admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-07 19:16:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-11-01T17:00:20.026664+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-11-01 17:03:23 +00:00
parent 74d4fedc00
commit 79dc68fea9
299 changed files with 18320 additions and 617 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
CVE-2021/CVE-2021-286xx/CVE-2021-28656.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-28656",
"sourceIdentifier": "security@apache.org",
"published": "2024-04-09T10:15:07.610",
"lastModified": "2024-05-01T17:15:24.097",
"lastModified": "2024-11-01T16:35:00.860",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "La vulnerabilidad de Cross-Site Request Forgery (CSRF) en la p\u00e1gina de credenciales de Apache Zeppelin permite a un atacante enviar solicitudes maliciosas. Este problema afecta a Apache Zeppelin Apache Zeppelin versi\u00f3n 0.9.0 y versiones anteriores."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "security@apache.org",

27
CVE-2021/CVE-2021-469xx/CVE-2021-46957.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-46957",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-02-27T19:04:06.763",
"lastModified": "2024-02-28T14:06:45.783",
"lastModified": "2024-11-01T15:35:02.377",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: riscv/kprobe: corrige el p\u00e1nico del kernel al invocar sys_read rastreado por kprobe La ejecuci\u00f3n de sys_read termina con un BUG_ON() en __find_get_block despu\u00e9s de instalar kprobe en sys_read, el mensaje de ERROR es como el siguiente : [65.708663] ------------[ cortar aqu\u00ed ]------------ [ 65.709987] \u00a1ERROR del kernel en fs/buffer.c:1251! [65.711283] ERROR del kernel [#1] [65.712032] M\u00f3dulos vinculados en: [65.712925] CPU: 0 PID: 51 Comm: sh No contaminado 5.12.0-rc4 #1 [65.714407] Nombre de hardware: riscv-virtio,qemu (DT ) [ 65.715696] epc : __find_get_block+0x218/0x2c8 [ 65.716835] ra : __getblk_gfp+0x1c/0x4a [ 65.717831] epc : ffffffe00019f11e ra : ffffffe00019f56a sp : ffffffe00243 7930 [65.719553] gp: ffffffe000f06030 tp: ffffffe0015abc00 t0: ffffffe00191e038 [65.721290] t1: ffffffe00191e038 t2: 000000000000000a s0: ffffffe002437960 [65.723051] s1: ffffffe00160ad00 a0: ffffffe00160ad00 a1: 000000000000012a [65.724772 ] a2 : 0000000000000400 a3 : 0000000000000008 a4 : 0000000000000040 [ 65.726545] a5 : 00000000000000000 a6 : ffffffe00191e000 a7 : 0000000000000 0000 [65.728308] s2: 000000000000012a s3 : 0000000000000400 s4 : 0000000000000008 [ 65.730049] s5 : 000000000000006c s6 : ffffffe00240f800 s7 : ffffffe000f080a8 [ 65.731802] s8 : 0 000000000000001 s9: 000000000000012a s10: 0000000000000008 [65.733516] s11: 00000000000000008 t3: 00000000000003ff t4: 0000000000 00000f [65.734434] t5: 00000000000003ff t6: 0000000000040000 [65.734613] estado: 0000000000000100 badaddr: 00000000000000000 causa: 0000000000000003 [65.734901] Seguimiento de llamadas: [65.735076] [] __find_get_block+ 0x218/0x2c8 [ 65.735417] [] __ext4_get_inode_loc+0xb2/0x2f6 [ 65.735618] [] ext4_get_inode_loc+0x3a/0x8a [ 65.735802] [] ext4_reserve_inode_write+0x2e/0x8c [ 65.735999] [] __ext4_mark_inode_dirty+0x4c/0x18e [ 65.736208] [] ext4_dirty_inode+0x46/0x66 [ 65.736387] [ ] __mark_inode_dirty+0x12c/0x3da [ 65.736576] [] touch_atime+0x146/0x150 [ 65.736748] [] filemap_read+0x234/0x246 [ 65.736920] [] generic_file_read_iter+0xc0/0x114 [ 65.737114 ] [] ext4_file_read_iter+0x42/0xea [ 65.737310] [] new_sync_read+0xe2/0x15a [ 65.737483] [] vfs_read+0xca/0xf2 [ 65.737641] [] ksys_read+0x5e/0xc8 [ 65.737816] [] sys_read+0xe/0x16 [ 65.737973] [] ret_from_syscall+0x0/0x2 [ 65.738858] ---[ end trace fe93f985456c935d ]--- A El reproductor simple se ve as\u00ed: echo 'p: myprobe sys_read fd=%a0 buf=%a1 count=%a2' > /sys/kernel/debug/tracing/kprobe_events echo 1 > /sys/kernel/debug/tracing/events/kprobes/myprobe/enable cat /sys/kernel /debug/tracing/trace Esto es lo que sucede cuando se activa ese BUG_ON(): 1) Despu\u00e9s de instalar kprobe en la entrada de sys_read, la primera instrucci\u00f3n se reemplaza por la instrucci\u00f3n 'ebreak' en la plataforma riscv64. 2) Una vez que el kernel alcanza la instrucci\u00f3n 'ebreak' en la entrada de sys_read, entra en el controlador de punto de interrupci\u00f3n riscv, donde hace algo para configurar la siguiente instrucci\u00f3n de origen de un solo paso, incluida una copia de seguridad del 'sstatus' en pt_regs, seguido de deshabilite la interrupci\u00f3n durante un solo paso mediante el bit 'SIE' claro de 'sstatus' en pt_regs. 3) Luego, la restauraci\u00f3n del kernel en la ranura de instrucciones contiene dos instrucciones, una es la instrucci\u00f3n original en la entrada de sys_read y la otra es 'ebreak'. Aqu\u00ed se activa una excepci\u00f3n de 'Error en la p\u00e1gina de instrucciones' (el valor en 'scause' es '0xc'), si el PF a\u00fan no se ha completado en PageTabe para ese espacio.---truncado---"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://git.kernel.org/stable/c/b1ebaa0e1318494a7637099a26add50509e37964",

27
CVE-2021/CVE-2021-470xx/CVE-2021-47000.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-47000",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-02-28T09:15:38.170",
"lastModified": "2024-02-28T14:06:45.783",
"lastModified": "2024-11-01T15:35:02.613",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ceph: corrige la fuga de inodo en el error getattr en __fh_to_dentry"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://git.kernel.org/stable/c/0a219432127d396120fc88cabd82785e0ff72a2f",

27
CVE-2021/CVE-2021-471xx/CVE-2021-47185.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-47185",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-10T19:15:47.383",
"lastModified": "2024-04-10T19:49:51.183",
"lastModified": "2024-11-01T15:35:02.847",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: tty: tty_buffer: soluciona el problema de bloqueo suave en flush_to_ldisc Al ejecutar ltp testcase(ltp/testcases/kernel/pty/pty04.c) con arm64, hay un bloqueo suave, que se parece a este: Workqueue: events_unbound flush_to_ldisc Rastreo de llamadas: dump_backtrace+0x0/0x1ec show_stack+0x24/0x30 dump_stack+0xd0/0x128 panic+0x15c/0x374 watchdog_timer_fn+0x2b8/0x304 __run_hrtimer+0x88/0x2c0 __hrtimer_run_queues+0xa4/0x120 hrtimer_interrupt+0xfc/0x270 arch_timer_handler_phys+0x40/0x50 handle_percpu_devid_irq+0x94/0x220 __handle_domain_irq+0x88/0xf0 gic_handle_irq+0x84/0xfc el1_irq+0xc8/0x180 slip_unesc+0x80/0x214 [slip] tty_ldisc_receive_buf+0x64/0x80 tty_port_default_receive_buf+0x50/0x90 flush_to_ldisc+0xbc/0x110 process_one_work+0x1d4/0x4b0 worker_thread+0x180/0x430 kthread+0x11c/0x120 En el caso de prueba pty04, el primer proceso llama a la escritura Llamada al sistema para enviar datos al maestro pty. Al mismo tiempo, la cola de trabajo ejecutar\u00e1 el comando flush_to_ldisc para extraer los datos en un bucle hasta que no queden m\u00e1s datos. Cuando el remitente y la cola de trabajo se ejecutan en n\u00facleos diferentes, el remitente env\u00eda datos r\u00e1pidamente en tiempo completo, lo que har\u00e1 que la cola de trabajo realice el trabajo en bucle durante mucho tiempo y se produzca un bloqueo suave en flush_to_ldisc con el n\u00facleo configurado sin interrupci\u00f3n. Por lo tanto, agrego la comprobaci\u00f3n need_resched y cond_resched en el bucle flush_to_ldisc para evitarlo."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://git.kernel.org/stable/c/0380f643f3a7a61b0845cdc738959c2ad5735d61",

