}
]
}

29
CVE-2024/CVE-2024-573xx/CVE-2024-57372.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-57372",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-17T20:15:29.447",
"lastModified": "2025-01-17T20:15:29.447",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting vulnerability in InformationPush master version allows a remote attacker to obtain sensitive information via the title, time and msg parameters"
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/kaixin1995",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/kaixin1995/InformationPush",
"source": "cve@mitre.org"
},
{
"url": "https://royblume.github.io/CVE-2024-57372/",
"source": "cve@mitre.org"
}
]
}

94
CVE-2024/CVE-2024-75xx/CVE-2024-7571.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7571",
"sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"published": "2024-11-12T17:15:10.973",
"lastModified": "2024-11-13T17:01:58.603",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-17T19:45:37.847",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -49,12 +69,80 @@
"value": "CWE-267"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:secure_access_client:*:*:*:*:*:*:*:*",
"versionEndExcluding": "22.7",
"matchCriteriaId": "2347060E-FEC7-41EF-A0C0-5ED61B157223"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:secure_access_client:22.7:-:*:*:*:*:*:*",
"matchCriteriaId": "C419EC4C-AB98-4D73-82B2-00A0A1F5A435"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:secure_access_client:22.7:r1:*:*:*:*:*:*",
"matchCriteriaId": "F78C1CDE-FB11-4033-AEBA-D04D937EDD67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:secure_access_client:22.7:r1.1:*:*:*:*:*:*",
"matchCriteriaId": "12DF0E17-F261-48D1-B2B8-50E9AEAFEC27"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:secure_access_client:22.7:r2:*:*:*:*:*:*",
"matchCriteriaId": "E881D4BF-3222-4EF9-8A9B-0948973CCC89"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:secure_access_client:22.7:r3:*:*:*:*:*:*",
"matchCriteriaId": "D93F7D15-B61D-4EE7-9280-FC0B7C45C940"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs",
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75"
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"tags": [
"Vendor Advisory"
]
}
]
}

113
CVE-2024/CVE-2024-84xx/CVE-2024-8495.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-8495",
"sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"published": "2024-11-12T16:15:26.560",
"lastModified": "2024-11-13T17:01:58.603",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-17T20:04:56.517",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,12 +69,99 @@
"value": "CWE-476"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*",
"versionEndExcluding": "22.7",
"matchCriteriaId": "201EB882-0B2A-47DB-B517-1E72A0542B27"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:-:*:*:*:*:*:*",
"matchCriteriaId": "F788F6D9-5368-4B8E-BFA0-E8FB3CDADB01"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1:*:*:*:*:*:*",
"matchCriteriaId": "2927A40D-E8A3-4DB6-9C93-04A6C6035C3D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.1:*:*:*:*:*:*",
"matchCriteriaId": "1399BBB4-E62B-4FF6-B9E3-6AAC68D4D583"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.2:*:*:*:*:*:*",
"matchCriteriaId": "1EAD1423-4477-4C35-BF93-697A2C0697C6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.3:*:*:*:*:*:*",
"matchCriteriaId": "858353BC-12CB-4014-BFCA-DA7B1B3DD4B9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.4:*:*:*:*:*:*",
"matchCriteriaId": "865F72BF-57B2-4B0C-BACE-3500E0AE6751"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.5:*:*:*:*:*:*",
"matchCriteriaId": "39E11407-E0C0-454F-B731-7DA4CBC696EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2:*:*:*:*:*:*",
"matchCriteriaId": "247E71F8-A03B-4097-B7BF-09F8BF3ED4D6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*",
"versionEndExcluding": "22.7",
"matchCriteriaId": "FAD0FC91-CA1E-4DC3-A37E-1BF98906D07C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:-:*:*:*:*:*:*",
"matchCriteriaId": "1F22B988-2585-4853-9838-AB3746C8B888"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1:*:*:*:*:*:*",
"matchCriteriaId": "FD9BE8C2-43EB-4870-A4B7-267CB17A19F1"
}
]
}
]
}
],
"references": [
{
"url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs",
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75"
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"tags": [
"Vendor Advisory"
]
}
]
}

99
CVE-2024/CVE-2024-85xx/CVE-2024-8539.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-8539",
"sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"published": "2024-11-12T17:15:11.357",
"lastModified": "2024-11-13T17:01:58.603",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-17T20:02:50.283",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
}
]
},
@ -49,12 +69,85 @@
"value": "CWE-267"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:secure_access_client:*:*:*:*:*:*:*:*",
"versionEndExcluding": "22.7",
"matchCriteriaId": "2347060E-FEC7-41EF-A0C0-5ED61B157223"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:secure_access_client:22.7:-:*:*:*:*:*:*",
"matchCriteriaId": "C419EC4C-AB98-4D73-82B2-00A0A1F5A435"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:secure_access_client:22.7:r1:*:*:*:*:*:*",
"matchCriteriaId": "F78C1CDE-FB11-4033-AEBA-D04D937EDD67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:secure_access_client:22.7:r1.1:*:*:*:*:*:*",
"matchCriteriaId": "12DF0E17-F261-48D1-B2B8-50E9AEAFEC27"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:secure_access_client:22.7:r2:*:*:*:*:*:*",
"matchCriteriaId": "E881D4BF-3222-4EF9-8A9B-0948973CCC89"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs",
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75"
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"tags": [
"Vendor Advisory"
]
}
]
}

