admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-04-17T22:00:20.536722+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-04-17 22:03:54 +00:00
parent 6c85b36176
commit 78240f22f6
655 changed files with 6527 additions and 2181 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
CVE-2019/CVE-2019-169xx/CVE-2019-16905.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2019-16905",
"sourceIdentifier": "cve@mitre.org",
"published": "2019-10-09T20:15:23.503",
"lastModified": "2024-11-21T04:31:18.910",
"lastModified": "2025-04-17T21:15:45.120",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -179,14 +179,6 @@
}
],
"references": [
{
"url": "https://0day.life/exploits/0day-1009.html",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1153537",
"source": "cve@mitre.org",

4
CVE-2020/CVE-2020-367xx/CVE-2020-36789.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-36789",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-04-17T18:15:42.743",
"lastModified": "2025-04-17T18:15:42.743",
"vulnStatus": "Received",
"lastModified": "2025-04-17T20:21:05.203",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

32
CVE-2021/CVE-2021-469xx/CVE-2021-46900.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-46900",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-31T05:15:08.040",
"lastModified": "2024-11-21T06:34:53.330",
"lastModified": "2025-04-17T20:15:21.370",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-327"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-327"
}
]
}
],
"configurations": [

4
CVE-2021/CVE-2021-476xx/CVE-2021-47668.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47668",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-04-17T18:15:43.623",
"lastModified": "2025-04-17T19:15:51.200",
"vulnStatus": "Received",
"lastModified": "2025-04-17T20:21:05.203",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2021/CVE-2021-476xx/CVE-2021-47669.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47669",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-04-17T18:15:43.730",
"lastModified": "2025-04-17T19:15:51.363",
"vulnStatus": "Received",
"lastModified": "2025-04-17T20:21:05.203",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2021/CVE-2021-476xx/CVE-2021-47670.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47670",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-04-17T18:15:43.833",
"lastModified": "2025-04-17T19:15:51.510",
"vulnStatus": "Received",
"lastModified": "2025-04-17T20:21:05.203",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

41
CVE-2021/CVE-2021-476xx/CVE-2021-47671.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47671",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-04-17T18:15:43.933",
"lastModified": "2025-04-17T18:15:43.933",
"vulnStatus": "Received",
"lastModified": "2025-04-17T20:21:05.203",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -11,7 +11,42 @@
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: etas_es58x: es58x_rx_err_msg(): fix memory leak in error path\n\nIn es58x_rx_err_msg(), if can->do_set_mode() fails, the function\ndirectly returns without calling netif_rx(skb). This means that the\nskb previously allocated by alloc_can_err_skb() is not freed. In other\nterms, this is a memory leak.\n\nThis patch simply removes the return statement in the error branch and\nlet the function continue.\n\nIssue was found with GCC -fanalyzer, please follow the link below for\ndetails."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 3.3,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/4f389e1276a5389c92cef860c9fde8e1c802a871",

4
CVE-2022/CVE-2022-263xx/CVE-2022-26323.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-26323",
"sourceIdentifier": "security@opentext.com",
"published": "2025-04-17T15:15:45.547",
"lastModified": "2025-04-17T15:15:45.547",
"vulnStatus": "Received",
"lastModified": "2025-04-17T20:21:48.243",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

32
CVE-2022/CVE-2022-425xx/CVE-2022-42505.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-42505",
"sourceIdentifier": "security@android.com",
"published": "2022-12-16T16:15:22.747",
"lastModified": "2024-11-21T07:25:05.747",
"lastModified": "2025-04-17T21:15:45.450",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-425xx/CVE-2022-42506.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-42506",
"sourceIdentifier": "security@android.com",
"published": "2022-12-16T16:15:22.793",
"lastModified": "2024-11-21T07:25:05.873",
"lastModified": "2025-04-17T21:15:45.597",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-425xx/CVE-2022-42507.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-42507",
"sourceIdentifier": "security@android.com",
"published": "2022-12-16T16:15:22.840",
"lastModified": "2024-11-21T07:25:06.007",
"lastModified": "2025-04-17T21:15:45.747",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-425xx/CVE-2022-42508.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-42508",
"sourceIdentifier": "security@android.com",
"published": "2022-12-16T16:15:22.887",
"lastModified": "2024-11-21T07:25:06.140",
"lastModified": "2025-04-17T21:15:45.897",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-425xx/CVE-2022-42514.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-42514",
"sourceIdentifier": "security@android.com",
"published": "2022-12-16T16:15:23.170",
"lastModified": "2024-11-21T07:25:06.870",
"lastModified": "2025-04-17T20:15:23.273",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-125"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-425xx/CVE-2022-42515.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-42515",
"sourceIdentifier": "security@android.com",
"published": "2022-12-16T16:15:23.220",
"lastModified": "2024-11-21T07:25:06.993",
"lastModified": "2025-04-17T20:15:23.503",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-125"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-425xx/CVE-2022-42516.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-42516",
"sourceIdentifier": "security@android.com",
"published": "2022-12-16T16:15:23.267",
"lastModified": "2024-11-21T07:25:07.120",
"lastModified": "2025-04-17T20:15:23.683",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-125"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-425xx/CVE-2022-42517.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-42517",
"sourceIdentifier": "security@android.com",
"published": "2022-12-16T16:15:23.310",
"lastModified": "2024-11-21T07:25:07.240",
"lastModified": "2025-04-17T20:15:23.840",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-125"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-425xx/CVE-2022-42518.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-42518",
"sourceIdentifier": "security@android.com",
"published": "2022-12-16T16:15:23.357",
"lastModified": "2024-11-21T07:25:07.373",
"lastModified": "2025-04-17T20:15:24.020",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-425xx/CVE-2022-42519.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-42519",
"sourceIdentifier": "security@android.com",
"published": "2022-12-16T16:15:23.407",
"lastModified": "2024-11-21T07:25:07.510",
"lastModified": "2025-04-17T20:15:24.197",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-425xx/CVE-2022-42520.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-42520",
"sourceIdentifier": "security@android.com",
"published": "2022-12-16T16:15:23.450",
"lastModified": "2024-11-21T07:25:07.647",
"lastModified": "2025-04-17T20:15:24.357",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-416"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-425xx/CVE-2022-42521.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-42521",
"sourceIdentifier": "security@android.com",
"published": "2022-12-16T16:15:23.507",
"lastModified": "2024-11-21T07:25:07.773",
"lastModified": "2025-04-17T20:15:24.537",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-425xx/CVE-2022-42522.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-42522",
"sourceIdentifier": "security@android.com",
"published": "2022-12-16T16:15:23.580",
"lastModified": "2024-11-21T07:25:07.900",
"lastModified": "2025-04-17T20:15:24.707",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-125"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-425xx/CVE-2022-42523.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-42523",
"sourceIdentifier": "security@android.com",
"published": "2022-12-16T16:15:23.627",
"lastModified": "2024-11-21T07:25:08.017",
"lastModified": "2025-04-17T20:15:24.867",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-425xx/CVE-2022-42524.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-42524",
"sourceIdentifier": "security@android.com",
"published": "2022-12-16T16:15:23.673",
"lastModified": "2024-11-21T07:25:08.133",
"lastModified": "2025-04-17T20:15:25.033",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-125"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-425xx/CVE-2022-42526.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-42526",
"sourceIdentifier": "security@android.com",
"published": "2022-12-16T16:15:23.763",
"lastModified": "2024-11-21T07:25:08.380",
"lastModified": "2025-04-17T20:15:25.190",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-425xx/CVE-2022-42531.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-42531",
"sourceIdentifier": "security@android.com",
"published": "2022-12-16T16:15:23.950",
"lastModified": "2024-11-21T07:25:08.973",
"lastModified": "2025-04-17T20:15:25.360",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-770"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-425xx/CVE-2022-42532.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-42532",
"sourceIdentifier": "security@android.com",
"published": "2022-12-16T16:15:23.997",
"lastModified": "2024-11-21T07:25:09.107",
"lastModified": "2025-04-17T20:15:25.520",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-125"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-464xx/CVE-2022-46487.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-46487",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-30T03:15:08.233",
"lastModified": "2024-11-21T07:30:38.080",
"lastModified": "2025-04-17T20:15:25.697",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-665"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-665"
}
]
}
],
"configurations": [