27
CVE-2021/CVE-2021-474xx/CVE-2021-47408.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-47408",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-21T15:15:26.337",
"lastModified": "2024-05-21T16:54:26.047",
"lastModified": "2024-11-01T15:35:03.077",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: netfilter: conntrack: serializar cambios de tama\u00f1o y limpiezas de hash. Syzbot pudo activar la siguiente advertencia [1] Syzbot a\u00fan no encontr\u00f3 ninguna reproducci\u00f3n, pero pude desencadenar un problema similar al tener 2 scripts ejecut\u00e1ndose en paralelo, cambiando los tama\u00f1os de hash de conntrack y: para j en `seq 1 1000`; dejar de compartir -n /bin/true >/dev/null ; done Se necesitar\u00edan m\u00e1s de 5 minutos para limpiar las estructuras net_namespace. Esto se debe a que nf_ct_iterate_cleanup() tiene que reiniciarse cada vez que ocurre un cambio de tama\u00f1o. Al agregar un mutex, podemos serializar los cambios de tama\u00f1o y las limpiezas de hash y tambi\u00e9n hacer que get_next_corpse() sea m\u00e1s r\u00e1pido omitiendo los dep\u00f3sitos vac\u00edos. Incluso sin cambios de tama\u00f1o en la imagen, este parche acelera considerablemente el desmantelamiento del espacio de nombres de la red. [1] INFORMACI\u00d3N: la tarea syz-executor.0:8312 no puede morir durante m\u00e1s de 144 segundos. tarea:syz-executor.0 estado:R ejecutando pila de tareas:25672 pid: 8312 ppid: 6573 banderas:0x00004006 Seguimiento de llamadas: context_switch kernel/sched/core.c:4955 [en l\u00ednea] __schedule+0x940/0x26f0 kernel/sched/core .c:6236 preempt_schedule_common+0x45/0xc0 kernel/sched/core.c:6408 preempt_schedule_thunk+0x16/0x18 arch/x86/entry/thunk_64.S:35 __local_bh_enable_ip+0x109/0x120 kernel/softirq.c:390 local_bh_enable include/ Linux /bottom_half.h:32 [en l\u00ednea] get_next_corpse net/netfilter/nf_conntrack_core.c:2252 [en l\u00ednea] nf_ct_iterate_cleanup+0x15a/0x450 net/netfilter/nf_conntrack_core.c:2275 nf_conntrack_cleanup_net_list+0x14c/0x4f0 net/netfilter/ nf_conntrack_core.c:2469 ops_exit_list+0x10d/0x160 net/core/net_namespace.c:171 setup_net+0x639/0xa30 net/core/net_namespace.c:349 copy_net_ns+0x319/0x760 net/core/net_namespace.c:470 create_new_namespaces+0x3f6/0xb20 kernel/nsproxy .c:110 unshare_nsproxy_namespaces+0xc1/0x1f0 kernel/nsproxy.c:226 ksys_unshare+0x445/0x920 kernel/fork.c:3128 __do_sys_unshare kernel/fork.c:3202 [en l\u00ednea] __se_sys_unshare kernel/fork.c:3200 [en l\u00ednea] __x64_sys_unshare+0x2d/0x40 kernel/fork.c:3200 do_syscall_x64 arch/x86/entry/common.c:50 [en l\u00ednea] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80 Entry_SYSCALL_64_after_hwframe+0x44/0xae : 0033:0x7f63da68e739 RSP: 002b:00007f63d7c05188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 RAX: ffffffffffffffda RBX: 00007f63da792f80 RCX: 63da68e739 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000 RBP: 00007f63da6e8cc4 R08: 0000000000000000 R09: 000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00007f63da792f80 R13: 00007fff50b75d3f R14: 00007f63d7c05300 R15: 0000000000022000 Mostrando todos los bloqueos retenidos en el sistema: 1 bloqueo retenido por khungtaskd/27: #0: ffffffff8b980020 (rcu_read_lock){....}-{1:2}, : debug_show_all_locks+0x53 /0x260 kernel/locking/lockdep.c:6446 2 bloqueos retenidos por kworker/u4:2/153: #0: ffff888010c69138 ((wq_completion)events_unbound){+.+.}-{0:0}, en: arch_atomic64_set arch /x86/include/asm/atomic64_64.h:34 [en l\u00ednea] #0: ffff888010c69138 ((wq_completion)events_unbound){+.+.}-{0:0}, en: arch_atomic_long_set include/linux/atomic/atomic-long .h:41 [en l\u00ednea] #0: ffff888010c69138 ((wq_completion)events_unbound){+.+.}-{0:0}, en: atomic_long_set include/linux/atomic/atomic-instrumented.h:1198 [en l\u00ednea] # 0: ffff888010c69138 ((wq_completion)events_unbound){+.+.}-{0:0}, en: set_work_data kernel/workqueue.c:634 [en l\u00ednea] #0: ffff888010c69138 ((wq_completion)events_unbound){+.+. }-{0:0}, en: set_work_pool_and_clear_pending kernel/workqueue.c:661 [en l\u00ednea] #0: ffff888010c69138 ((wq_completion)events_unbound){+.+.}-{0:0}, en: Process_one_work+0x896/ 0x1690 kernel/workqueue.c:2268 #1: ffffc9000140fdb0 ((kfence_timer).work){+.+.}-{0:0}, en: Process_one_work+0x8ca/0x1690 kernel/workqueue.c:2272 1 bloqueo retenido por systemd-udevd/2970: 1 bloqueo retenido por in:imklog/6258: #0: ffff88807f970ff0 (&f->f_pos_lock){+.+.}-{3:3}, en: __fdget_pos+0xe9/0x100 ---truncado---"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.0,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://git.kernel.org/stable/c/7ea6f5848281182ce0cff6cafdcf3fbdeb8ca7e1",

27
CVE-2021/CVE-2021-474xx/CVE-2021-47419.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-47419",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-21T15:15:27.350",
"lastModified": "2024-05-21T16:53:56.550",
"lastModified": "2024-11-01T15:35:03.837",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net/sched: sch_taprio: cancelar correctamente el temporizador de taprio_destroy(). Hay un comentario en qdisc_create() acerca de que no llamamos a ops->reset() en algunos casos. err_out4: /* * \u00bfAlguna qdisc rota que requiera un ops->reset() aqu\u00ed? * La qdisc nunca estuvo en acci\u00f3n por lo que no deber\u00eda ser necesaria. */ Como taprio establece un temporizador antes de recibir un paquete, debemos cancelarlo desde ops->destroy, en caso de que no se haya llamado a ops->reset. syzbot inform\u00f3: ODEBUG: libre activo (estado activo 0) tipo de objeto: hrtimer sugerencia: advanced_sched+0x0/0x9a0 arch/x86/include/asm/atomic64_64.h:22 ADVERTENCIA: CPU: 0 PID: 8441 en lib/debugobjects.c :505 debug_print_object+0x16e/0x250 lib/debugobjects.c:505 M\u00f3dulos vinculados en: CPU: 0 PID: 8441 Comm: syz-executor813 No contaminado 5.14.0-rc6-syzkaller #0 Nombre del hardware: Google Google Compute Engine/Google Compute Motor, BIOS Google 01/01/2011 RIP: 0010:debug_print_object+0x16e/0x250 lib/debugobjects.c:505 C\u00f3digo: ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 af 00 00 00 48 8b 14 dd e0 d3 e3 89 4c 89 ee 48 c7 c7 e0 c7 e3 89 e8 5b 86 11 05 <0f> 0b 83 05 85 03 92 09 01 48 83 c4 18 5b 5d 41 5c 41 5d 41 5e c3 RSP 0018:ffff c9000130f330 EFLAGS: 00010282 RAX: 0000000000000000 RBX: 00000000000000003 RCX: 0000000000000000 RDX: ffff88802baeb880 RSI: ffffffff815d87b5 RDI: fffff52000261e58 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 R10: ffffffff815d25ee R11: 00000000000000000 R12: ffffffff898dd020 R13: 3ce20 R14: ffffffff81653630 R15: dffffc0000000000 FS: 0000000000f0d300( 0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007ffb64b3e000 CR3: 557000 CR4: 00000000001506e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 7: 0000000000000400 Seguimiento de llamadas: __debug_check_no_obj_freed lib/debugobjects.c:987 [en l\u00ednea] debug_check_no_obj_freed+0x301/0x420 lib/debugobjects.c:1018 slab_free_hook mm/slub.c:1603 [en l\u00ednea] slab_free_freelist_hook+0x171/0x240 mm/ slub.c:1653 slab_libre mm/slub.c:3213 [en l\u00ednea] kfree+0xe4/0x540 mm/slub.c:4267 qdisc_create+0xbcf/0x1320 net/sched/sch_api.c:1299 tc_modify_qdisc+0x4c8/0x1a60 net/sched/sch_api.c:1663 rtnetlink_rcv_msg+0x413/0xb80 nore/rtnetlink.c: 5571 netlink_rcv_skb+0x153/0x420 net/netlink/af_netlink.c: 2504 netlink_unicast_kernel net/netlink/af_netlink.c: 1314 [netlin /0x7d0 net/netlink/ af_netlink.c:1340 netlink_sendmsg+0x86d/0xdb0 net/netlink/af_netlink.c:1929 sock_sendmsg_nosec net/socket.c:704 [en l\u00ednea] sock_sendmsg+0xcf/0x120 net/socket.c:724 ____sys_sendmsg+0x6e8/0x810 net /z\u00f3calo .c:2403 ___sys_sendmsg+0xf3/0x170 net/socket.c:2457 __sys_sendmsg+0xe5/0x1b0 net/socket.c:2486 do_syscall_x64 arch/x86/entry/common.c:50 [en l\u00ednea] arco/ x86/entrada/common.c:80"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://git.kernel.org/stable/c/3ec73ffeef54596c32aff0e73fe60971b9c8b866",