420
CVE-2024/CVE-2024-94xx/CVE-2024-9420.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-9420",
"sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"published": "2024-11-12T16:15:26.760",
"lastModified": "2024-11-27T21:15:08.357",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-17T20:29:36.007",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,7 +15,30 @@
"value": "Use-after-free en Ivanti Connect Secure anterior a la versi\u00f3n 22.7R2.3 y en Ivanti Policy Secure anterior a la versi\u00f3n 22.7R1.2 permite que un atacante remoto autenticado logre la ejecuci\u00f3n remota de c\u00f3digo."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
@ -26,12 +49,401 @@
"value": "CWE-416"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.1",
"matchCriteriaId": "3281AC31-EAEC-4C8D-A0AA-3CDD1092D3EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*",
"versionStartIncluding": "21.9",
"versionEndExcluding": "22.7",
"matchCriteriaId": "C616EB87-8CE7-44E1-92A7-E5ED6E8C414A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:-:*:*:*:*:*:*",
"matchCriteriaId": "4F450898-0B06-4073-9B76-BF22F68BD14F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "4B21C181-DC49-4EBD-9932-DBB337151FF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r1.0:*:*:*:*:*:*",
"matchCriteriaId": "130C8955-BDA4-4518-8EBA-740EB08FC3E4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r10:*:*:*:*:*:*",
"matchCriteriaId": "5A3A93FE-41BF-43F2-9EFC-89656182329F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r10.0:*:*:*:*:*:*",
"matchCriteriaId": "5AA4B39F-2FB9-4752-B1F1-18812B0990B4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r10.2:*:*:*:*:*:*",
"matchCriteriaId": "232BAB6C-D318-4F80-8F49-4E700C21F535"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11:*:*:*:*:*:*",
"matchCriteriaId": "8D5F47BA-DE6D-443D-95C3-A45F80EDC71E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.0:*:*:*:*:*:*",
"matchCriteriaId": "ABD840BF-944E-4F4C-96DC-0256286338F6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.1:*:*:*:*:*:*",
"matchCriteriaId": "A1995F34-AE75-47C4-9A9D-DBB1D3E130E5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.3:*:*:*:*:*:*",
"matchCriteriaId": "366EF5B8-0233-49B8-806A-E54F60410ADE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.4:*:*:*:*:*:*",
"matchCriteriaId": "6F2A7F5C-1D78-4D19-B8ED-5822FDF5DA63"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r11.5:*:*:*:*:*:*",
"matchCriteriaId": "2DDDA231-2A5E-4C70-8620-535C7F9027A4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r12:*:*:*:*:*:*",
"matchCriteriaId": "32E0B425-A9BA-4D00-84A9-46268072D696"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r12.1:*:*:*:*:*:*",
"matchCriteriaId": "BBC724E8-195B-4CB4-AC2A-63E184AED4F6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r12.2:*:*:*:*:*:*",
"matchCriteriaId": "7162C24D-D181-49CC-B8C2-9EE3E0CDF846"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r13:*:*:*:*:*:*",
"matchCriteriaId": "65435A96-EF7A-439A-AA6C-CB7EAEF0A963"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r13.1:*:*:*:*:*:*",
"matchCriteriaId": "3027A9CE-849E-4CAE-A1C4-170DEAF4FE86"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r14:*:*:*:*:*:*",
"matchCriteriaId": "C132BA26-BCA0-43E6-9511-34ACFFA136A9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r14.4:*:*:*:*:*:*",
"matchCriteriaId": "06520C75-9326-4C21-8AD6-6DE1ED031959"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r15:*:*:*:*:*:*",
"matchCriteriaId": "CE228FBD-5AD1-4BC6-AF63-5248E671B04F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r15.2:*:*:*:*:*:*",
"matchCriteriaId": "D7DBCD6B-B7AA-4AB0-852F-563A2EC85DB4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r16:*:*:*:*:*:*",
"matchCriteriaId": "44C26423-8621-4F6D-A45B-0A6B6E873AB6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r16.1:*:*:*:*:*:*",
"matchCriteriaId": "BC391EB5-C457-459C-8EAA-EA0043487C0B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r17:*:*:*:*:*:*",
"matchCriteriaId": "DB6CEA16-F422-48F1-9473-3931B1BFA63F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r17.1:*:*:*:*:*:*",
"matchCriteriaId": "E238AB9F-99C1-4F0D-B442-D390065D35D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r17.2:*:*:*:*:*:*",
"matchCriteriaId": "8971445A-D65F-4C0E-906F-7AC4953C5689"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r18:*:*:*:*:*:*",
"matchCriteriaId": "28FDE909-711C-41EC-8BA6-AC4DE05EA27E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r18.1:*:*:*:*:*:*",
"matchCriteriaId": "080CD832-3324-4158-A4CD-3A2E49B7BC74"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r18.2:*:*:*:*:*:*",
"matchCriteriaId": "DB2B8165-E9D4-4549-B16E-A62810BDAF8D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r18.3:*:*:*:*:*:*",
"matchCriteriaId": "014C7627-F211-48B1-80FA-3A7F608B4F23"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r18.7:*:*:*:*:*:*",
"matchCriteriaId": "A5592C84-538C-47AB-8042-09B42D89BB0B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r18.8:*:*:*:*:*:*",
"matchCriteriaId": "7DC6A046-F81C-4CBA-B06E-081AA550C91C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r2:*:*:*:*:*:*",
"matchCriteriaId": "4FEFC4B1-7350-46F9-80C1-42F5AE06142F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r2.0:*:*:*:*:*:*",
"matchCriteriaId": "4E2D041D-9BDD-416D-B658-1C517C854104"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r3:*:*:*:*:*:*",
"matchCriteriaId": "DB7A6D62-6576-4713-9BF4-11068A72E8B7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r3.0:*:*:*:*:*:*",
"matchCriteriaId": "7155EB34-E8E0-49AF-BDA2-FB4BFA44662E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4:*:*:*:*:*:*",
"matchCriteriaId": "843BC1B9-50CC-4F8F-A454-A0CEC6E92290"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.0:*:*:*:*:*:*",
"matchCriteriaId": "25EE614A-5F32-4CA9-998A-4FAF16DC100C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.1:*:*:*:*:*:*",
"matchCriteriaId": "D5355372-03EA-46D7-9104-A2785C29B664"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.2:*:*:*:*:*:*",
"matchCriteriaId": "3DE32A0C-8944-4F51-A286-266055CA4B2F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r4.3:*:*:*:*:*:*",
"matchCriteriaId": "0349A0CC-A372-4E51-899E-D7BA67876F4B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r5:*:*:*:*:*:*",
"matchCriteriaId": "93D1A098-BD77-4A7B-9070-A764FB435981"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r5.0:*:*:*:*:*:*",
"matchCriteriaId": "F49EE829-A2CD-491E-BFC3-7888491D7C58"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r6:*:*:*:*:*:*",
"matchCriteriaId": "3CCC2D7B-F835-45EC-A316-2F0C5F2CF565"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r6.0:*:*:*:*:*:*",
"matchCriteriaId": "2254DDF1-7FF3-49E1-8826-91F49A6794F8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r7:*:*:*:*:*:*",
"matchCriteriaId": "AD812596-C77C-4129-982F-C22A25B52126"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r7.0:*:*:*:*:*:*",
"matchCriteriaId": "B8EA4DA8-CD09-41AC-ADCB-27CF771C016B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8:*:*:*:*:*:*",
"matchCriteriaId": "9FA0B20D-3FA1-42AE-BDC5-93D8A182927C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8.0:*:*:*:*:*:*",
"matchCriteriaId": "4D6CECCB-18BA-4219-95A2-2525A2BDCE36"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8.1:*:*:*:*:*:*",
"matchCriteriaId": "BFFA0B02-7F6D-4434-B1E7-EB8520FD68A0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8.2:*:*:*:*:*:*",
"matchCriteriaId": "DFE8FA87-9622-4D5B-99C7-D8EE230C0AA9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r8.4:*:*:*:*:*:*",
"matchCriteriaId": "07AB853D-5A3F-4142-8417-1C9FB729A89E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r9:*:*:*:*:*:*",
"matchCriteriaId": "16DAA769-8F0D-4C54-A8D9-9902995605B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r9.0:*:*:*:*:*:*",
"matchCriteriaId": "B7006C07-0E3F-4890-A1B3-533E10924D49"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r9.1:*:*:*:*:*:*",
"matchCriteriaId": "B2C10C89-1DBC-4E91-BD28-D5097B589CA9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.1:r9.2:*:*:*:*:*:*",
"matchCriteriaId": "F54753D0-6275-4F82-B874-55438D2983B3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:-:*:*:*:*:*:*",
"matchCriteriaId": "F788F6D9-5368-4B8E-BFA0-E8FB3CDADB01"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1:*:*:*:*:*:*",
"matchCriteriaId": "2927A40D-E8A3-4DB6-9C93-04A6C6035C3D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.1:*:*:*:*:*:*",
"matchCriteriaId": "1399BBB4-E62B-4FF6-B9E3-6AAC68D4D583"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.2:*:*:*:*:*:*",
"matchCriteriaId": "1EAD1423-4477-4C35-BF93-697A2C0697C6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.3:*:*:*:*:*:*",
"matchCriteriaId": "858353BC-12CB-4014-BFCA-DA7B1B3DD4B9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.4:*:*:*:*:*:*",
"matchCriteriaId": "865F72BF-57B2-4B0C-BACE-3500E0AE6751"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.5:*:*:*:*:*:*",
"matchCriteriaId": "39E11407-E0C0-454F-B731-7DA4CBC696EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2:*:*:*:*:*:*",
"matchCriteriaId": "247E71F8-A03B-4097-B7BF-09F8BF3ED4D6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.1:*:*:*:*:*:*",
"matchCriteriaId": "E0059C69-4A18-4153-9D9A-5C1B03AD1453"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.2:*:*:*:*:*:*",
"matchCriteriaId": "FC523C88-115E-4CD9-A8CB-AE6E6610F7D4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:*:*:*:*:*:*:*:*",
"versionEndExcluding": "22.7",
"matchCriteriaId": "FAD0FC91-CA1E-4DC3-A37E-1BF98906D07C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:-:*:*:*:*:*:*",
"matchCriteriaId": "1F22B988-2585-4853-9838-AB3746C8B888"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1:*:*:*:*:*:*",
"matchCriteriaId": "FD9BE8C2-43EB-4870-A4B7-267CB17A19F1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:22.7:r1.1:*:*:*:*:*:*",
"matchCriteriaId": "C8915BB2-C1C0-4189-A847-DDB2EF161D62"
}
]
}
]
}
],
"references": [
{
"url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs",
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75"
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"tags": [
"Vendor Advisory"
]
}
]
}