142
CVE-2022/CVE-2022-493xx/CVE-2022-49382.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49382",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T07:01:14.823",
"lastModified": "2025-02-26T07:01:14.823",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-17T20:43:37.670",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,39 +15,159 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: soc: rockchip: Se ha corregido la p\u00e9rdida de recuento de referencias en rockchip_grf_init. of_find_matching_node_and_match devuelve un puntero de nodo con el recuento de referencias incrementado. Deber\u00edamos usar of_node_put() en \u00e9l cuando haya terminado. Se ha a\u00f1adido el error of_node_put() que falta para evitar la p\u00e9rdida de recuento de referencias."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.11",
"versionEndExcluding": "4.14.283",
"matchCriteriaId": "FF98449F-152A-4015-820F-25898203A48F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.247",
"matchCriteriaId": "B8CFA0F4-2D75-41F4-9753-87944A08B53B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.198",
"matchCriteriaId": "3EC49633-14DE-4EBD-BB80-76AE2E3EABB9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.122",
"matchCriteriaId": "1B42AA01-44D8-4572-95E6-FF8E374CF9C5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.47",
"matchCriteriaId": "FC042EE3-4864-4325-BE0B-4BCDBF11AA61"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.17.15",
"matchCriteriaId": "53E7AA2E-2FB4-45CA-A22B-08B4EDBB51AD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.18",
"versionEndExcluding": "5.18.4",
"matchCriteriaId": "FA6D643C-6D6A-4821-8A8D-B5776B8F0103"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/042571fe1d171773655ad706715ecc865913d9a4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/28133325526b92921f3269fdf97a20d90b92b217",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5b3e990f85eb034faa461e691e719e8ce9e2a3c8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/69a30b2ed620c2206cbbd1e9c112e4fc584e02bd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8f64e84924604bb969ee1fbc4b8d7d09b9214889",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9b59588d8be91c96bfb0371e912ceb4f16315dbf",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/aab25b669cb9fd3698c2631be4435f4fe92d9e59",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d5422f323858cad3ac3581075f9a3a5e0d41c0d8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

94
CVE-2022/CVE-2022-493xx/CVE-2022-49384.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49384",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T07:01:15.007",
"lastModified": "2025-02-26T07:01:15.007",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-17T20:46:22.857",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,23 +15,103 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: md: se corrige la doble liberaci\u00f3n de io_acct_set bioset Ahora io_acct_set est\u00e1 asignado y libre en la personalidad. Elimine los c\u00f3digos que liberan io_acct_set en md_free y md_stop."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-415"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.15.17",
"versionEndExcluding": "5.15.46",
"matchCriteriaId": "AF862C56-763E-4CF4-815B-F3DE178BA5BB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16.3",
"versionEndExcluding": "5.17.14",
"matchCriteriaId": "F4B0E194-E4BB-42EF-AD72-E601CF20599D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.18",
"versionEndExcluding": "5.18.3",
"matchCriteriaId": "8E122216-2E9E-4B3E-B7B8-D575A45BA3C2"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/36a2fc44c574a59ee3b5e2cb327182f227b2b07e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/42b805af102471f53e3c7867b8c2b502ea4eef7e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ea7d7bd90079d96f9c86bdaf0b106e0cd2a70661",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f99d5b5dc8a42c807b5f1176b925aa45d61962ab",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

106
CVE-2022/CVE-2022-493xx/CVE-2022-49386.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49386",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T07:01:15.233",
"lastModified": "2025-02-26T07:01:15.233",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-17T20:46:32.953",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,27 +15,117 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: ethernet: ti: am65-cpsw-nuss: Se corrigen algunas fugas de refcount of_get_child_by_name() devuelve un puntero de nodo con refcount incrementado, deber\u00edamos usar of_node_put() en \u00e9l cuando ya no lo necesitemos. am65_cpsw_init_cpts() y am65_cpsw_nuss_probe() no liberan el refcount en caso de error. Agregue of_node_put() faltante para evitar la fuga de refcount."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.7",
"versionEndExcluding": "5.10.122",
"matchCriteriaId": "B3847246-7313-4AED-A858-E8131022F58E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.47",
"matchCriteriaId": "FC042EE3-4864-4325-BE0B-4BCDBF11AA61"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.17.15",
"matchCriteriaId": "53E7AA2E-2FB4-45CA-A22B-08B4EDBB51AD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.18",
"versionEndExcluding": "5.18.4",
"matchCriteriaId": "FA6D643C-6D6A-4821-8A8D-B5776B8F0103"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/2e44f21c384503562713b7d3b673c40bed20af3d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5dd89d2fc438457811cbbec07999ce0d80051ff5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/78aca10a16f001c9f49f1cc4dadfee8d444bb173",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a4b7ef3b159805ba6be061d0cd2403d84b9b0063",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f7ba2cc57f404d2d9f26fb85bd3833d35a477829",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

82
CVE-2022/CVE-2022-493xx/CVE-2022-49387.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49387",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T07:01:15.343",
"lastModified": "2025-02-26T07:01:15.343",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-17T20:46:46.433",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,19 +15,89 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: watchdog: rzg2l_wdt: soluciona el problema de desbordamiento de 32 bits El valor de timer_cycle_us puede ser 0 debido al desbordamiento de 32 bits. Por ejemplo: si asignamos el valor del contador \"0xfff\" para calcular maxval. Este parche soluciona este problema a\u00f1adiendo ULL a 1024, de modo que se promueva a 64 bits. Este parche tambi\u00e9n soluciona el mensaje de advertencia, 'watchdog: Invalid min and max timeout values, resetting to 0!'."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.17",
"versionEndExcluding": "5.17.15",
"matchCriteriaId": "A5433C40-FA2E-4DDC-BBD9-8C7F577788FC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.18",
"versionEndExcluding": "5.18.4",
"matchCriteriaId": "FA6D643C-6D6A-4821-8A8D-B5776B8F0103"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/b95a47667d34e76c2c9013f8e3b1e5039a5a0b76",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e07b9fa0dc32b492de85528caaf9f0c605d8424f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ea2949df22a533cdf75e4583c00b1ce94cd5a83b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