27
CVE-2021/CVE-2021-474xx/CVE-2021-47476.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-47476",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-22T09:15:09.470",
"lastModified": "2024-07-03T01:38:00.540",
"lastModified": "2024-11-01T15:35:04.050",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: comedi: ni_usb6501: corrige NULL-deref en las rutas de comando El controlador usa b\u00faferes de transferencia USB del tama\u00f1o de un terminal, pero no tuvo controles de cordura en los tama\u00f1os. Esto puede provocar desreferencias de puntero de tama\u00f1o cero o b\u00faferes de transferencia desbordados en ni6501_port_command() y ni6501_counter_command() si un dispositivo (malicioso) tiene tama\u00f1os m\u00e1ximos de paquetes m\u00e1s peque\u00f1os de lo esperado (o cuando se realizan pruebas de descriptor difuso). Agregue las comprobaciones de cordura que faltan a probe()."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",

167
CVE-2021/CVE-2021-475xx/CVE-2021-47587.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47587",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-06-19T15:15:53.260",
"lastModified": "2024-06-20T12:43:25.663",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-01T15:10:35.867",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,39 +15,184 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: net: systemport: agregue bloqueo global para el ciclo de vida del descriptor. La lista de descriptores es un recurso compartido entre todas las colas de transmisi\u00f3n y el mecanismo de bloqueo que se usa hoy solo protege la concurrencia en una cola de transmisi\u00f3n determinada. entre la transmisi\u00f3n y la recuperaci\u00f3n. Esto crea una oportunidad para que el hardware de SYSTEMPORT funcione con descriptores corruptos si tenemos varios productores a la vez, como es el caso cuando utilizamos varias colas de transmisi\u00f3n. Esto fue particularmente notable cuando se usaban m\u00faltiples flujos/colas de transmisi\u00f3n y se mostr\u00f3 de manera interesante en que los paquetes UDP obtendr\u00edan una suma de verificaci\u00f3n de encabezado UDP correcta al calcularse sobre una longitud de paquete incorrecta. De manera similar, los paquetes TCP obtendr\u00edan una suma de verificaci\u00f3n igualmente correcta calculada por el hardware en una longitud de paquete incorrecta. El hardware de SYSTEMPORT mantiene una lista de descriptores internos que reorganiza cuando el controlador produce un nuevo descriptor cada vez que escribe en los registros WRITE_PORT_{HI,LO}. Sin embargo, hay cierto retraso en el hardware para reorganizar sus descriptores y es Es posible que las colas de TX simult\u00e1neas eventualmente rompan este esquema de asignaci\u00f3n interna hasta el punto en que la parte de longitud/estado del descriptor se use para un b\u00fafer de datos incorrecto. La soluci\u00f3n es imponer una serializaci\u00f3n global para todas las colas de TX en la secci\u00f3n corta donde escribimos en los registros WRITE_PORT_{HI,LO}, lo que resuelve la corrupci\u00f3n incluso cuando se utilizan varias colas de TX simult\u00e1neas."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-667"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.16",
"versionEndExcluding": "4.4.296",
"matchCriteriaId": "FCFAB8C6-0679-470F-8BA0-2B7D132E9D6B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.5",
"versionEndExcluding": "4.9.294",
"matchCriteriaId": "BEC14782-2EE3-4635-A927-91559E4F451C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.10",
"versionEndExcluding": "4.14.259",
"matchCriteriaId": "390D64FF-1DB7-4DD1-ADEF-CE96BEA2607C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.222",
"matchCriteriaId": "2D0D89BC-6CF8-4BFB-8C91-472348052528"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.168",
"matchCriteriaId": "195EBAA1-4CCE-4898-9351-F4A0DBCAA022"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.88",
"matchCriteriaId": "A657B2D0-5B9D-42BE-A3BF-228DBC1B057C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.11",
"matchCriteriaId": "11274E95-438A-449A-B100-01B2B0046669"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.16:rc1:*:*:*:*:*:*",
"matchCriteriaId": "357AA433-37E8-4323-BFB2-3038D6E4B414"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.16:rc2:*:*:*:*:*:*",
"matchCriteriaId": "A73429BA-C2D9-4D0C-A75F-06A1CA8B3983"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.16:rc3:*:*:*:*:*:*",
"matchCriteriaId": "F621B5E3-E99D-49E7-90B9-EC3B77C95383"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.16:rc4:*:*:*:*:*:*",
"matchCriteriaId": "F7BFDCAA-1650-49AA-8462-407DD593F94F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.16:rc5:*:*:*:*:*:*",
"matchCriteriaId": "6EC9882F-866D-4ACB-8FBC-213D8D8436C8"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/595a684fa6f23b21958379a18cfa83862c73c2e1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6e1011cd183faae8daff275c72444edcdfe0d473",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8b8e6e782456f1ce02a7ae914bbd5b1053f0b034",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8ed2f5d08d6e59f8c78b2869bfb95d0be32c094c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c675256a7f131f5ba3f331efb715e8f31ea0e392",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/de57f62f76450b934de8203711bdc4f7953c3421",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/eb4687c7442942e115420a30185f8d83faf37696",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f3fde37d3f0d429f0fcce214cb52588a9e21260e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

95
CVE-2021/CVE-2021-475xx/CVE-2021-47591.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47591",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-06-19T15:15:53.700",
"lastModified": "2024-06-20T12:43:25.663",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-01T15:12:03.857",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,15 +15,100 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: mptcp: elimina el soporte de tcp ulp setsockopt TCP_ULP setsockopt no se puede usar para mptcp porque ya se usa internamente para conectar sockets de subflujo (tcp) a la capa mptcp. syzbot logr\u00f3 desencadenar un bloqueo para las conexiones mptcp que est\u00e1n en modo alternativo: KASAN: null-ptr-deref en el rango [0x0000000000000020-0x0000000000000027] CPU: 1 PID: 1083 Comm: syz-executor.3 Not tainted 5.16.0-rc2- syzkaller #0 RIP: 0010:tls_build_proto net/tls/tls_main.c:776 [en l\u00ednea] [..] __tcp_set_ulp net/ipv4/tcp_ulp.c:139 [en l\u00ednea] tcp_set_ulp+0x428/0x4c0 net/ipv4/tcp_ulp.c: 160 do_tcp_setsockopt+0x455/0x37c0 net/ipv4/tcp.c:3391 mptcp_setsockopt+0x1b47/0x2400 net/mptcp/sockopt.c:638 Elimina la compatibilidad con TCP_ULP setsockopt."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.13",
"versionEndExcluding": "5.15.11",
"matchCriteriaId": "D42075C1-1BC2-41C8-B06D-3A7E0EDABE84"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.16:rc1:*:*:*:*:*:*",
"matchCriteriaId": "357AA433-37E8-4323-BFB2-3038D6E4B414"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.16:rc2:*:*:*:*:*:*",
"matchCriteriaId": "A73429BA-C2D9-4D0C-A75F-06A1CA8B3983"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.16:rc3:*:*:*:*:*:*",
"matchCriteriaId": "F621B5E3-E99D-49E7-90B9-EC3B77C95383"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.16:rc4:*:*:*:*:*:*",
"matchCriteriaId": "F7BFDCAA-1650-49AA-8462-407DD593F94F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.16:rc5:*:*:*:*:*:*",
"matchCriteriaId": "6EC9882F-866D-4ACB-8FBC-213D8D8436C8"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/3de0c86d42f841d1d64f316cd949e65c566f0734",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/404cd9a22150f24acf23a8df2ad0c094ba379f57",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