98
CVE-2024/CVE-2024-98xx/CVE-2024-9842.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-9842",
"sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"published": "2024-11-12T17:15:11.580",
"lastModified": "2024-11-13T17:01:58.603",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-17T19:55:48.957",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.0,
"impactScore": 4.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 3.3,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
@ -53,12 +73,84 @@
"value": "CWE-732"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-732"
},
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:secure_access_client:*:*:*:*:*:*:*:*",
"versionEndExcluding": "22.7",
"matchCriteriaId": "2347060E-FEC7-41EF-A0C0-5ED61B157223"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:secure_access_client:22.7:-:*:*:*:*:*:*",
"matchCriteriaId": "C419EC4C-AB98-4D73-82B2-00A0A1F5A435"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:secure_access_client:22.7:r1:*:*:*:*:*:*",
"matchCriteriaId": "F78C1CDE-FB11-4033-AEBA-D04D937EDD67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:secure_access_client:22.7:r1.1:*:*:*:*:*:*",
"matchCriteriaId": "12DF0E17-F261-48D1-B2B8-50E9AEAFEC27"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:secure_access_client:22.7:r2:*:*:*:*:*:*",
"matchCriteriaId": "E881D4BF-3222-4EF9-8A9B-0948973CCC89"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:secure_access_client:22.7:r3:*:*:*:*:*:*",
"matchCriteriaId": "D93F7D15-B61D-4EE7-9280-FC0B7C45C940"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs",
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75"
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"tags": [
"Vendor Advisory"
]
}
]
}