161
CVE-2022/CVE-2022-493xx/CVE-2022-49389.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49389",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T07:01:15.527",
"lastModified": "2025-02-26T07:01:15.527",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-17T20:47:02.810",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,43 +15,180 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: usb: usbip: se corrige una p\u00e9rdida de recuento de referencias en stub_probe(). Se llama a usb_get_dev() en stub_device_alloc(). Cuando stub_probe() falla despu\u00e9s de eso, se debe llamar a usb_put_dev() para liberar la referencia. Corrija esto moviendo usb_put_dev() a la gesti\u00f3n de la ruta de error sdev_free. Encuentre esto mediante la revisi\u00f3n del c\u00f3digo."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.16.58",
"versionEndExcluding": "3.17",
"matchCriteriaId": "C1981AEB-4867-4AB9-8168-BAB8D6567131"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.18.110",
"versionEndExcluding": "4.9.318",
"matchCriteriaId": "176B105C-69C3-48BA-9FEE-EDA73C23AD32"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.10",
"versionEndExcluding": "4.14.283",
"matchCriteriaId": "D6823775-2653-4644-A0D4-4E6E68F10C65"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.247",
"matchCriteriaId": "B8CFA0F4-2D75-41F4-9753-87944A08B53B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.198",
"matchCriteriaId": "3EC49633-14DE-4EBD-BB80-76AE2E3EABB9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.122",
"matchCriteriaId": "1B42AA01-44D8-4572-95E6-FF8E374CF9C5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.47",
"matchCriteriaId": "FC042EE3-4864-4325-BE0B-4BCDBF11AA61"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.17.15",
"matchCriteriaId": "53E7AA2E-2FB4-45CA-A22B-08B4EDBB51AD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.18",
"versionEndExcluding": "5.18.4",
"matchCriteriaId": "FA6D643C-6D6A-4821-8A8D-B5776B8F0103"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/11c65408bd0ba1d9cd1307caa38169292de9cdfb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/247d3809e45a34d9e1a3a2bb7012e31ed8b46031",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/2f0ae93ec33c8456cdfbf7876b80403a6318ebce",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/51422046be504515eb5a591adf0f424b62f46804",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6bafee2f18af5e5ac125e42960bc65496d0e56a0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8afb048800919d0ab10c57983940eba956339f21",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9ec4cbf1cc55d126759051acfe328d489c5d6e60",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/bcbb795a9e78180d74c6ab21518da87e803dfdce",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f20d2d3b3364ce6525c050a8b6b4c54c8c19674d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

70
CVE-2022/CVE-2022-493xx/CVE-2022-49391.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49391",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T07:01:15.713",
"lastModified": "2025-02-26T07:01:15.713",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-17T20:47:41.367",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,15 +15,75 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: remoteproc: mtk_scp: Se corrige una posible doble liberaci\u00f3n: 'scp->rproc' se asigna mediante devm_rproc_alloc(), por lo que no es necesario liberarlo expl\u00edcitamente en la funci\u00f3n de eliminaci\u00f3n."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-415"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.18",
"versionEndExcluding": "5.18.4",
"matchCriteriaId": "FA6D643C-6D6A-4821-8A8D-B5776B8F0103"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/adc02700236613b344a947a897fc2741d52a43b9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/eac3e5b1c12f85732e60f5f8b985444d273866bb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

94
CVE-2022/CVE-2022-493xx/CVE-2022-49392.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49392",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T07:01:15.803",
"lastModified": "2025-02-26T07:01:15.803",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-17T20:48:19.663",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,23 +15,103 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: serial: 8250_aspeed_vuart: Se solucion\u00f3 una posible desreferenciaci\u00f3n de NULL en aspeed_vuart_probe. platform_get_resource() puede fallar y devolver NULL, por lo que deber\u00edamos verificar mejor su valor de retorno para evitar una desreferenciaci\u00f3n de puntero NULL."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.14",
"versionEndExcluding": "5.15.47",
"matchCriteriaId": "98F36895-C3DC-4DC5-A1C6-F68015C3F425"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.17.15",
"matchCriteriaId": "53E7AA2E-2FB4-45CA-A22B-08B4EDBB51AD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.18",
"versionEndExcluding": "5.18.4",
"matchCriteriaId": "FA6D643C-6D6A-4821-8A8D-B5776B8F0103"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/0e0fd55719fa081de6f9e5d9e6cef48efb04d34a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/90a6b6fc52bfdcfe9698454bf5bea26112abbcd1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/923d34ce069e8e51a4d003caa6b66a8cd6ecd0ed",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d5f1275f101e0e8a172d300d897f5a12e87e3485",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

154
CVE-2022/CVE-2022-493xx/CVE-2022-49395.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49395",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T07:01:16.080",
"lastModified": "2025-02-26T07:01:16.080",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-17T20:48:39.660",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,43 +15,173 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: um: Se corrige la lectura fuera de los l\u00edmites en la configuraci\u00f3n de LDT syscall_stub_data() espera que el par\u00e1metro data_count sea el n\u00famero de longs, no bytes. ===================================================================== ERROR: KASAN: stack-out-of-bounds in syscall_stub_data+0x70/0xe0 Read of size 128 at addr 000000006411f6f0 by task swapper/1 CPU: 0 PID: 1 Comm: swapper Not tainted 5.18.0+ #18 Call Trace: show_stack.cold+0x166/0x2a7 __dump_stack+0x3a/0x43 dump_stack_lvl+0x1f/0x27 print_report.cold+0xdb/0xf81 kasan_report+0x119/0x1f0 kasan_check_range+0x3a3/0x440 memcpy+0x52/0x140 syscall_stub_data+0x70/0xe0 write_ldt_entry+0xac/0x190 init_new_ldt+0x515/0x960 init_new_context+0x2c4/0x4d0 mm_init.constprop.0+0x5ed/0x760 mm_alloc+0x118/0x170 0x60033f48 do_one_initcall+0x1d7/0x860 0x60003e7b kernel_init+0x6e/0x3d4 new_thread_handler+0x1e7/0x2c0 The buggy address belongs to stack of task swapper/1 and is located at offset 64 in frame: init_new_ldt+0x0/0x960 This frame has 2 objects: [32, 40) 'addr' [64, 80) 'desc' =================================================================="
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.6.15",
"versionEndExcluding": "4.9.318",
"matchCriteriaId": "0DED0F6A-FC03-4637-B95D-CCE9C053BD2B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.10",
"versionEndExcluding": "4.14.283",
"matchCriteriaId": "D6823775-2653-4644-A0D4-4E6E68F10C65"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.247",
"matchCriteriaId": "B8CFA0F4-2D75-41F4-9753-87944A08B53B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.198",
"matchCriteriaId": "3EC49633-14DE-4EBD-BB80-76AE2E3EABB9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.121",
"matchCriteriaId": "34ACD872-E5BC-401C-93D5-B357A62426E0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.46",
"matchCriteriaId": "20D41697-0E8B-4B7D-8842-F17BF2AA21E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.17.14",
"matchCriteriaId": "15E2DD33-2255-4B76-9C15-04FF8CBAB252"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.18",
"versionEndExcluding": "5.18.3",
"matchCriteriaId": "8E122216-2E9E-4B3E-B7B8-D575A45BA3C2"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/10995a382271254bd276627ec74136da4a23c4a6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/24ca648bf5f72ed8878cf09b5d4431935779681e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/2a4a62a14be1947fa945c5c11ebf67326381a568",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3549ab4b962cf619e8c55484a0d870a34b3f845f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/668ca34a428d6ffc0f99a1a6a9b661a288d4183b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/91e5ba2af2d729d5126aefd5aa3eadc69b8426e5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9caad70819aef3431abaf73ba5163b55b161aba0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/cf0dabc37446c5ee538ae7b4c467ab0e53fa5463",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ef1dc929a1e5fa1b2d842256db9fb8710d3be910",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