95
CVE-2021/CVE-2021-475xx/CVE-2021-47592.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47592",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-06-19T15:15:53.793",
"lastModified": "2024-06-20T12:43:25.663",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-01T15:14:00.373",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,15 +15,100 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: net: stmmac: corrija la eliminaci\u00f3n de flores tc para la direcci\u00f3n Rx con prioridad de VLAN Para replicar el problema: - 1) Agregue 1 filtro de flores para la direcci\u00f3n de cuadros basada en prioridad de VLAN: - $ IFDEVNAME=eth0 $ tc qdisc agregar dev $IFDEVNAME ingreso $ tc qdisc agregar dev $IFDEVNAME ra\u00edz mqprio num_tc 8 \\ map 0 1 2 3 4 5 6 7 0 0 0 0 0 0 0 0 0 \\ colas 1@0 1@1 1@2 1@3 1@4 1@5 1@6 1@7 hw 0 $ tc filter add dev $IFDEVNAME parent ffff: protocolo 802.1Q \\ flower vlan_prio 0 hw_tc 0 2) Obtener el id 'pref' $ tc filter show dev $IFDEVNAME ingress 3 ) Eliminar un registro de flor tc espec\u00edfico (digamos pref 49151) $ tc filter del dev $IFDEVNAME parent ffff: pref 49151 Desde dmesg, observaremos el puntero NULL del kernel ooops [ 197.170464] ERROR: desreferencia del puntero NULL del kernel, direcci\u00f3n: 00000000000000000 [ 197.171367] #PF: acceso de lectura de supervisor en modo kernel [ 197.171367] #PF: error_code(0x0000) - p\u00e1gina no presente [ 197.171367] PGD 0 P4D 0 [ 197.171367] Ups: 0000 [#1] PREEMPT SMP NOPTI [ 197.171367] RIP: 0010:tc_setup_cls+0x20b/0x4a0 [stmmac] [ 197.171367] Seguimiento de llamadas: [ 197.171367] [ 197.171367] ? __stmmac_disable_all_queues+0xa8/0xe0 [stmmac] [ 197.171367] stmmac_setup_tc_block_cb+0x70/0x110 [stmmac] [ 197.171367] tc_setup_cb_destroy+0xb3/0x180 [ 197.171367] destroy_filter+0x94/0xc0 [cls_flower] El problema anterior se debe a una implementaci\u00f3n anterior incorrecta de tc_del_vlan_flow( ), que se muestra a continuaci\u00f3n, que usa flow_cls_offload_flow_rule() para obtener la estructura flow_rule *rule que ya no es v\u00e1lida para la operaci\u00f3n de eliminaci\u00f3n del filtro tc. estructura flow_rule *regla = flow_cls_offload_flow_rule(cls); estructura flow_dissector *dissector = regla->match.dissector; Por lo tanto, para garantizar que tc_del_vlan_flow() elimine el registro VLAN cls correcto para la cola RX configurada anteriormente (configurada por hw_tc) en tc_add_vlan_flow(), este parche introduce stmmac_rfs_entry como registro flow_cls_offload del lado del controlador para la flor tc 'Direcci\u00f3n de trama RX', actualmente utilizada para Prioridad de VLAN. La implementaci\u00f3n ha tenido en cuenta una futura ampliaci\u00f3n para incluir otro tipo de direcci\u00f3n de bastidor RX, como la basada en EtherType. v2: - Limpiar el rastreo demasiado extenso y reescribir el mensaje de git para explicar mejor el problema del puntero NULL del kernel."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.13",
"versionEndExcluding": "5.15.11",
"matchCriteriaId": "D42075C1-1BC2-41C8-B06D-3A7E0EDABE84"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.16:rc1:*:*:*:*:*:*",
"matchCriteriaId": "357AA433-37E8-4323-BFB2-3038D6E4B414"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.16:rc2:*:*:*:*:*:*",
"matchCriteriaId": "A73429BA-C2D9-4D0C-A75F-06A1CA8B3983"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.16:rc3:*:*:*:*:*:*",
"matchCriteriaId": "F621B5E3-E99D-49E7-90B9-EC3B77C95383"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.16:rc4:*:*:*:*:*:*",
"matchCriteriaId": "F7BFDCAA-1650-49AA-8462-407DD593F94F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.16:rc5:*:*:*:*:*:*",
"matchCriteriaId": "6EC9882F-866D-4ACB-8FBC-213D8D8436C8"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/97cb5c82aa1dd85a39b1bd021c8b5f18af623779",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/aeb7c75cb77478fdbf821628e9c95c4baa9adc63",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

107
CVE-2021/CVE-2021-475xx/CVE-2021-47593.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47593",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-06-19T15:15:53.890",
"lastModified": "2024-06-20T12:43:25.663",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-01T15:15:41.027",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,19 +15,114 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mptcp: borrar el indicador 'kern' de los sockets de reserva La extensi\u00f3n mptcp ULP depende de que sk->sk_sock_kern est\u00e9 configurado correctamente: impide que setsockopt(fd, IPPROTO_TCP, TCP_ULP, \"mptcp\", 6); de funcionar para sockets tcp simples (cualquier socket expuesto al espacio de usuario). Pero en caso de respaldo, aceptar() puede devolver un sk tcp simple. En tal caso, sk todav\u00eda est\u00e1 etiquetado como 'kernel' y setsockopt funcionar\u00e1. Esto bloquear\u00e1 el kernel. La extensi\u00f3n de subflujo tiene un socket NULL ctx->conn mptcp: ERROR: KASAN: null-ptr-deref en subflow_data_ready+0x181/0x2b0 Seguimiento de llamadas: tcp_data_ready+0xf8/0x370 [..]"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.6",
"versionEndExcluding": "5.10.88",
"matchCriteriaId": "38A89EC4-168A-4514-A383-6B85436E12DE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.11",
"matchCriteriaId": "11274E95-438A-449A-B100-01B2B0046669"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.16:rc1:*:*:*:*:*:*",
"matchCriteriaId": "357AA433-37E8-4323-BFB2-3038D6E4B414"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.16:rc2:*:*:*:*:*:*",
"matchCriteriaId": "A73429BA-C2D9-4D0C-A75F-06A1CA8B3983"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.16:rc3:*:*:*:*:*:*",
"matchCriteriaId": "F621B5E3-E99D-49E7-90B9-EC3B77C95383"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.16:rc4:*:*:*:*:*:*",
"matchCriteriaId": "F7BFDCAA-1650-49AA-8462-407DD593F94F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.16:rc5:*:*:*:*:*:*",
"matchCriteriaId": "6EC9882F-866D-4ACB-8FBC-213D8D8436C8"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/451f1eded7f56e93aaf52eb547ba97742d9c0e97",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c26ac0ea3a91c210cf90452e625dc441adf3e549",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d6692b3b97bdc165d150f4c1505751a323a80717",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