94
CVE-2024/CVE-2024-98xx/CVE-2024-9843.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-9843",
"sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"published": "2024-11-12T17:15:11.793",
"lastModified": "2024-11-13T17:01:58.603",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-17T20:00:21.843",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.3,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -49,12 +69,80 @@
"value": "CWE-126"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:secure_access_client:*:*:*:*:*:*:*:*",
"versionEndExcluding": "22.7",
"matchCriteriaId": "2347060E-FEC7-41EF-A0C0-5ED61B157223"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:secure_access_client:22.7:-:*:*:*:*:*:*",
"matchCriteriaId": "C419EC4C-AB98-4D73-82B2-00A0A1F5A435"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:secure_access_client:22.7:r1:*:*:*:*:*:*",
"matchCriteriaId": "F78C1CDE-FB11-4033-AEBA-D04D937EDD67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:secure_access_client:22.7:r1.1:*:*:*:*:*:*",
"matchCriteriaId": "12DF0E17-F261-48D1-B2B8-50E9AEAFEC27"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:secure_access_client:22.7:r2:*:*:*:*:*:*",
"matchCriteriaId": "E881D4BF-3222-4EF9-8A9B-0948973CCC89"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:secure_access_client:22.7:r3:*:*:*:*:*:*",
"matchCriteriaId": "D93F7D15-B61D-4EE7-9280-FC0B7C45C940"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
}
]
}
]
}
],
"references": [
{
"url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs",
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75"
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"tags": [
"Vendor Advisory"
]
}
]
}

112
CVE-2024/CVE-2024-98xx/CVE-2024-9844.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-9844",
"sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"published": "2024-12-10T19:15:31.607",
"lastModified": "2024-12-10T19:15:31.607",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-17T19:37:13.830",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 4.2
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -49,12 +69,98 @@
"value": "CWE-602"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*",
"versionEndExcluding": "22.7",
"matchCriteriaId": "201EB882-0B2A-47DB-B517-1E72A0542B27"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:-:*:*:*:*:*:*",
"matchCriteriaId": "F788F6D9-5368-4B8E-BFA0-E8FB3CDADB01"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1:*:*:*:*:*:*",
"matchCriteriaId": "2927A40D-E8A3-4DB6-9C93-04A6C6035C3D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.1:*:*:*:*:*:*",
"matchCriteriaId": "1399BBB4-E62B-4FF6-B9E3-6AAC68D4D583"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.2:*:*:*:*:*:*",
"matchCriteriaId": "1EAD1423-4477-4C35-BF93-697A2C0697C6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.3:*:*:*:*:*:*",
"matchCriteriaId": "858353BC-12CB-4014-BFCA-DA7B1B3DD4B9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.4:*:*:*:*:*:*",
"matchCriteriaId": "865F72BF-57B2-4B0C-BACE-3500E0AE6751"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.5:*:*:*:*:*:*",
"matchCriteriaId": "39E11407-E0C0-454F-B731-7DA4CBC696EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2:*:*:*:*:*:*",
"matchCriteriaId": "247E71F8-A03B-4097-B7BF-09F8BF3ED4D6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.1:*:*:*:*:*:*",
"matchCriteriaId": "E0059C69-4A18-4153-9D9A-5C1B03AD1453"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.2:*:*:*:*:*:*",
"matchCriteriaId": "FC523C88-115E-4CD9-A8CB-AE6E6610F7D4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.3:*:*:*:*:*:*",
"matchCriteriaId": "3447428E-DBCD-4553-B51D-AC08ECAFD881"
}
]
}
]
}
],
"references": [
{
"url": "https://forums.ivanti.com/s/article/December-2024-Security-Advisory-Ivanti-Connect-Secure-ICS-and-Ivanti-Policy-Secure-IPS-Multiple-CVEs",
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75"
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"tags": [
"Vendor Advisory"
]
}
]
}

145
CVE-2025/CVE-2025-05xx/CVE-2025-0534.json Normal file
View File

@ -0,0 +1,145 @@
{
"id": "CVE-2025-0534",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-01-17T19:15:28.777",
"lastModified": "2025-01-17T19:15:28.777",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in 1000 Projects Campaign Management System Platform for Women 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /Code/loginnew.php. The manipulation of the argument Username leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"baseScore": 7.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://1000projects.org/",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/onupset/CVE/issues/3",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.292418",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.292418",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.479128",
"source": "cna@vuldb.com"
}
]
}

141
CVE-2025/CVE-2025-05xx/CVE-2025-0535.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2025-0535",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-01-17T19:15:28.990",
"lastModified": "2025-01-17T19:15:28.990",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in Codezips Gym Management System 1.0. This affects an unknown part of the file /dashboard/admin/edit_mem_submit.php. The manipulation of the argument uid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseScore": 6.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/lan041221/cve/blob/main/SQL_Injection_in_Gym_Management_System.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.292419",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.292419",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.479159",
"source": "cna@vuldb.com"
}
]
}

145
CVE-2025/CVE-2025-05xx/CVE-2025-0536.json Normal file
View File

@ -0,0 +1,145 @@
{
"id": "CVE-2025-0536",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-01-17T20:15:29.583",
"lastModified": "2025-01-17T20:15:29.583",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in 1000 Projects Attendance Tracking Management System 1.0. This vulnerability affects unknown code of the file /admin/edit_action.php. The manipulation of the argument attendance_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseScore": 6.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://1000projects.org/",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/lan041221/cve/blob/main/Attendance_Tracking_Management_System_SQL_Injection.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.292420",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.292420",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.479251",
"source": "cna@vuldb.com"
}
]
}