94
CVE-2022/CVE-2022-494xx/CVE-2022-49400.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49400",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T07:01:16.570",
"lastModified": "2025-02-26T07:01:16.570",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-17T20:49:08.000",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,23 +15,103 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: md: No establezca mddev private en NULL en raid0 pers->free En el proceso de detenci\u00f3n normal, hace lo siguiente: do_md_stop | __md_stop (pers->free(); mddev->private=NULL) | md_free (free mddev) __md_stop establece mddev->private en NULL despu\u00e9s de pers->free. El dispositivo raid se detendr\u00e1 y la memoria mddev estar\u00e1 libre. Pero en reshape, no libera el mddev y mddev se seguir\u00e1 usando en el nuevo raid. En reshape, primero establece mddev->private en new_pers y luego ejecuta old_pers->free(). Ahora raid0 establece mddev->private en NULL en raid0_free. El nuevo raid ya no puede funcionar. Entrar\u00e1 en p\u00e1nico cuando desreferencia mddev->private debido a la desreferencia del puntero NULL. Puede entrar en p\u00e1nico de esta manera: [63010.814972] \u00a1ERROR del kernel en drivers/md/raid10.c:928! [63010.819778] invalid opcode: 0000 [#1] PREEMPT SMP NOPTI [63010.825011] CPU: 3 PID: 44437 Comm: md0_resync Kdump: loaded Not tainted 5.14.0-86.el9.x86_64 #1 [63010.833789] Hardware name: Dell Inc. PowerEdge R6415/07YXFK, BIOS 1.15.0 09/11/2020 [63010.841440] RIP: 0010:raise_barrier+0x161/0x170 [raid10] [63010.865508] RSP: 0018:ffffc312408bbc10 EFLAGS: 00010246 [63010.870734] RAX: 0000000000000000 RBX: ffffa00bf7d39800 RCX: 0000000000000000 [63010.877866] RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffffa00bf7d39800 [63010.884999] RBP: 0000000000000000 R08: fffffa4945e74400 R09: 0000000000000000 [63010.892132] R10: ffffa00eed02f798 R11: 0000000000000000 R12: ffffa00bbc435200 [63010.899266] R13: ffffa00bf7d39800 R14: 0000000000000400 R15: 0000000000000003 [63010.906399] FS: 0000000000000000(0000) GS:ffffa00eed000000(0000) knlGS:0000000000000000 [63010.914485] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [63010.920229] CR2: 00007f5cfbe99828 CR3: 0000000105efe000 CR4: 00000000003506e0 [63010.927363] Call Trace: [63010.929822] ? bio_reset+0xe/0x40 [63010.933144] ? raid10_alloc_init_r10buf+0x60/0xa0 [raid10] [63010.938629] raid10_sync_request+0x756/0x1610 [raid10] [63010.943770] md_do_sync.cold+0x3e4/0x94c [63010.947698] md_thread+0xab/0x160 [63010.951024] ? md_write_inc+0x50/0x50 [63010.954688] kthread+0x149/0x170 [63010.957923] ? set_kthread_struct+0x40/0x40 [63010.962107] ret_from_fork+0x22/0x30 Eliminar el c\u00f3digo que establece mddev->private en NULL en raid0 puede solucionar el problema."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.15.17",
"versionEndExcluding": "5.15.46",
"matchCriteriaId": "AF862C56-763E-4CF4-815B-F3DE178BA5BB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16.3",
"versionEndExcluding": "5.17.14",
"matchCriteriaId": "F4B0E194-E4BB-42EF-AD72-E601CF20599D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.18",
"versionEndExcluding": "5.18.3",
"matchCriteriaId": "8E122216-2E9E-4B3E-B7B8-D575A45BA3C2"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/0f2571ad7a30ff6b33cde142439f9378669f8b4f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7da3454a65f8a56e65dfb44fa0ccac08cbc2f5a1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b7a51df785031cc49caf1c59766ca89cfa97b54b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f63fd1e0e0fc158023cc67ea6a07e278019061ba",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

82
CVE-2022/CVE-2022-494xx/CVE-2022-49403.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49403",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T07:01:16.847",
"lastModified": "2025-02-26T07:01:16.847",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-17T20:28:43.913",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,19 +15,89 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: lib/string_helpers: se ha corregido el problema de no a\u00f1adir strarray a la lista de recursos del dispositivo. Se a\u00f1ade el strarray asignado a la lista de recursos del dispositivo. Esto es imprescindible para liberar autom\u00e1ticamente strarray cuando el dispositivo desaparece. Sin esta correcci\u00f3n, tenemos una p\u00e9rdida de memoria en los pocos controladores que utilizan devm_kasprintf_strarray()."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.17",
"versionEndExcluding": "5.17.14",
"matchCriteriaId": "C48ED8B1-C02B-4764-9298-070E29EF1F88"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.18",
"versionEndExcluding": "5.18.3",
"matchCriteriaId": "8E122216-2E9E-4B3E-B7B8-D575A45BA3C2"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/a152eb42fcecfe41239c3c6695342f3a128593e7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/bf29edab0c9ff3d2633b8306a67d04c357e2a385",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/cd290a9839cee2f6641558877e707bd373c8f6f1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

154
CVE-2022/CVE-2022-494xx/CVE-2022-49404.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49404",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T07:01:16.937",
"lastModified": "2025-02-26T07:01:16.937",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-17T20:28:49.200",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,43 +15,173 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: RDMA/hfi1: Se corrigen posibles errores de desbordamiento de multiplicaci\u00f3n de enteros Al multiplicar diferentes tipos, es posible que se produzca un desbordamiento incluso cuando se almacena el resultado en un tipo m\u00e1s grande. Esto se debe a que la conversi\u00f3n se realiza despu\u00e9s de la multiplicaci\u00f3n. Por lo tanto, es posible que se produzca un desbordamiento aritm\u00e9tico y, por lo tanto, un valor incorrecto. Corrija una instancia de esto en el c\u00e1lculo del retraso entre paquetes. Solucione asegur\u00e1ndose de que uno de los operandos sea u64, lo que promover\u00e1 el otro a u64 y tambi\u00e9n garantizar\u00e1 que no haya desbordamiento."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.3",
"versionEndExcluding": "4.9.318",
"matchCriteriaId": "F1C012DB-8F29-4B2B-BD28-40BDE97C3304"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.10",
"versionEndExcluding": "4.14.283",
"matchCriteriaId": "D6823775-2653-4644-A0D4-4E6E68F10C65"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.247",
"matchCriteriaId": "B8CFA0F4-2D75-41F4-9753-87944A08B53B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.198",
"matchCriteriaId": "3EC49633-14DE-4EBD-BB80-76AE2E3EABB9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.121",
"matchCriteriaId": "34ACD872-E5BC-401C-93D5-B357A62426E0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.46",
"matchCriteriaId": "20D41697-0E8B-4B7D-8842-F17BF2AA21E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.17.14",
"matchCriteriaId": "15E2DD33-2255-4B76-9C15-04FF8CBAB252"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.18",
"versionEndExcluding": "5.18.3",
"matchCriteriaId": "8E122216-2E9E-4B3E-B7B8-D575A45BA3C2"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/06039d8afefdbac05bcea5f397188407eba2996d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/252f4afd4557a2e7075f793a5c80fe6dd9e9ee4a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/31dca00d0cc9f4133320d72eb7e3720badc6d6e6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3f09ec80f115d2875d747ed28adc1773037e0f8b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/79c164e61f818054cd6012e9035701840d895c51",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8858284dd74906fa00f04f0252c75df4893a7959",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a89cb7ddf6a89bab6012e19da38b7cdb26175c19",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ef5ab2e48a5f9960e2352332b7cdb7064bb49032",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f93e91a0372c922c20d5bee260b0f43b4b8a1bee",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