211
CVE-2022/CVE-2022-381xx/CVE-2022-38176.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-38176",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-09-06T21:15:08.967",
"lastModified": "2024-10-30T16:17:27.707",
"lastModified": "2024-11-01T16:31:42.553",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -56,7 +56,214 @@
"nodes": [
{
"operator": "OR",
"negate": false
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ysoft:safeq:6.0:-:*:*:*:*:*:*",
"matchCriteriaId": "EA81585C-2548-449C-B1BF-5288AF23E947"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ysoft:safeq:6.0:build32:*:*:*:*:*:*",
"matchCriteriaId": "66F8714A-C098-4FB8-BF3C-966466B93CEF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ysoft:safeq:6.0:build33:*:*:*:*:*:*",
"matchCriteriaId": "A7E52155-DE90-492E-959A-339E1BE79683"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ysoft:safeq:6.0:build34:*:*:*:*:*:*",
"matchCriteriaId": "9E53A361-E775-4B7C-B26F-5527EBB74EF8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ysoft:safeq:6.0:build35:*:*:*:*:*:*",
"matchCriteriaId": "DC1FB050-F460-43F3-9B08-51A79A93C9E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ysoft:safeq:6.0:build36:*:*:*:*:*:*",
"matchCriteriaId": "09BF07DA-47F3-4002-B13B-90409C756476"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ysoft:safeq:6.0:build37:*:*:*:*:*:*",
"matchCriteriaId": "70E37BAC-9AD5-4F9F-983B-B6AF7D798389"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ysoft:safeq:6.0:build38:*:*:*:*:*:*",
"matchCriteriaId": "2FEBCEE6-8442-47DD-9417-DAFB90AE54B1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ysoft:safeq:6.0:build39:*:*:*:*:*:*",
"matchCriteriaId": "E4288C64-E6A4-4724-A991-834B0C7C629E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ysoft:safeq:6.0:build40:*:*:*:*:*:*",
"matchCriteriaId": "4AECD471-134D-47B7-A35B-0C48659A9CAE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ysoft:safeq:6.0:build41:*:*:*:*:*:*",
"matchCriteriaId": "C7BDBDE0-105C-4140-B0EB-843BC8FFDDF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ysoft:safeq:6.0:build42:*:*:*:*:*:*",
"matchCriteriaId": "A7A14715-0C5E-4648-9C8F-52356B11DA91"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ysoft:safeq:6.0:build43:*:*:*:*:*:*",
"matchCriteriaId": "5F34F1CF-7388-4865-A708-BAEAFB46FDD1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ysoft:safeq:6.0:build44:*:*:*:*:*:*",
"matchCriteriaId": "5CAA458B-7E04-49F1-9431-B2452379A73C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ysoft:safeq:6.0:build45:*:*:*:*:*:*",
"matchCriteriaId": "15173475-41B5-4AB6-BC7B-B0EAB027A2C3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ysoft:safeq:6.0:build46:*:*:*:*:*:*",
"matchCriteriaId": "5998894F-5F9E-46FB-9FE9-AA4233C51C48"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ysoft:safeq:6.0:build47:*:*:*:*:*:*",
"matchCriteriaId": "D81E1C89-B437-4D53-BF47-89E86E4D8E3D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ysoft:safeq:6.0:build48:*:*:*:*:*:*",
"matchCriteriaId": "EF786E8D-F04A-450E-9091-EFF3EF43124A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ysoft:safeq:6.0:build49:*:*:*:*:*:*",
"matchCriteriaId": "8F2BB4C0-636B-46A6-A0FC-379837F07ED5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ysoft:safeq:6.0:build50:*:*:*:*:*:*",
"matchCriteriaId": "91FC2B3E-1E3D-48DB-958B-B50D0085EA7E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ysoft:safeq:6.0:build51:*:*:*:*:*:*",
"matchCriteriaId": "77687CCE-6778-4E58-AEE0-5586AF22213E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ysoft:safeq:6.0:build52:*:*:*:*:*:*",
"matchCriteriaId": "48A384EA-4806-462E-AC2F-838608918D0C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ysoft:safeq:6.0:build53:*:*:*:*:*:*",
"matchCriteriaId": "ECE640BB-1291-40D3-A5BF-C60DF8074BC8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ysoft:safeq:6.0:build54:*:*:*:*:*:*",
"matchCriteriaId": "92739D9A-0931-4F66-A0F5-848854EC0F19"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ysoft:safeq:6.0:build55:*:*:*:*:*:*",
"matchCriteriaId": "FD7E49DC-DB41-4507-8423-B3A998366FFB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ysoft:safeq:6.0:build56:*:*:*:*:*:*",
"matchCriteriaId": "4E909C1A-3EDC-4F14-BBC9-36429EF2F47D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ysoft:safeq:6.0:build57:*:*:*:*:*:*",
"matchCriteriaId": "FDE4C452-5059-4118-BCF4-9E6F9D101051"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ysoft:safeq:6.0:build58:*:*:*:*:*:*",
"matchCriteriaId": "103972CB-9627-4864-9ECC-353DFAE183A9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ysoft:safeq:6.0:build59:*:*:*:*:*:*",
"matchCriteriaId": "270DACEF-4164-48EE-A09B-F3AFC3F96922"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ysoft:safeq:6.0:build60:*:*:*:*:*:*",
"matchCriteriaId": "551D9158-2BA3-41A5-BCC8-1C106C45A6A3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ysoft:safeq:6.0:build61:*:*:*:*:*:*",
"matchCriteriaId": "2041E54F-EE13-430C-A356-32DD8C7888D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ysoft:safeq:6.0:build62:*:*:*:*:*:*",
"matchCriteriaId": "2116917F-48DB-406B-AC6D-38E15F8F184A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ysoft:safeq:6.0:build63:*:*:*:*:*:*",
"matchCriteriaId": "77009C4D-5A00-48B7-B365-11BA35CE50C7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ysoft:safeq:6.0:build64:*:*:*:*:*:*",
"matchCriteriaId": "7DF1389D-B27E-440F-B8BB-1CB86E7700A6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ysoft:safeq:6.0:build65:*:*:*:*:*:*",
"matchCriteriaId": "52685F05-BEEE-4E71-92AA-2EDD55BDC86E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ysoft:safeq:6.0:build66:*:*:*:*:*:*",
"matchCriteriaId": "05305162-0D3E-459E-8607-4CFBCCEF3541"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ysoft:safeq:6.0:build67:*:*:*:*:*:*",
"matchCriteriaId": "6E35D2CD-89CB-4CCD-A447-A7C228CE6694"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ysoft:safeq:6.0:build68:*:*:*:*:*:*",
"matchCriteriaId": "1D05FB02-3316-48EC-9D23-FA79684E95F6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ysoft:safeq:6.0:build69:*:*:*:*:*:*",
"matchCriteriaId": "2C12ED82-6E48-46FE-B25E-331BED09AE35"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ysoft:safeq:6.0:build70:*:*:*:*:*:*",
"matchCriteriaId": "B039050F-AC4E-4F48-B2DA-FF5DD70D9503"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ysoft:safeq:6.0:build71:*:*:*:*:*:*",
"matchCriteriaId": "402ADD85-9FEC-4EF4-9169-2FD84F3C5CBE"
}
]
}
]
}