145
CVE-2025/CVE-2025-05xx/CVE-2025-0537.json Normal file
View File

@ -0,0 +1,145 @@
{
"id": "CVE-2025-0537",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-01-17T20:15:29.767",
"lastModified": "2025-01-17T20:15:29.767",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, has been found in code-projects Car Rental Management System 1.0. This issue affects some unknown processing of the file /admin/manage-pages.php. The manipulation of the argument pgdetails leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "NONE",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 2.4,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 0.9,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:M/C:N/I:P/A:N",
"baseScore": 3.3,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "MULTIPLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE"
},
"baseSeverity": "LOW",
"exploitabilityScore": 6.4,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
},
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "https://code-projects.org/",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/aaryan-11-x/My-CVEs/blob/main/Stored%20XSS%20-%20Code-Projects%20Online%20Car%20Rental%20System%201.0.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.292421",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.292421",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.479864",
"source": "cna@vuldb.com"
}
]
}

60
CVE-2025/CVE-2025-211xx/CVE-2025-21128.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-21128",
"sourceIdentifier": "psirt@adobe.com",
"published": "2025-01-14T19:15:33.387",
"lastModified": "2025-01-14T19:15:33.387",
"vulnStatus": "Received",
"lastModified": "2025-01-17T20:37:35.437",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Substance3D - Stager versions 3.0.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
},
{
"lang": "es",
"value": "Las versiones 3.0.4 y anteriores de Substance3D - Stager se ven afectadas por una vulnerabilidad de desbordamiento de b\u00fafer basada en pila que podr\u00eda provocar la ejecuci\u00f3n de c\u00f3digo arbitrario en el contexto del usuario actual. Para explotar este problema es necesaria la interacci\u00f3n del usuario, ya que la v\u00edctima debe abrir un archivo malicioso."
}
],
"metrics": {
@ -38,19 +42,67 @@
"weaknesses": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-121"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:substance_3d_stager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.1.0",
"matchCriteriaId": "E286D1E5-DBA6-4F1D-96E9-E8FA62DD9DF2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/substance3d_stager/apsb25-03.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

80
CVE-2025/CVE-2025-211xx/CVE-2025-21129.json
View File

@ -2,19 +2,43 @@
"id": "CVE-2025-21129",
"sourceIdentifier": "psirt@adobe.com",
"published": "2025-01-14T19:15:33.550",
"lastModified": "2025-01-14T19:15:33.550",
"vulnStatus": "Received",
"lastModified": "2025-01-17T20:37:33.603",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Substance3D - Stager versions 3.0.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
},
{
"lang": "es",
"value": "Las versiones 3.0.4 y anteriores de Substance3D - Stager se ven afectadas por una vulnerabilidad de desbordamiento de b\u00fafer basado en el mont\u00f3n que podr\u00eda provocar la ejecuci\u00f3n de c\u00f3digo arbitrario en el contexto del usuario actual. Para explotar este problema es necesaria la interacci\u00f3n del usuario, ya que la v\u00edctima debe abrir un archivo malicioso."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -38,19 +62,67 @@
"weaknesses": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-122"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:substance_3d_stager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.1.0",
"matchCriteriaId": "E286D1E5-DBA6-4F1D-96E9-E8FA62DD9DF2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/substance3d_stager/apsb25-03.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

48
CVE-2025/CVE-2025-211xx/CVE-2025-21130.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-21130",
"sourceIdentifier": "psirt@adobe.com",
"published": "2025-01-14T19:15:33.723",
"lastModified": "2025-01-14T19:15:33.723",
"vulnStatus": "Received",
"lastModified": "2025-01-17T20:37:32.137",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Substance3D - Stager versions 3.0.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
},
{
"lang": "es",
"value": "Las versiones 3.0.4 y anteriores de Substance3D - Stager se ven afectadas por una vulnerabilidad de escritura fuera de los l\u00edmites que podr\u00eda provocar la ejecuci\u00f3n de c\u00f3digo arbitrario en el contexto del usuario actual. Para explotar este problema es necesaria la interacci\u00f3n del usuario, ya que la v\u00edctima debe abrir un archivo malicioso."
}
],
"metrics": {
@ -47,10 +51,48 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:substance_3d_stager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.1.0",
"matchCriteriaId": "E286D1E5-DBA6-4F1D-96E9-E8FA62DD9DF2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/substance3d_stager/apsb25-03.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

48
CVE-2025/CVE-2025-211xx/CVE-2025-21131.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-21131",
"sourceIdentifier": "psirt@adobe.com",
"published": "2025-01-14T19:15:33.897",
"lastModified": "2025-01-14T19:15:33.897",
"vulnStatus": "Received",
"lastModified": "2025-01-17T20:37:30.750",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Substance3D - Stager versions 3.0.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
},
{
"lang": "es",
"value": "Las versiones 3.0.4 y anteriores de Substance3D - Stager se ven afectadas por una vulnerabilidad de escritura fuera de los l\u00edmites que podr\u00eda provocar la ejecuci\u00f3n de c\u00f3digo arbitrario en el contexto del usuario actual. Para explotar este problema es necesaria la interacci\u00f3n del usuario, ya que la v\u00edctima debe abrir un archivo malicioso."
}
],
"metrics": {
@ -47,10 +51,48 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:substance_3d_stager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.1.0",
"matchCriteriaId": "E286D1E5-DBA6-4F1D-96E9-E8FA62DD9DF2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/substance3d_stager/apsb25-03.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

48
CVE-2025/CVE-2025-211xx/CVE-2025-21132.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-21132",
"sourceIdentifier": "psirt@adobe.com",
"published": "2025-01-14T19:15:34.047",
"lastModified": "2025-01-14T19:15:34.047",
"vulnStatus": "Received",
"lastModified": "2025-01-17T20:37:29.347",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Substance3D - Stager versions 3.0.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
},
{
"lang": "es",
"value": "Las versiones 3.0.4 y anteriores de Substance3D - Stager se ven afectadas por una vulnerabilidad de escritura fuera de los l\u00edmites que podr\u00eda provocar la ejecuci\u00f3n de c\u00f3digo arbitrario en el contexto del usuario actual. Para explotar este problema es necesaria la interacci\u00f3n del usuario, ya que la v\u00edctima debe abrir un archivo malicioso."
}
],
"metrics": {
@ -47,10 +51,48 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:substance_3d_stager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.1.0",
"matchCriteriaId": "E286D1E5-DBA6-4F1D-96E9-E8FA62DD9DF2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/substance3d_stager/apsb25-03.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