82
CVE-2022/CVE-2022-494xx/CVE-2022-49406.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49406",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T07:01:17.123",
"lastModified": "2025-02-26T07:01:17.123",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-17T20:29:18.050",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,19 +15,89 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: block: Fix potential deadlock in blk_ia_range_sysfs_show() Cuando se lee, un atributo sysfs ya est\u00e1 protegido contra la eliminaci\u00f3n con el contador de referencia activo del nodo kobject. Como resultado, en blk_ia_range_sysfs_show(), no es necesario tomar el bloqueo sysfs de la cola al leer el valor de un atributo de rango. El uso del bloqueo de cola sysfs en esta funci\u00f3n crea una posible situaci\u00f3n de bloqueo con la eliminaci\u00f3n del disco, algo que un lockdep se\u00f1ala con un splat cuando se elimina el dispositivo: [ 760.703551] Posible escenario de bloqueo inseguro: [ 760.703551] [ 760.703554] CPU0 CPU1 [ 760.703556] ---- ---- [ 760.703558] lock(&q->sysfs_lock); [ 760.703565] lock(kn->active#385); [ 760.703573] lock(&q->sysfs_lock); [ 760.703579] lock(kn->active#385); [ 760.703587] [ 760.703587] *** DEADLOCK *** Solve this by removing the mutex_lock()/mutex_unlock() calls from blk_ia_range_sysfs_show(). "
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-667"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.17.14",
"matchCriteriaId": "15E2DD33-2255-4B76-9C15-04FF8CBAB252"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.18",
"versionEndExcluding": "5.18.3",
"matchCriteriaId": "8E122216-2E9E-4B3E-B7B8-D575A45BA3C2"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/41e46b3c2aa24f755b2ae9ec4ce931ba5f0d8532",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/717b078bc745ba9a262abebed9806a17e8bbb77b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/dc107c805cde709866b59867ef72b9390199205e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

82
CVE-2022/CVE-2022-494xx/CVE-2022-49408.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49408",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T07:01:17.323",
"lastModified": "2025-02-26T07:01:17.323",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-17T20:29:52.707",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,19 +15,89 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ext4: se corrige la p\u00e9rdida de memoria en parse_apply_sb_mount_options() Si el procesamiento de las opciones de montaje en disco falla despu\u00e9s de que se haya asignado memoria en ext4_fs_context, por ejemplo, s_qf_names, entonces se produce una p\u00e9rdida de memoria. Corrija esto llamando a ext4_fc_free() en lugar de kfree() directamente. Reproductor: mkfs.ext4 -F /dev/vdc tune2fs /dev/vdc -E mount_opts=usrjquota=file echo clear > /sys/kernel/debug/kmemleak mount /dev/vdc /vdc echo scan > /sys/kernel/debug/kmemleak sleep 5 echo scan > /sys/kernel/debug/kmemleak cat /sys/kernel/debug/kmemleak"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.17",
"versionEndExcluding": "5.17.14",
"matchCriteriaId": "C48ED8B1-C02B-4764-9298-070E29EF1F88"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.18",
"versionEndExcluding": "5.18.3",
"matchCriteriaId": "8E122216-2E9E-4B3E-B7B8-D575A45BA3C2"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/9ea3e6168948189cec31d0678d2b55b395f88491",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c069db76ed7b681c69159f44be96d2137e9ca989",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f92ded66e9d0aa20b883a2a5183973abc8f41815",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

130
CVE-2022/CVE-2022-494xx/CVE-2022-49410.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49410",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T07:01:17.517",
"lastModified": "2025-02-26T07:01:17.517",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-17T20:31:34.340",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,35 +15,145 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: seguimiento: Se corrige la posible doble liberaci\u00f3n en create_var_ref() En create_var_ref(), se llama a init_var_ref() para inicializar los campos de la variable ref_field, que se asigna en la llamada de funci\u00f3n anterior a create_hist_field(). La funci\u00f3n init_var_ref() asigna los campos correspondientes, como ref_field->system, pero libera estos campos cuando la funci\u00f3n encuentra un error. El llamador luego llama a destroy_hist_field() para realizar la gesti\u00f3n de errores, que libera los campos y la variable misma. Esto da como resultado una doble liberaci\u00f3n de los campos que ya est\u00e1n liberados en la funci\u00f3n anterior. Corrija esto almacenando NULL en los campos correspondientes cuando se liberan en init_var_ref()."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-415"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.17",
"versionEndExcluding": "4.19.247",
"matchCriteriaId": "1D618A3C-AEC5-4520-BBDB-002AC8CA3FED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.198",
"matchCriteriaId": "3EC49633-14DE-4EBD-BB80-76AE2E3EABB9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.121",
"matchCriteriaId": "34ACD872-E5BC-401C-93D5-B357A62426E0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.46",
"matchCriteriaId": "20D41697-0E8B-4B7D-8842-F17BF2AA21E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.17.14",
"matchCriteriaId": "15E2DD33-2255-4B76-9C15-04FF8CBAB252"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.18",
"versionEndExcluding": "5.18.3",
"matchCriteriaId": "8E122216-2E9E-4B3E-B7B8-D575A45BA3C2"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/058cb6d86b9789377216c936506b346aaa1eb581",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/37443b3508b8cce6832f8d25cb4550b2f7801f50",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4fdfb15e08598711dbf50daf56a33965232daf0e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/99696a2592bca641eb88cc9a80c90e591afebd0f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/bd83ff3bbfb003832481c9bff999d12385f396ae",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c27f744ceefadc7bbeb14233b6abc150ced617d2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f8b383f83cb573152c577eca1ef101e89995b72a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