169
CVE-2022/CVE-2022-489xx/CVE-2022-48986.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-48986",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T20:15:10.527",
"lastModified": "2024-10-23T15:13:25.583",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-01T15:30:13.770",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -12,30 +12,181 @@
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mm/gup: fix gup_pud_range() for dax Para dax pud, pud_huge() devuelve true en x86. Por lo tanto, la funci\u00f3n funciona siempre que hugetlb est\u00e9 configurado. Sin embargo, dax no depende de hugetlb. el commit 414fd080d125 (\"mm/gup: fix gup_pmd_range() for dax\") corrigi\u00f3 los PMD enormes respaldados por devmap, pero omiti\u00f3 los PUD enormes respaldados por devmap. Corrija esto tambi\u00e9n. Esto corrige el siguiente p\u00e1nico del kernel: error de protecci\u00f3n general, probablemente para la direcci\u00f3n no can\u00f3nica 0x69e7c000cc478: 0000 [#1] SMP < snip > Call Trace: get_user_pages_fast+0x1f/0x40 iov_iter_get_pages+0xc6/0x3b0 ? mempool_alloc+0x5d/0x170 bio_iov_iter_get_pages+0x82/0x4e0 ? bvec_alloc+0x91/0xc0 ? bio_alloc_bioset+0x19a/0x2a0 blkdev_direct_IO+0x282/0x480 ? __io_complete_rw_common+0xc0/0xc0 ? rango_mapa_archivo_tiene_p\u00e1gina+0x82/0xc0 escritura_directa_archivo_gen\u00e9rico+0x9d/0x1a0 ? tiempo_actualizaci\u00f3n_inodo+0x24/0x30 __iter_escritura_archivo_gen\u00e9rico+0xbd/0x1e0 blkdev_write_iter+0xb4/0x150 ? io_import_iovec+0x8d/0x340 io_write+0xf9/0x300 io_issue_sqe+0x3c3/0x1d30 ? sysvec_reschedule_ipi+0x6c/0x80 __io_queue_sqe+0x33/0x240 ? fget+0x76/0xa0 io_submit_sqes+0xe6a/0x18d0 ? __fget_light+0xd1/0x100 __x64_sys_io_uring_enter+0x199/0x880 ? __context_tracking_enter+0x1f/0x70 ? irqentry_exit_to_user_mode+0x24/0x30 ? irqentry_exit+0x1d/0x30 ? __context_tracking_exit+0xe/0x70 do_syscall_64+0x3b/0x90 entry_SYSCALL_64_after_hwframe+0x61/0xcb RIP: 0033:0x7fc97c11a7be < snip > ---[ fin del seguimiento 48b2e0e67debcaeb ]--- RIP: 0010:internal_get_user_pages_fast+0x340/0x990 < snip > P\u00e1nico del n\u00facleo: no se sincroniza: Excepci\u00f3n fatal Desplazamiento del n\u00facleo: deshabilitado"
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mm/gup: fix gup_pud_range() for dax Para dax pud, pud_huge() devuelve true en x86. Por lo tanto, la funci\u00f3n funciona siempre que hugetlb est\u00e9 configurado. Sin embargo, dax no depende de hugetlb. el commit 414fd080d125 (\"mm/gup: fix gup_pmd_range() for dax\") corrigi\u00f3 los PMD enormes respaldados por devmap, pero omiti\u00f3 los PUD enormes respaldados por devmap. Corrija esto tambi\u00e9n. Esto corrige el siguiente p\u00e1nico del kernel: error de protecci\u00f3n general, probablemente para la direcci\u00f3n no can\u00f3nica 0x69e7c000cc478: 0000 [#1] SMP < snip > Call Trace: get_user_pages_fast+0x1f/0x40 iov_iter_get_pages+0xc6/0x3b0 ? mempool_alloc+0x5d/0x170 bio_iov_iter_get_pages+0x82/0x4e0 ? bvec_alloc+0x91/0xc0 ? bio_alloc_bioset+0x19a/0x2a0 blkdev_direct_IO+0x282/0x480 ? __io_complete_rw_common+0xc0/0xc0 ? filemap_range_has_page+0x82/0xc0 generic_file_direct_write+0x9d/0x1a0? inode_update_time+0x24/0x30 __generic_file_write_iter+0xbd/0x1e0 blkdev_write_iter+0xb4/0x150 ? io_import_iovec+0x8d/0x340 io_write+0xf9/0x300 io_issue_sqe+0x3c3/0x1d30 ? sysvec_reschedule_ipi+0x6c/0x80 __io_queue_sqe+0x33/0x240 ? fget+0x76/0xa0 io_submit_sqes+0xe6a/0x18d0 ? __fget_light+0xd1/0x100 __x64_sys_io_uring_enter+0x199/0x880 ? __context_tracking_enter+0x1f/0x70 ? irqentry_exit_to_user_mode+0x24/0x30 ? irqentry_exit+0x1d/0x30 ? __context_tracking_exit+0xe/0x70 do_syscall_64+0x3b/0x90 entry_SYSCALL_64_after_hwframe+0x61/0xcb RIP: 0033:0x7fc97c11a7be < snip > ---[ fin del seguimiento 48b2e0e67debcaeb ]--- RIP: 0010:internal_get_user_pages_fast+0x340/0x990 < snip > P\u00e1nico del n\u00facleo: no se sincroniza: Excepci\u00f3n fatal Desplazamiento del n\u00facleo: deshabilitado"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.9.165",
"versionEndExcluding": "4.10",
"matchCriteriaId": "03D696FD-2217-4673-A661-651833DB97FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.14.108",
"versionEndExcluding": "4.15",
"matchCriteriaId": "8EA0A3D7-55DF-4AF3-90C1-D65B1FFBF3BD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.19.31",
"versionEndExcluding": "4.20",
"matchCriteriaId": "C208F54A-1F85-44EF-9E91-6DA461A49CA0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.0",
"versionEndExcluding": "5.4.227",
"matchCriteriaId": "75ADB045-951E-4837-969B-C2C77523AD98"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.159",
"matchCriteriaId": "7318B597-DFFD-4BBC-A947-539D6E30D82A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.83",
"matchCriteriaId": "90897BD1-104D-4CFF-94F5-29F9041217FB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.0.13",
"matchCriteriaId": "389392A7-81C4-4C26-884B-8C7CF0F53DA4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E7E331DA-1FB0-4DEC-91AC-7DA69D461C11"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "17F0B248-42CF-4AE6-A469-BB1BAE7F4705"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E2422816-0C14-4B5E-A1E6-A9D776E5C49B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*",
"matchCriteriaId": "1C6E00FE-5FB9-4D20-A1A1-5A32128F9B76"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*",
"matchCriteriaId": "35B26BE4-43A6-4A36-A7F6-5B3F572D9186"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*",
"matchCriteriaId": "3FFFB0B3-930D-408A-91E2-BAE0C2715D80"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc7:*:*:*:*:*:*",
"matchCriteriaId": "8535320E-A0DB-4277-800E-D0CE5BBA59E8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc8:*:*:*:*:*:*",
"matchCriteriaId": "21718AA4-4056-40F2-968E-BDAA465A7872"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/04edfa3dc06ecfc6133a33bc7271298782dee875",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3ac29732a2ffa64c7de13a072b0f2848b9c11037",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e06d13c36ded750c72521b600293befebb4e56c5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f1cf856123ceb766c49967ec79b841030fa1741f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/fcd0ccd836ffad73d98a66f6fea7b16f735ea920",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

142
CVE-2022/CVE-2022-489xx/CVE-2022-48987.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-48987",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T20:15:10.617",
"lastModified": "2024-10-23T15:13:25.583",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-01T15:27:26.880",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,39 +15,159 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: media: v4l2-dv-timings.c: se corrigen comprobaciones de cordura de borrado demasiado estrictas Se a\u00f1adieron comprobaciones de cordura para verificar los campos de borrado de v4l2_bt_timings para evitar desbordamientos de enteros cuando el espacio de usuario pasa valores extra\u00f1os. Pero eso supon\u00eda que el espacio de usuario rellenar\u00eda correctamente los valores de front porch, back porch y sync, pero a veces todo lo que sabes es el borrado total, que luego se asigna a solo uno de estos campos. Y eso puede fallar con estas comprobaciones. As\u00ed que, en su lugar, establece un m\u00e1ximo para el borrado horizontal y vertical total y comprueba que cada campo permanezca por debajo de eso. Eso sigue siendo suficiente para evitar desbordamientos de enteros, pero tambi\u00e9n permite m\u00e1s flexibilidad en c\u00f3mo el espacio de usuario rellena estos campos."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.9.332",
"versionEndExcluding": "4.9.336",
"matchCriteriaId": "1EA5E6E0-F60E-4B95-AE97-C3027AA27388"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.14.298",
"versionEndExcluding": "4.14.302",
"matchCriteriaId": "8951F556-AF07-4129-996D-5BB44778FC95"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.19.264",
"versionEndExcluding": "4.19.269",
"matchCriteriaId": "74A39CCD-7EBA-4ED1-A24C-C1C0F8902BDD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.4.226",
"versionEndExcluding": "5.4.227",
"matchCriteriaId": "72E8F2FD-FA28-4184-BEFD-92915760FB87"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.10.153",
"versionEndExcluding": "5.10.159",
"matchCriteriaId": "F188CD3F-F2C5-4C45-A3C3-B105BFD832E5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.15.77",
"versionEndExcluding": "5.15.83",
"matchCriteriaId": "60E56598-983B-4E47-B87D-9B08693E8368"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.0.7",
"versionEndExcluding": "6.0.13",
"matchCriteriaId": "143D804C-0BEB-4434-B48B-1CA625157A7C"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/0d73b49c4037199472b29574ae21c21aef493971",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/2572ab14b73aa45b6ae7e4c089ccf119fed5cf89",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/32f01f0306a98629508f84d7ef0d1d037bc274a2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4afc77068e36cee45b39d4fdc7513de26980f72c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5eef2141776da02772c44ec406d6871a790761ee",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6fb8bc29bfa80707994a63cc97e2f9920e0b0608",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a2b56627c0d13009e02f6f2c0206c0451ed19a0e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d3d14cdf1c7ae2caa3e999bae95ba99e955fb7c3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

170
CVE-2022/CVE-2022-489xx/CVE-2022-48988.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-48988",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T20:15:10.710",
"lastModified": "2024-10-23T15:13:25.583",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-01T15:20:42.073",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,35 +15,185 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: memcg: corregir posible use after free en memcg_write_event_control() memcg_write_event_control() accede a dentry->d_name del fd de control especificado para enrutar la llamada de escritura. Como no se puede cambiar el nombre de un archivo de interfaz de cgroup, es seguro acceder a d_name siempre que el archivo especificado sea un archivo cgroup normal. Adem\u00e1s, como estos archivos de interfaz de cgroup no se pueden eliminar antes del directorio, tambi\u00e9n es seguro acceder al padre. Antes de 347c4a874710 (\"memcg: eliminar cgroup_event->cft\"), hab\u00eda una llamada a __file_cft() que verificaba que el archivo especificado es un archivo cgroupfs normal antes de futuros accesos. El puntero cftype devuelto desde __file_cft() ya no era necesario y el commit elimin\u00f3 inadvertidamente la verificaci\u00f3n del tipo de archivo, lo que permiti\u00f3 que cualquier archivo se deslizara. Con las invariantes rotas, los accesos a d_name y a los padres ahora pueden competir contra los cambios de nombre y las eliminaciones de archivos arbitrarios y causar use-after-free. Corrija el error resucitando la comprobaci\u00f3n del tipo de archivo en __file_cft(). Ahora que cgroupfs est\u00e1 implementado a trav\u00e9s de kernfs, la comprobaci\u00f3n de las operaciones de archivo debe pasar por una capa de indirecci\u00f3n. En su lugar, verifiquemos el tipo de superbloque y dentry."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.14",
"versionEndExcluding": "4.14.302",
"matchCriteriaId": "E107E1CA-F309-4B44-AB1F-DC3086D3F588"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.269",
"matchCriteriaId": "1185B8E3-712E-4BFB-BD01-78D47F7EF1F2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.227",
"matchCriteriaId": "8C752145-904B-474A-A7F2-E9F29353B0FE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.159",
"matchCriteriaId": "7318B597-DFFD-4BBC-A947-539D6E30D82A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.83",
"matchCriteriaId": "90897BD1-104D-4CFF-94F5-29F9041217FB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.0.13",
"matchCriteriaId": "389392A7-81C4-4C26-884B-8C7CF0F53DA4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E7E331DA-1FB0-4DEC-91AC-7DA69D461C11"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "17F0B248-42CF-4AE6-A469-BB1BAE7F4705"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E2422816-0C14-4B5E-A1E6-A9D776E5C49B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*",
"matchCriteriaId": "1C6E00FE-5FB9-4D20-A1A1-5A32128F9B76"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*",
"matchCriteriaId": "35B26BE4-43A6-4A36-A7F6-5B3F572D9186"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*",
"matchCriteriaId": "3FFFB0B3-930D-408A-91E2-BAE0C2715D80"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc7:*:*:*:*:*:*",
"matchCriteriaId": "8535320E-A0DB-4277-800E-D0CE5BBA59E8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc8:*:*:*:*:*:*",
"matchCriteriaId": "21718AA4-4056-40F2-968E-BDAA465A7872"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/0ed074317b835caa6c03bcfa8f133365324673dc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/35963b31821920908e397146502066f6b032c917",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4a7ba45b1a435e7097ca0f79a847d0949d0eb088",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/aad8bbd17a1d586005feb9226c2e9cfce1432e13",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b77600e26fd48727a95ffd50ba1e937efb548125",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e1ae97624ecf400ea56c238bff23e5cd139df0b8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f1f7f36cf682fa59db15e2089039a2eeb58ff2ad",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