56
CVE-2025/CVE-2025-211xx/CVE-2025-21185.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-21185",
"sourceIdentifier": "secure@microsoft.com",
"published": "2025-01-17T20:15:30.227",
"lastModified": "2025-01-17T20:15:30.227",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21185",
"source": "secure@microsoft.com"
}
]
}

44
CVE-2025/CVE-2025-213xx/CVE-2025-21360.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-21360",
"sourceIdentifier": "secure@microsoft.com",
"published": "2025-01-14T18:16:01.470",
"lastModified": "2025-01-14T18:16:01.470",
"vulnStatus": "Received",
"lastModified": "2025-01-17T20:40:22.527",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de elevaci\u00f3n de privilegios en Microsoft AutoUpdate (MAU)"
}
],
"metrics": {
@ -38,19 +42,51 @@
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:autoupdate:*:*:*:*:*:macos:*:*",
"versionEndExcluding": "4.76",
"matchCriteriaId": "70D51276-3200-4FAA-A6BD-EFE0D12C63BF"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21360",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

54
CVE-2025/CVE-2025-213xx/CVE-2025-21361.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-21361",
"sourceIdentifier": "secure@microsoft.com",
"published": "2025-01-14T18:16:01.637",
"lastModified": "2025-01-14T18:16:01.637",
"vulnStatus": "Received",
"lastModified": "2025-01-17T20:39:49.017",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Microsoft Outlook Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en Microsoft Outlook"
}
],
"metrics": {
@ -38,19 +42,61 @@
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-641"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:office:2021:*:*:*:ltsc:macos:*:*",
"matchCriteriaId": "0DF36AFA-B48C-4423-AD1C-78EEFF85EF2C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:office:2024:*:*:*:ltsc:macos:*:*",
"matchCriteriaId": "873BD998-9D5A-4C09-A3B3-4DB12ABB6F72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:outlook:*:*:*:*:*:macos:*:*",
"versionEndExcluding": "16.93",
"matchCriteriaId": "CA396764-8253-45AA-BFDF-AE9F32C924C7"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21361",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

102
CVE-2025/CVE-2025-213xx/CVE-2025-21362.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-21362",
"sourceIdentifier": "secure@microsoft.com",
"published": "2025-01-14T18:16:01.820",
"lastModified": "2025-01-15T00:15:43.533",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-17T20:38:30.560",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Microsoft Excel Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en Microsoft Excel"
}
],
"metrics": {
@ -45,12 +49,104 @@
"value": "CWE-416"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*",
"matchCriteriaId": "3259EBFE-AE2D-48B8-BE9A-E22BBDB31378"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*",
"matchCriteriaId": "CD25F492-9272-4836-832C-8439EBE64CCF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:x64:*",
"matchCriteriaId": "CD88F667-6773-4DB7-B6C3-9C7B769C0808"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:x86:*",
"matchCriteriaId": "B342EF98-B414-44D0-BAFB-FCA24294EECE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:office:2019:*:*:*:*:-:x64:*",
"matchCriteriaId": "68F37A38-9BC3-43FD-8E71-4EED079156D4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:office:2019:*:*:*:*:-:x86:*",
"matchCriteriaId": "AFFA09D5-9992-462F-B52E-A1DDE2462064"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:office:2021:*:*:*:ltsc:*:x64:*",
"matchCriteriaId": "1AC0C23F-FC55-4DA1-8527-EB4432038FB0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:office:2021:*:*:*:ltsc:*:x86:*",
"matchCriteriaId": "A719B461-7869-46D0-9300-D0A348DC26A5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:office:2021:*:*:*:ltsc:macos:*:*",
"matchCriteriaId": "0DF36AFA-B48C-4423-AD1C-78EEFF85EF2C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:office:2024:*:*:*:ltsc:*:x64:*",
"matchCriteriaId": "19F65776-446D-404C-A830-990D4232791A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:office:2024:*:*:*:ltsc:*:x86:*",
"matchCriteriaId": "017875F7-5396-4069-9F9F-0BDA05143A25"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:office:2024:*:*:*:ltsc:macos:*:*",
"matchCriteriaId": "873BD998-9D5A-4C09-A3B3-4DB12ABB6F72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:office_online_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.0.10416.20047",
"matchCriteriaId": "AD3DBDB8-3DE3-47EC-9ACA-BC22CADFFFC9"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21362",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

44
CVE-2025/CVE-2025-213xx/CVE-2025-21399.json Normal file
View File

@ -0,0 +1,44 @@
{
"id": "CVE-2025-21399",
"sourceIdentifier": "secure@microsoft.com",
"published": "2025-01-17T20:15:46.117",
"lastModified": "2025-01-17T20:15:46.117",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Microsoft Edge (Chromium-based) Update Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.4,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21399",
"source": "secure@microsoft.com"
}
]
}