118
CVE-2022/CVE-2022-494xx/CVE-2022-49414.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49414",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T07:01:17.890",
"lastModified": "2025-02-26T07:01:17.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-17T20:35:12.403",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,31 +15,131 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ext4: se corrige la condici\u00f3n de ejecuci\u00f3n entre ext4_write y ext4_convert_inline_data Hulk Robot inform\u00f3 de un BUG_ON: ================================================================== EXT4-fs error (device loop3): ext4_mb_generate_buddy:805: group 0, block bitmap and bg descriptor inconsistent: 25 vs 31513 free clusters kernel BUG at fs/ext4/ext4_jbd2.c:53! invalid opcode: 0000 [#1] SMP KASAN PTI CPU: 0 PID: 25371 Comm: syz-executor.3 Not tainted 5.10.0+ #1 RIP: 0010:ext4_put_nojournal fs/ext4/ext4_jbd2.c:53 [inline] RIP: 0010:__ext4_journal_stop+0x10e/0x110 fs/ext4/ext4_jbd2.c:116 [...] Call Trace: ext4_write_inline_data_end+0x59a/0x730 fs/ext4/inline.c:795 generic_perform_write+0x279/0x3c0 mm/filemap.c:3344 ext4_buffered_write_iter+0x2e3/0x3d0 fs/ext4/file.c:270 ext4_file_write_iter+0x30a/0x11c0 fs/ext4/file.c:520 do_iter_readv_writev+0x339/0x3c0 fs/read_write.c:732 do_iter_write+0x107/0x430 fs/read_write.c:861 vfs_writev fs/read_write.c:934 [inline] do_pwritev+0x1e5/0x380 fs/read_write.c:1031 [...] ================================================================== Above issue may happen as follows: cpu1 cpu2 __________________________|__________________________ do_pwritev vfs_writev do_iter_write ext4_file_write_iter ext4_buffered_write_iter generic_perform_write ext4_da_write_begin vfs_fallocate ext4_fallocate ext4_convert_inline_data ext4_convert_inline_data_nolock ext4_destroy_inline_data_nolock clear EXT4_STATE_MAY_INLINE_DATA ext4_map_blocks ext4_ext_map_blocks ext4_mb_new_blocks ext4_mb_regular_allocator ext4_mb_good_group_nolock ext4_mb_init_group ext4_mb_init_cache ext4_mb_generate_buddy --> error ext4_test_inode_state(inode, EXT4_STATE_MAY_INLINE_DATA) ext4_restore_inline_data set EXT4_STATE_MAY_INLINE_DATA ext4_block_write_begin ext4_da_write_end ext4_test_inode_state(inode, EXT4_STATE_MAY_INLINE_DATA) ext4_write_inline_data_end handle=NULL ext4_journal_stop(handle) __ext4_journal_stop ext4_put_nojournal(handle) ref_cnt = (unsigned long)handle BUG_ON(ref_cnt == 0) ---> BUG_ON The lock held by ext4_convert_inline_data is xattr_sem, but the lock held by generic_perform_write is i_rwsem. Therefore, the two locks can be concurrent. To solve above issue, we add inode_lock() for ext4_convert_inline_data(). At the same time, move ext4_convert_inline_data() in front of ext4_punch_hole(), remove similar handling from ext4_punch_hole(). "
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-362"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.8",
"versionEndExcluding": "5.4.207",
"matchCriteriaId": "109BCDD7-33F8-40BE-B77A-E1C42BACBB08"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.132",
"matchCriteriaId": "46CE9FE9-22E3-45CA-8B5F-190C2CAFC5CE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.46",
"matchCriteriaId": "20D41697-0E8B-4B7D-8842-F17BF2AA21E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.17.14",
"matchCriteriaId": "15E2DD33-2255-4B76-9C15-04FF8CBAB252"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.18",
"versionEndExcluding": "5.18.3",
"matchCriteriaId": "8E122216-2E9E-4B3E-B7B8-D575A45BA3C2"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/14602353b350950b551eccc6b46411aa3b12ffe2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/18881d7e517169193d9ef6c89c7f322e3e164277",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/725e00cb7039eae291890f1bb19bc867176745f6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/91f90b571f1a23f5b8a9c2b68a9aa5d6981a3c3d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ccc6639f831bee91aa8b41c8a1cdd020ecfb9f32",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f87c7a4b084afc13190cbb263538e444cb2b392a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

12
CVE-2023/CVE-2023-234xx/CVE-2023-23443.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-23443",
"sourceIdentifier": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"published": "2023-12-29T04:15:08.883",
"lastModified": "2024-11-21T07:46:12.430",
"lastModified": "2025-04-17T21:15:46.160",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-843"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-843"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-312xx/CVE-2023-31292.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-31292",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-29T02:15:44.983",
"lastModified": "2024-11-21T08:01:44.307",
"lastModified": "2025-04-17T21:15:46.297",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-287"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-313xx/CVE-2023-31300.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-31300",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-29T06:15:43.633",
"lastModified": "2024-11-21T08:01:45.447",
"lastModified": "2025-04-17T21:15:46.467",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-319"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-319"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-348xx/CVE-2023-34829.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-34829",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-28T03:15:07.587",
"lastModified": "2024-11-21T08:07:35.777",
"lastModified": "2025-04-17T21:15:46.723",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-319"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-319"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-506xx/CVE-2023-50651.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-50651",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-30T17:15:08.080",
"lastModified": "2024-11-21T08:37:07.490",
"lastModified": "2025-04-17T20:15:25.913",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-78"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-506xx/CVE-2023-50692.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-50692",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-28T06:15:44.400",
"lastModified": "2024-11-21T08:37:09.230",
"lastModified": "2025-04-17T21:15:47.140",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-434"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-510xx/CVE-2023-51018.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-51018",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-22T19:15:09.587",
"lastModified": "2024-11-21T08:37:42.717",
"lastModified": "2025-04-17T21:15:47.410",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-510xx/CVE-2023-51075.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-51075",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-27T21:15:08.300",
"lastModified": "2024-11-21T08:37:48.420",
"lastModified": "2025-04-17T21:15:47.590",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-835"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-835"
}
]
}
],
"configurations": [

12
CVE-2023/CVE-2023-514xx/CVE-2023-51435.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-51435",
"sourceIdentifier": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"published": "2023-12-29T04:15:10.677",
"lastModified": "2024-11-21T08:38:06.647",
"lastModified": "2025-04-17T21:15:47.927",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-269"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-522xx/CVE-2023-52265.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-52265",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-30T23:15:42.620",
"lastModified": "2024-11-21T08:39:29.217",
"lastModified": "2025-04-17T20:15:26.133",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

4
CVE-2023/CVE-2023-530xx/CVE-2023-53034.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-53034",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-04-16T15:15:52.717",
"lastModified": "2025-04-16T15:15:52.717",
"vulnStatus": "Received",
"lastModified": "2025-04-17T20:22:16.240",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

22
CVE-2023/CVE-2023-59xx/CVE-2023-5980.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-5980",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-12-26T19:15:08.167",
"lastModified": "2024-11-21T08:42:54.650",
"lastModified": "2025-04-17T21:15:48.250",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},

4
CVE-2024/CVE-2024-119xx/CVE-2024-11924.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-11924",
"sourceIdentifier": "contact@wpscan.com",
"published": "2025-04-17T06:15:42.460",
"lastModified": "2025-04-17T16:15:27.233",
"vulnStatus": "Received",
"lastModified": "2025-04-17T20:21:48.243",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-125xx/CVE-2024-12530.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-12530",
"sourceIdentifier": "security@opentext.com",
"published": "2025-04-17T16:15:27.360",
"lastModified": "2025-04-17T16:15:27.360",
"vulnStatus": "Received",
"lastModified": "2025-04-17T20:21:48.243",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-139xx/CVE-2024-13925.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-13925",
"sourceIdentifier": "contact@wpscan.com",
"published": "2025-04-17T06:15:43.590",
"lastModified": "2025-04-17T06:15:43.590",
"vulnStatus": "Received",
"lastModified": "2025-04-17T20:21:48.243",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-223xx/CVE-2024-22314.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22314",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-04-16T17:15:48.470",
"lastModified": "2025-04-16T17:15:48.470",
"vulnStatus": "Received",
"lastModified": "2025-04-17T20:22:16.240",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