39
CVE-2023/CVE-2023-382xx/CVE-2023-38291.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-38291",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-22T15:15:46.710",
"lastModified": "2024-04-22T19:24:06.727",
"lastModified": "2024-11-01T16:35:01.797",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Se descubri\u00f3 un problema en un componente de terceros relacionado con ro.boot.wifimacaddr, incluido en dispositivos de varios fabricantes. Varias compilaciones de software para los siguientes dispositivos TCL (30Z y 10L) y dispositivos Motorola (Moto G Pure y Moto G Power) filtran la direcci\u00f3n MAC de Wi-Fi a una propiedad del sistema a la que se puede acceder mediante cualquier aplicaci\u00f3n local en el dispositivo sin ning\u00fan permiso. o privilegios especiales. Google restringi\u00f3 que las aplicaciones de terceros obtengan directamente identificadores de dispositivos no reiniciables en Android 10 y versiones posteriores, pero en estos casos se filtran mediante un proceso de alto privilegio y se pueden obtener indirectamente. Las huellas digitales de compilaci\u00f3n de software para cada dispositivo vulnerable confirmado son las siguientes: TCL A3X (TCL/A600DL/Delhi_TF:11/RKQ1.201202.002/vAAZ:user/release-keys, TCL/A600DL/Delhi_TF:11/RKQ1.201202.002/vAB3:user/release-keys, TCL/A600DL/Delhi_TF:11/RKQ1.201202.002/vAB7:user/release-keys, TCL/A600DL/Delhi_TF:11/RKQ1.201202.002/vABA:user/release-keys, TCL/A600DL/Delhi_TF:11/RKQ1.201202.002/vABM:user/release-keys, TCL/A600DL/Delhi_TF:11/RKQ1.201202.002/vABP:user/release-keys, and TCL/A600DL/Delhi_TF:11/RKQ1.201202.002/vABS:user/release-keys); TCL 10L (TCL/T770B/T1_LITE:10/QKQ1.200329.002/3CJ0:user/release-keys and TCL/T770B/T1_LITE:11/RKQ1.210107.001/8BIC:user/release-keys); Motorola Moto G Pure (motorola/ellis_trac/ellis:11/RRHS31.Q3-46-110-2/74844:user/release-keys, motorola/ellis_trac/ellis:11/RRHS31.Q3-46-110-7/5cde8:user/release-keys, motorola/ellis_trac/ellis:11/RRHS31.Q3-46-110-10/d67faa:user/release-keys, motorola/ellis_trac/ellis:11/RRHS31.Q3-46-110-13/b4a29:user/release-keys, motorola/ellis_trac/ellis:12/S3RH32.20-42-10/1c2540:user/release-keys, motorola/ellis_trac/ellis:12/S3RHS32.20-42-13-2-1/6368dd:user/release-keys, motorola/ellis_a/ellis:11/RRH31.Q3-46-50-2/20fec:user/release-keys, motorola/ellis_vzw/ellis:11/RRH31.Q3-46-138/103bd:user/release-keys, motorola/ellis_vzw/ellis:11/RRHS31.Q3-46-138-2/e5502:user/release-keys, and motorola/ellis_vzw/ellis:12/S3RHS32.20-42-10-14-2/5e0b0:user/release-keys); y Motorola Moto G Power (motorola/tonga_g/tonga:11/RRQ31.Q3-68-16-2/e5877:user/release-keys and motorola/tonga_g/tonga:12/S3RQS32.20-42-10-6/f876d3:user/release-keys). Esta aplicaci\u00f3n maliciosa lee la propiedad del sistema \"ro.boot.wifimacaddr\" para obtener indirectamente la direcci\u00f3n MAC de Wi-Fi."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
}
],
"references": [
{
"url": "https://media.defcon.org/DEF%20CON%2031/DEF%20CON%2031%20presentations/Ryan%20Johnson%20Mohamed%20Elsabagh%20Angelos%20Stavrou%20-%20Still%20Vulnerable%20Out%20of%20the%20Box%20Revisiting%20the%20Security%20of%20Prepaid%20Android%20Carrier%20Devices.pdf",

39
CVE-2023/CVE-2023-400xx/CVE-2023-40085.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-40085",
"sourceIdentifier": "security@android.com",
"published": "2024-02-16T19:15:08.093",
"lastModified": "2024-02-16T19:26:55.393",
"lastModified": "2024-11-01T16:35:03.530",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "En convertSubgraphFromHAL de ShimConverter.cpp, existe una posible lectura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites faltantes. Esto podr\u00eda dar lugar a la divulgaci\u00f3n de informaci\u00f3n local sin necesidad de privilegios de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://android.googlesource.com/platform/packages/modules/NeuralNetworks/+/ed6ee1f7eca7b33160e36ac6d730a9ef395ca4f1",

39
CVE-2023/CVE-2023-448xx/CVE-2023-44856.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-44856",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-12T05:15:46.783",
"lastModified": "2024-04-12T12:43:46.210",
"lastModified": "2024-11-01T15:35:04.937",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Vulnerabilidad de Cross Site Scripting (XSS) en Cobham SAILOR VSAT Ku v.164B019, permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de un script manipulado para los par\u00e1metros rstat, remitente y destinatarios de la funci\u00f3n sub_21D24 en el archivo acu_web."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://pine-amphibian-9b9.notion.site/ENG-SAILOR-Ku-Software-XSS-Statistics-report-e97364c9d09449cf8869417e7187e997",

39
CVE-2023/CVE-2023-499xx/CVE-2023-49973.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-49973",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-06T01:15:07.063",
"lastModified": "2024-03-06T15:18:08.093",
"lastModified": "2024-11-01T16:35:04.683",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Una vulnerabilidad de cross-site scripting (XSS) en Customer Support System v1 permite a los atacantes ejecutar scripts web arbitrarios o HTML a trav\u00e9s de un payload manipulado inyectado en el par\u00e1metro de correo electr\u00f3nico en /customer_support/index.php?page=customer_list."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/geraldoalcantara/CVE-2023-49973",

39
CVE-2023/CVE-2023-520xx/CVE-2023-52044.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-52044",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-31T19:15:12.347",
"lastModified": "2024-11-01T12:57:03.417",
"lastModified": "2024-11-01T16:35:05.760",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -11,7 +11,42 @@
"value": "Studio-42 eLfinder 2.1.62 is vulnerable to Remote Code Execution (RCE) as there is no restriction for uploading files with the .php8 extension."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://github.com/Studio-42/elFinder/issues/3615",

39
CVE-2023/CVE-2023-523xx/CVE-2023-52347.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-52347",
"sourceIdentifier": "security@unisoc.com",
"published": "2024-04-08T03:15:08.550",
"lastModified": "2024-04-08T18:48:40.217",
"lastModified": "2024-11-01T15:35:05.800",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "En el servicio ril, existe una posible escritura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites faltantes. Esto podr\u00eda provocar una denegaci\u00f3n de servicio local con privilegios de ejecuci\u00f3n del System necesarios."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313",

27
CVE-2023/CVE-2023-523xx/CVE-2023-52380.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-52380",
"sourceIdentifier": "psirt@huawei.com",
"published": "2024-02-18T07:15:09.367",
"lastModified": "2024-02-20T19:50:53.960",
"lastModified": "2024-11-01T15:35:06.680",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "Vulnerabilidad de control de acceso inadecuado en el m\u00f3dulo de correo electr\u00f3nico. La explotaci\u00f3n exitosa de esta vulnerabilidad puede afectar la confidencialidad del servicio."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2024/2/",