87
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2025-01-17T19:00:28.406135+00:00
2025-01-17T21:00:27.243000+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2025-01-17T18:35:09.950000+00:00
2025-01-17T21:00:00.330000+00:00
```
### Last Data Feed Release
@ -33,56 +33,59 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
277970
277985
```
### CVEs added in the last Commit
Recently added CVEs: `12`
Recently added CVEs: `15`
- [CVE-2024-12757](CVE-2024/CVE-2024-127xx/CVE-2024-12757.json) (`2025-01-17T18:15:24.690`)
- [CVE-2024-26153](CVE-2024/CVE-2024-261xx/CVE-2024-26153.json) (`2025-01-17T17:15:10.927`)
- [CVE-2024-26154](CVE-2024/CVE-2024-261xx/CVE-2024-26154.json) (`2025-01-17T17:15:11.147`)
- [CVE-2024-26155](CVE-2024/CVE-2024-261xx/CVE-2024-26155.json) (`2025-01-17T17:15:11.327`)
- [CVE-2024-26156](CVE-2024/CVE-2024-261xx/CVE-2024-26156.json) (`2025-01-17T17:15:11.533`)
- [CVE-2024-26157](CVE-2024/CVE-2024-261xx/CVE-2024-26157.json) (`2025-01-17T17:15:11.697`)
- [CVE-2024-45832](CVE-2024/CVE-2024-458xx/CVE-2024-45832.json) (`2025-01-17T17:15:11.870`)
- [CVE-2024-53683](CVE-2024/CVE-2024-536xx/CVE-2024-53683.json) (`2025-01-17T17:15:12.053`)
- [CVE-2024-54681](CVE-2024/CVE-2024-546xx/CVE-2024-54681.json) (`2025-01-17T17:15:12.227`)
- [CVE-2025-0430](CVE-2025/CVE-2025-04xx/CVE-2025-0430.json) (`2025-01-17T18:15:30.920`)
- [CVE-2025-0532](CVE-2025/CVE-2025-05xx/CVE-2025-0532.json) (`2025-01-17T18:15:31.237`)
- [CVE-2025-0533](CVE-2025/CVE-2025-05xx/CVE-2025-0533.json) (`2025-01-17T18:15:31.577`)
- [CVE-2024-13026](CVE-2024/CVE-2024-130xx/CVE-2024-13026.json) (`2025-01-17T20:15:27.600`)
- [CVE-2024-52870](CVE-2024/CVE-2024-528xx/CVE-2024-52870.json) (`2025-01-17T20:15:28.527`)
- [CVE-2024-57030](CVE-2024/CVE-2024-570xx/CVE-2024-57030.json) (`2025-01-17T20:15:28.667`)
- [CVE-2024-57031](CVE-2024/CVE-2024-570xx/CVE-2024-57031.json) (`2025-01-17T20:15:28.790`)
- [CVE-2024-57032](CVE-2024/CVE-2024-570xx/CVE-2024-57032.json) (`2025-01-17T20:15:28.910`)
- [CVE-2024-57034](CVE-2024/CVE-2024-570xx/CVE-2024-57034.json) (`2025-01-17T20:15:29.020`)
- [CVE-2024-57369](CVE-2024/CVE-2024-573xx/CVE-2024-57369.json) (`2025-01-17T20:15:29.140`)
- [CVE-2024-57370](CVE-2024/CVE-2024-573xx/CVE-2024-57370.json) (`2025-01-17T20:15:29.303`)
- [CVE-2024-57372](CVE-2024/CVE-2024-573xx/CVE-2024-57372.json) (`2025-01-17T20:15:29.447`)
- [CVE-2025-0534](CVE-2025/CVE-2025-05xx/CVE-2025-0534.json) (`2025-01-17T19:15:28.777`)
- [CVE-2025-0535](CVE-2025/CVE-2025-05xx/CVE-2025-0535.json) (`2025-01-17T19:15:28.990`)
- [CVE-2025-0536](CVE-2025/CVE-2025-05xx/CVE-2025-0536.json) (`2025-01-17T20:15:29.583`)
- [CVE-2025-0537](CVE-2025/CVE-2025-05xx/CVE-2025-0537.json) (`2025-01-17T20:15:29.767`)
- [CVE-2025-21185](CVE-2025/CVE-2025-211xx/CVE-2025-21185.json) (`2025-01-17T20:15:30.227`)
- [CVE-2025-21399](CVE-2025/CVE-2025-213xx/CVE-2025-21399.json) (`2025-01-17T20:15:46.117`)
### CVEs modified in the last Commit
Recently modified CVEs: `73`
Recently modified CVEs: `78`
- [CVE-2024-3315](CVE-2024/CVE-2024-33xx/CVE-2024-3315.json) (`2025-01-17T18:13:08.297`)
- [CVE-2024-3316](CVE-2024/CVE-2024-33xx/CVE-2024-3316.json) (`2025-01-17T18:05:50.107`)
- [CVE-2024-3376](CVE-2024/CVE-2024-33xx/CVE-2024-3376.json) (`2025-01-17T17:41:21.647`)
- [CVE-2024-3377](CVE-2024/CVE-2024-33xx/CVE-2024-3377.json) (`2025-01-17T17:35:40.243`)
- [CVE-2024-3427](CVE-2024/CVE-2024-34xx/CVE-2024-3427.json) (`2025-01-17T17:02:59.153`)
- [CVE-2024-48125](CVE-2024/CVE-2024-481xx/CVE-2024-48125.json) (`2025-01-17T18:15:25.547`)
- [CVE-2024-48126](CVE-2024/CVE-2024-481xx/CVE-2024-48126.json) (`2025-01-17T18:15:25.800`)
- [CVE-2024-50633](CVE-2024/CVE-2024-506xx/CVE-2024-50633.json) (`2025-01-17T18:15:26.043`)
- [CVE-2024-50954](CVE-2024/CVE-2024-509xx/CVE-2024-50954.json) (`2025-01-17T18:15:26.310`)