51
CVE-2024/CVE-2024-25xx/CVE-2024-2589.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2589",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-03-18T14:15:11.230",
"lastModified": "2024-11-21T09:10:04.563",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-17T21:16:27.787",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 4.2
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -51,14 +71,37 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amss\\+\\+_project:amss\\+\\+:4.31:*:*:*:*:*:*:*",
"matchCriteriaId": "7923653C-8517-4869-A02F-4DC8AA1DAB6B"
}
]
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
"source": "cve-coordination@incibe.es"
"source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2024/CVE-2024-25xx/CVE-2024-2590.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2590",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-03-18T14:15:11.517",
"lastModified": "2024-11-21T09:10:04.693",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-17T21:16:44.343",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 4.2
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -51,14 +71,37 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amss\\+\\+_project:amss\\+\\+:4.31:*:*:*:*:*:*:*",
"matchCriteriaId": "7923653C-8517-4869-A02F-4DC8AA1DAB6B"
}
]
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
"source": "cve-coordination@incibe.es"
"source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2024/CVE-2024-25xx/CVE-2024-2591.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2591",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-03-18T14:15:11.747",
"lastModified": "2024-11-21T09:10:04.807",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-17T21:16:55.570",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 4.2
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -51,14 +71,37 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amss\\+\\+_project:amss\\+\\+:4.31:*:*:*:*:*:*:*",
"matchCriteriaId": "7923653C-8517-4869-A02F-4DC8AA1DAB6B"
}
]
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
"source": "cve-coordination@incibe.es"
"source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2024/CVE-2024-25xx/CVE-2024-2592.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2592",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-03-18T14:15:11.987",
"lastModified": "2024-11-21T09:10:04.923",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-17T21:17:02.640",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 4.2
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -51,14 +71,37 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amss\\+\\+_project:amss\\+\\+:4.31:*:*:*:*:*:*:*",
"matchCriteriaId": "7923653C-8517-4869-A02F-4DC8AA1DAB6B"
}
]
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
"source": "cve-coordination@incibe.es"
"source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2024/CVE-2024-25xx/CVE-2024-2593.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2593",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-03-18T14:15:12.233",
"lastModified": "2024-11-21T09:10:05.037",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-17T21:17:09.140",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
@ -51,14 +71,37 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amss\\+\\+_project:amss\\+\\+:4.31:*:*:*:*:*:*:*",
"matchCriteriaId": "7923653C-8517-4869-A02F-4DC8AA1DAB6B"
}
]
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
"source": "cve-coordination@incibe.es"
"source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2024/CVE-2024-25xx/CVE-2024-2594.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2594",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-03-18T14:15:12.463",
"lastModified": "2024-11-21T09:10:05.157",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-17T21:02:41.620",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
@ -51,14 +71,37 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amss\\+\\+_project:amss\\+\\+:4.31:*:*:*:*:*:*:*",
"matchCriteriaId": "7923653C-8517-4869-A02F-4DC8AA1DAB6B"
}
]
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
"source": "cve-coordination@incibe.es"
"source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2024/CVE-2024-25xx/CVE-2024-2595.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2595",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-03-18T14:15:12.673",
"lastModified": "2024-11-21T09:10:05.273",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-17T21:03:39.607",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
@ -51,14 +71,37 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amss\\+\\+_project:amss\\+\\+:4.31:*:*:*:*:*:*:*",
"matchCriteriaId": "7923653C-8517-4869-A02F-4DC8AA1DAB6B"
}
]
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
"source": "cve-coordination@incibe.es"
"source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2024/CVE-2024-25xx/CVE-2024-2596.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2596",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-03-18T14:15:12.893",
"lastModified": "2024-11-21T09:10:05.403",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-17T21:04:00.343",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
@ -51,14 +71,37 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amss\\+\\+_project:amss\\+\\+:4.31:*:*:*:*:*:*:*",
"matchCriteriaId": "7923653C-8517-4869-A02F-4DC8AA1DAB6B"
}
]
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
"source": "cve-coordination@incibe.es"
"source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2024/CVE-2024-25xx/CVE-2024-2597.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2597",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-03-18T14:15:13.140",
"lastModified": "2024-11-21T09:10:05.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-17T21:04:11.663",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
@ -51,14 +71,37 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amss\\+\\+_project:amss\\+\\+:4.31:*:*:*:*:*:*:*",
"matchCriteriaId": "7923653C-8517-4869-A02F-4DC8AA1DAB6B"
}
]
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
"source": "cve-coordination@incibe.es"
"source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2024/CVE-2024-25xx/CVE-2024-2598.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2598",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-03-18T14:15:13.383",
"lastModified": "2024-11-21T09:10:05.653",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-17T21:04:23.220",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
@ -51,14 +71,37 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amss\\+\\+_project:amss\\+\\+:4.31:*:*:*:*:*:*:*",
"matchCriteriaId": "7923653C-8517-4869-A02F-4DC8AA1DAB6B"
}
]
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
"source": "cve-coordination@incibe.es"
"source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2024/CVE-2024-25xx/CVE-2024-2599.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2599",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-03-18T14:15:13.643",
"lastModified": "2024-11-21T09:10:05.773",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-17T21:05:00.977",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.1,
"impactScore": 6.0
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -51,14 +71,37 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amss\\+\\+_project:amss\\+\\+:4.31:*:*:*:*:*:*:*",
"matchCriteriaId": "7923653C-8517-4869-A02F-4DC8AA1DAB6B"
}
]
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
"source": "cve-coordination@incibe.es"
"source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

4
CVE-2024/CVE-2024-400xx/CVE-2024-40068.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-40068",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-16T17:15:48.630",
"lastModified": "2025-04-16T21:15:44.650",
"vulnStatus": "Received",
"lastModified": "2025-04-17T20:22:16.240",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

45
CVE-2024/CVE-2024-400xx/CVE-2024-40069.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-40069",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-16T17:15:48.743",
"lastModified": "2025-04-16T17:15:48.743",
"vulnStatus": "Received",
"lastModified": "2025-04-17T21:15:48.580",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -11,11 +11,50 @@
"value": "Sourcecodester Online ID Generator System 1.0 was discovered to contain Stored Cross Site Scripting (XSS) via id_generator/classes/Users.php?f=save, and the point of vulnerability is in the POST parameter 'firstname' and 'lastname'."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/DiliLearngent/BugReport/blob/main/php/Online-ID-Generator-System/bug7-XSS-firstname-lastname.md",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/DiliLearngent/BugReport/blob/main/php/Online-ID-Generator-System/bug7-XSS-firstname-lastname.md",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

4
CVE-2024/CVE-2024-400xx/CVE-2024-40070.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-40070",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-16T17:15:48.847",
"lastModified": "2025-04-16T21:15:45.217",
"vulnStatus": "Received",
"lastModified": "2025-04-17T20:22:16.240",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-400xx/CVE-2024-40071.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-40071",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-16T17:15:48.957",
"lastModified": "2025-04-16T17:15:48.957",
"vulnStatus": "Received",
"lastModified": "2025-04-17T20:22:16.240",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-400xx/CVE-2024-40072.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-40072",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-16T17:15:49.063",
"lastModified": "2025-04-16T17:15:49.063",
"vulnStatus": "Received",
"lastModified": "2025-04-17T20:22:16.240",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-400xx/CVE-2024-40073.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-40073",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-16T17:15:49.170",
"lastModified": "2025-04-16T17:15:49.170",
"vulnStatus": "Received",
"lastModified": "2025-04-17T20:22:16.240",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-400xx/CVE-2024-40074.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-40074",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-16T17:15:49.270",
"lastModified": "2025-04-16T17:15:49.270",
"vulnStatus": "Received",
"lastModified": "2025-04-17T20:22:16.240",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-401xx/CVE-2024-40124.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-40124",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-17T17:15:31.853",
"lastModified": "2025-04-17T17:15:31.853",
"vulnStatus": "Received",
"lastModified": "2025-04-17T20:21:05.203",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