- [CVE-2024-54101](CVE-2024/CVE-2024-541xx/CVE-2024-54101.json) (`2025-01-17T18:09:53.447`)
- [CVE-2024-54535](CVE-2024/CVE-2024-545xx/CVE-2024-54535.json) (`2025-01-17T18:15:26.610`)
- [CVE-2024-57162](CVE-2024/CVE-2024-571xx/CVE-2024-57162.json) (`2025-01-17T18:15:27.240`)
- [CVE-2024-57577](CVE-2024/CVE-2024-575xx/CVE-2024-57577.json) (`2025-01-17T18:15:27.893`)
- [CVE-2024-57578](CVE-2024/CVE-2024-575xx/CVE-2024-57578.json) (`2025-01-17T18:15:28.430`)
- [CVE-2024-57579](CVE-2024/CVE-2024-575xx/CVE-2024-57579.json) (`2025-01-17T18:15:28.983`)
- [CVE-2024-57580](CVE-2024/CVE-2024-575xx/CVE-2024-57580.json) (`2025-01-17T17:15:12.410`)
- [CVE-2024-57581](CVE-2024/CVE-2024-575xx/CVE-2024-57581.json) (`2025-01-17T17:15:12.597`)
- [CVE-2024-57582](CVE-2024/CVE-2024-575xx/CVE-2024-57582.json) (`2025-01-17T17:15:12.797`)
- [CVE-2024-57615](CVE-2024/CVE-2024-576xx/CVE-2024-57615.json) (`2025-01-17T18:15:29.320`)
- [CVE-2024-57616](CVE-2024/CVE-2024-576xx/CVE-2024-57616.json) (`2025-01-17T18:15:29.573`)
- [CVE-2024-57617](CVE-2024/CVE-2024-576xx/CVE-2024-57617.json) (`2025-01-17T18:15:29.803`)
- [CVE-2024-57642](CVE-2024/CVE-2024-576xx/CVE-2024-57642.json) (`2025-01-17T18:15:30.030`)
- [CVE-2024-57768](CVE-2024/CVE-2024-577xx/CVE-2024-57768.json) (`2025-01-17T18:15:30.633`)
- [CVE-2024-9673](CVE-2024/CVE-2024-96xx/CVE-2024-9673.json) (`2025-01-17T17:15:12.997`)
- [CVE-2025-22904](CVE-2025/CVE-2025-229xx/CVE-2025-22904.json) (`2025-01-17T18:15:31.870`)
- [CVE-2024-29415](CVE-2024/CVE-2024-294xx/CVE-2024-29415.json) (`2025-01-17T20:15:27.950`)
- [CVE-2024-31343](CVE-2024/CVE-2024-313xx/CVE-2024-31343.json) (`2025-01-17T19:32:04.977`)
- [CVE-2024-3136](CVE-2024/CVE-2024-31xx/CVE-2024-3136.json) (`2025-01-17T19:21:25.430`)
- [CVE-2024-32118](CVE-2024/CVE-2024-321xx/CVE-2024-32118.json) (`2025-01-17T20:42:17.053`)
- [CVE-2024-33510](CVE-2024/CVE-2024-335xx/CVE-2024-33510.json) (`2025-01-17T20:35:31.247`)
- [CVE-2024-35274](CVE-2024/CVE-2024-352xx/CVE-2024-35274.json) (`2025-01-17T20:29:43.327`)
- [CVE-2024-38807](CVE-2024/CVE-2024-388xx/CVE-2024-38807.json) (`2025-01-17T20:15:28.130`)
- [CVE-2024-39908](CVE-2024/CVE-2024-399xx/CVE-2024-39908.json) (`2025-01-17T20:15:28.250`)
- [CVE-2024-41946](CVE-2024/CVE-2024-419xx/CVE-2024-41946.json) (`2025-01-17T20:15:28.380`)
- [CVE-2024-47906](CVE-2024/CVE-2024-479xx/CVE-2024-47906.json) (`2025-01-17T20:27:14.100`)
- [CVE-2024-7571](CVE-2024/CVE-2024-75xx/CVE-2024-7571.json) (`2025-01-17T19:45:37.847`)
- [CVE-2024-8495](CVE-2024/CVE-2024-84xx/CVE-2024-8495.json) (`2025-01-17T20:04:56.517`)
- [CVE-2024-8539](CVE-2024/CVE-2024-85xx/CVE-2024-8539.json) (`2025-01-17T20:02:50.283`)
- [CVE-2024-9420](CVE-2024/CVE-2024-94xx/CVE-2024-9420.json) (`2025-01-17T20:29:36.007`)
- [CVE-2024-9842](CVE-2024/CVE-2024-98xx/CVE-2024-9842.json) (`2025-01-17T19:55:48.957`)
- [CVE-2024-9843](CVE-2024/CVE-2024-98xx/CVE-2024-9843.json) (`2025-01-17T20:00:21.843`)
- [CVE-2024-9844](CVE-2024/CVE-2024-98xx/CVE-2024-9844.json) (`2025-01-17T19:37:13.830`)
- [CVE-2025-21128](CVE-2025/CVE-2025-211xx/CVE-2025-21128.json) (`2025-01-17T20:37:35.437`)
- [CVE-2025-21129](CVE-2025/CVE-2025-211xx/CVE-2025-21129.json) (`2025-01-17T20:37:33.603`)
- [CVE-2025-21130](CVE-2025/CVE-2025-211xx/CVE-2025-21130.json) (`2025-01-17T20:37:32.137`)
- [CVE-2025-21131](CVE-2025/CVE-2025-211xx/CVE-2025-21131.json) (`2025-01-17T20:37:30.750`)
- [CVE-2025-21132](CVE-2025/CVE-2025-211xx/CVE-2025-21132.json) (`2025-01-17T20:37:29.347`)
- [CVE-2025-21360](CVE-2025/CVE-2025-213xx/CVE-2025-21360.json) (`2025-01-17T20:40:22.527`)
- [CVE-2025-21361](CVE-2025/CVE-2025-213xx/CVE-2025-21361.json) (`2025-01-17T20:39:49.017`)
- [CVE-2025-21362](CVE-2025/CVE-2025-213xx/CVE-2025-21362.json) (`2025-01-17T20:38:30.560`)
## Download and Usage

341
_state.csv
View File

File diff suppressed because it is too large Load Diff