56
CVE-2024/CVE-2024-421xx/CVE-2024-42177.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-42177",
"sourceIdentifier": "psirt@hcl.com",
"published": "2025-04-17T20:15:26.513",
"lastModified": "2025-04-17T20:21:05.203",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HCL MyXalytics is affected by SSL\u2215TLS Protocol affected with BREACH & LUCKY13 vulnerabilities. Attackers can exploit the weakness in the ciphers to intercept and decrypt encrypted data, steal sensitive information, or inject malicious code into the system."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@hcl.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N",
"baseScore": 2.6,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.2,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@hcl.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-326"
}
]
}
],
"references": [
{
"url": "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0120504",
"source": "psirt@hcl.com"
}
]
}

4
CVE-2024/CVE-2024-533xx/CVE-2024-53303.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-53303",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-16T18:16:03.417",
"lastModified": "2025-04-17T15:15:53.857",
"vulnStatus": "Received",
"lastModified": "2025-04-17T20:22:16.240",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-533xx/CVE-2024-53304.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-53304",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-16T18:16:03.540",
"lastModified": "2025-04-16T21:15:45.497",
"vulnStatus": "Received",
"lastModified": "2025-04-17T20:22:16.240",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-533xx/CVE-2024-53305.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-53305",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-16T18:16:03.657",
"lastModified": "2025-04-16T21:15:45.643",
"vulnStatus": "Received",
"lastModified": "2025-04-17T20:22:16.240",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-539xx/CVE-2024-53924.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-53924",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-17T18:15:47.603",
"lastModified": "2025-04-17T18:15:47.603",
"vulnStatus": "Received",
"lastModified": "2025-04-17T20:21:05.203",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-552xx/CVE-2024-55211.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-55211",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-17T18:15:47.810",
"lastModified": "2025-04-17T19:15:59.653",
"vulnStatus": "Received",
"lastModified": "2025-04-17T20:21:05.203",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

20
CVE-2024/CVE-2024-552xx/CVE-2024-55238.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-55238",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-17T16:15:27.780",
"lastModified": "2025-04-17T16:15:27.780",
"vulnStatus": "Received",
"lastModified": "2025-04-17T20:21:48.243",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -35,6 +35,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://gist.github.com/javadk/68c597cdb94768dab31a3219c2ad9904",
@ -47,6 +59,10 @@
{
"url": "https://github.com/open-metadata/OpenMetadata/blob/98945cb2db87ebb325d3a72131f049abffcba345/openmetadata-service/src/main/java/org/openmetadata/service/jdbi3/CollectionDAO.java#L4247",
"source": "cve@mitre.org"
},
{
"url": "https://gist.github.com/javadk/68c597cdb94768dab31a3219c2ad9904",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

4
CVE-2024/CVE-2024-553xx/CVE-2024-55371.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-55371",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-16T21:15:45.790",
"lastModified": "2025-04-17T14:15:25.700",
"vulnStatus": "Received",
"lastModified": "2025-04-17T20:21:48.243",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-553xx/CVE-2024-55372.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-55372",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-16T21:15:45.897",
"lastModified": "2025-04-17T14:15:26.120",
"vulnStatus": "Received",
"lastModified": "2025-04-17T20:21:48.243",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-565xx/CVE-2024-56518.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-56518",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-17T16:15:27.900",
"lastModified": "2025-04-17T16:15:27.900",
"vulnStatus": "Received",
"lastModified": "2025-04-17T20:21:48.243",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

34
CVE-2024/CVE-2024-565xx/CVE-2024-56553.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-56553",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-12-27T15:15:14.073",
"lastModified": "2025-01-15T18:35:51.337",
"vulnStatus": "Analyzed",
"lastModified": "2025-04-17T21:15:48.740",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 3.3,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-401"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [

34
CVE-2024/CVE-2024-565xx/CVE-2024-56572.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-56572",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-12-27T15:15:16.210",
"lastModified": "2025-01-14T15:46:25.400",
"vulnStatus": "Analyzed",
"lastModified": "2025-04-17T21:15:48.907",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 3.3,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-401"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [

34
CVE-2024/CVE-2024-566xx/CVE-2024-56643.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-56643",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-12-27T15:15:24.040",
"lastModified": "2025-01-06T17:14:41.813",
"vulnStatus": "Analyzed",
"lastModified": "2025-04-17T21:15:49.070",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 3.3,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-401"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [

34
CVE-2024/CVE-2024-567xx/CVE-2024-56710.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-56710",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-12-29T09:15:05.970",
"lastModified": "2025-01-06T17:13:00.090",
"vulnStatus": "Analyzed",
"lastModified": "2025-04-17T21:15:49.263",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 3.3,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-401"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [

34
CVE-2024/CVE-2024-567xx/CVE-2024-56712.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-56712",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-12-29T09:15:06.250",
"lastModified": "2025-01-06T17:11:48.987",
"vulnStatus": "Analyzed",
"lastModified": "2025-04-17T21:15:49.417",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 3.3,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-401"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [

4
CVE-2024/CVE-2024-567xx/CVE-2024-56736.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-56736",
"sourceIdentifier": "security@apache.org",
"published": "2025-04-16T16:15:28.840",
"lastModified": "2025-04-16T18:16:03.783",
"vulnStatus": "Received",
"lastModified": "2025-04-17T20:22:16.240",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

34
CVE-2024/CVE-2024-567xx/CVE-2024-56742.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-56742",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-12-29T12:15:07.593",
"lastModified": "2025-01-07T22:19:23.543",
"vulnStatus": "Analyzed",
"lastModified": "2025-04-17T21:15:49.607",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 3.3,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-401"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [

34
CVE-2024/CVE-2024-567xx/CVE-2024-56745.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-56745",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-12-29T12:15:07.937",
"lastModified": "2025-01-07T22:47:40.577",
"vulnStatus": "Analyzed",
"lastModified": "2025-04-17T21:15:49.773",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 3.3,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-401"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [

34
CVE-2024/CVE-2024-567xx/CVE-2024-56746.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-56746",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-12-29T12:15:08.070",
"lastModified": "2025-01-07T22:47:17.513",
"vulnStatus": "Analyzed",
"lastModified": "2025-04-17T21:15:49.970",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 3.3,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-401"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [

34
CVE-2024/CVE-2024-567xx/CVE-2024-56747.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-56747",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-12-29T12:15:08.183",
"lastModified": "2025-01-07T22:47:01.040",
"vulnStatus": "Analyzed",
"lastModified": "2025-04-17T20:15:26.807",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 3.3,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-401"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [

34
CVE-2024/CVE-2024-567xx/CVE-2024-56748.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-56748",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-12-29T12:15:08.303",
"lastModified": "2025-01-06T17:07:33.423",
"vulnStatus": "Analyzed",
"lastModified": "2025-04-17T21:15:50.173",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 3.3,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-401"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [

4
CVE-2024/CVE-2024-580xx/CVE-2024-58093.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-58093",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-04-16T15:15:53.220",
"lastModified": "2025-04-16T15:15:53.220",
"vulnStatus": "Received",
"lastModified": "2025-04-17T20:22:16.240",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

4
CVE-2024/CVE-2024-580xx/CVE-2024-58094.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-58094",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-04-16T15:15:53.330",
"lastModified": "2025-04-16T15:15:53.330",
"vulnStatus": "Received",
"lastModified": "2025-04-17T20:22:16.240",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

Some files were not shown because too many files have changed in this diff Show More