39
CVE-2023/CVE-2023-525xx/CVE-2023-52518.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-52518",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-02T22:15:47.970",
"lastModified": "2024-03-04T13:58:23.447",
"lastModified": "2024-11-01T16:35:06.660",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: Bluetooth: hci_codec: corrige el contenido filtrado de local_codecs La siguiente p\u00e9rdida de memoria se puede observar cuando el controlador admite c\u00f3decs que se almacenan en la lista local_codecs pero los elementos nunca se liberan: objeto sin referencia 0xffff88800221d840 ( tama\u00f1o 32): comunicaci\u00f3n \"kworker/u3:0\", pid 36, santiam\u00e9n 4294898739 (edad 127.060 s) volcado hexadecimal (primeros 32 bytes): f8 d3 02 03 80 88 ff ff 80 d8 21 02 80 88 ff ff ... .......!..... 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ retroceso: [] __kmalloc+0x47/0x120 [] hci_codec_list_add.isra.0+0x2d/0x160 [] hci_read_codec_capabilities+0x183/0x270 [] hci_read_supported_codecs+0x 1bb/0x2d0 [] hci_read_local_codecs_sync+0x3e/ 0x60 [] hci_dev_open_sync+0x943/0x11e0 [] hci_power_on+0x10d/0x3f0 [] Process_one_work+0x404/0x800 [] hilo_trabajador+0x374/0x670 [] kthread+0x188/ 0x1c0 [] ret_from_fork+0x2b/0x50 [] ret_from_fork_asm+0x1a/0x30"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/626535077ba9dc110787540d1fe24881094c15a1",

39
CVE-2023/CVE-2023-525xx/CVE-2023-52529.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-52529",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-02T22:15:48.517",
"lastModified": "2024-03-04T13:58:23.447",
"lastModified": "2024-11-01T16:35:07.713",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: HID: sony: solucione una posible p\u00e9rdida de memoria en sony_probe() Si se produce un error despu\u00e9s de una llamada exitosa a usb_alloc_urb(), se debe llamar a usb_free_urb()."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.0,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/bb0707fde7492121917fd9ddb43829e96ec0bb9e",

39
CVE-2023/CVE-2023-525xx/CVE-2023-52576.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-52576",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-02T22:15:49.490",
"lastModified": "2024-03-04T13:58:23.447",
"lastModified": "2024-11-01T16:35:08.697",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: x86/mm, kexec, ima: utilice memblock_free_late() desde ima_free_kexec_buffer(). El c\u00f3digo que llama a ima_free_kexec_buffer() se ejecuta mucho despu\u00e9s de que el asignador de memblock ya se haya eliminado, lo que podr\u00eda provocar un \u00daselo despu\u00e9s de forma gratuita en memblock_isolate_range(). Con KASAN o KFENCE, este Use After Free resultar\u00e1 en un ERROR de la tarea inactiva y un posterior p\u00e1nico en el kernel. Cambie ima_free_kexec_buffer() a memblock_free_late() para evitar ese error."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/34cf99c250d5cd2530b93a57b0de31d3aaf8685b",

27
CVE-2023/CVE-2023-525xx/CVE-2023-52591.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-52591",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-06T07:15:08.510",
"lastModified": "2024-03-06T15:18:08.093",
"lastModified": "2024-11-01T16:35:09.553",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: reiserfs: evite tocar el directorio renombrado si el padre no cambia. El VFS no bloquear\u00e1 el directorio movido si su padre no cambia. Cambie el c\u00f3digo de cambio de nombre de reiserfs para evitar tocar el directorio renombrado si su padre no cambia, sin bloquearlo, lo que puede da\u00f1ar el sistema de archivos."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://git.kernel.org/stable/c/17e1361cb91dc1325834da95d2ab532959d2debc",

27
CVE-2023/CVE-2023-62xx/CVE-2023-6237.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-6237",
"sourceIdentifier": "openssl-security@openssl.org",
"published": "2024-04-25T07:15:45.270",
"lastModified": "2024-10-14T15:15:12.997",
"lastModified": "2024-11-01T15:35:06.920",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "Resumen del problema: la comprobaci\u00f3n de claves p\u00fablicas RSA inv\u00e1lidas excesivamente largas puede llevar mucho tiempo. Resumen de impacto: las aplicaciones que utilizan la funci\u00f3n EVP_PKEY_public_check() para comprobar las claves p\u00fablicas RSA pueden experimentar grandes retrasos. Cuando la clave que se est\u00e1 verificando se obtuvo de una fuente que no es confiable, esto puede dar lugar a una denegaci\u00f3n de servicio. Cuando se llama a la funci\u00f3n EVP_PKEY_public_check() en claves p\u00fablicas RSA, se realiza un c\u00e1lculo para confirmar que el m\u00f3dulo RSA, n, es compuesto. Para claves RSA v\u00e1lidas, n es un producto de dos o m\u00e1s n\u00fameros primos grandes y este c\u00e1lculo se completa r\u00e1pidamente. Sin embargo, si n es un n\u00famero primo demasiado grande, entonces este c\u00e1lculo llevar\u00eda mucho tiempo. Una aplicaci\u00f3n que llama a EVP_PKEY_public_check() y proporciona una clave RSA obtenida de una fuente que no es de confianza podr\u00eda ser vulnerable a un ataque de denegaci\u00f3n de servicio. La funci\u00f3n EVP_PKEY_public_check() no se llama desde otras funciones de OpenSSL, sin embargo, se llama desde la aplicaci\u00f3n de l\u00ednea de comandos pkey de OpenSSL. Por esa raz\u00f3n, esa aplicaci\u00f3n tambi\u00e9n es vulnerable si se usa con las opciones '-pubin' y '-check' en datos que no son de confianza. La implementaci\u00f3n de OpenSSL SSL/TLS no se ve afectada por este problema. Los proveedores FIPS OpenSSL 3.0 y 3.1 se ven afectados por este problema."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "openssl-security@openssl.org",

37
CVE-2023/CVE-2023-62xx/CVE-2023-6243.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6243",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-19T07:15:02.520",
"lastModified": "2024-10-21T17:10:22.857",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-01T15:26:34.970",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,18 +51,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:myeventon:eventon-lite:*:*:*:*:pro:wordpress:*:*",
"versionEndExcluding": "4.7",
"matchCriteriaId": "CF268D2A-557C-400A-97CB-F0F93D5EF2EE"
}
]
}
]
}
],
"references": [
{
"url": "https://docs.myeventon.com/documentations/eventon-changelog/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3017939%40eventon-lite&new=3017939%40eventon-lite&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1d0a40f8-4c31-447d-ac28-73cfe7a07687?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

93
CVE-2024/CVE-2024-103xx/CVE-2024-10351.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-10351",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-25T00:15:02.533",
"lastModified": "2024-10-25T12:56:07.750",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-01T16:15:23.800",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -110,8 +130,18 @@
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -120,26 +150,73 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:rx9_pro_firmware:22.03.02.20:*:*:*:*:*:*:*",
"matchCriteriaId": "891D469B-C415-46A8-8D95-70E2E42E5FD4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:rx9_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F07D2963-577B-49E1-BFE3-88D7862D566D"
}
]
}
]
}
],
"references": [
{
"url": "https://gitee.com/GXB0_0/iot-vul/blob/master/Tenda/RX9/20/setMacFilterCfg.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?ctiid.281699",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.281699",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.427706",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://www.tenda.com.cn/",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Product"
]
}
]
}

80
CVE-2024/CVE-2024-103xx/CVE-2024-10380.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-10380",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-25T13:15:17.547",
"lastModified": "2024-10-28T13:58:09.230",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-01T16:11:00.217",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -109,6 +129,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -120,26 +150,62 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mayurik:petrol_pump_management:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A334E610-B489-4A7C-B31A-1132B26FFF0B"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/K1nako0/tmp_vuln5/blob/main/README.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://vuldb.com/?ctiid.281810",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.281810",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.431174",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://www.sourcecodester.com/",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Product"
]
}
]
}

93
CVE-2024/CVE-2024-104xx/CVE-2024-10434.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-10434",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-28T01:15:02.273",
"lastModified": "2024-10-28T13:58:09.230",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-01T16:32:05.137",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -109,6 +129,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -120,26 +150,75 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ac1206_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2024-10-27",
"matchCriteriaId": "CE3C2658-AB4E-420A-8364-A955CB07D672"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:ac1206:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29D5013D-520A-461A-95FF-43B2BE160F91"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/physicszq/Routers/blob/main/Tenda/README.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.281985",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.281985",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.431291",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://www.tenda.com.cn/",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Product"
]
}
]
}

70
CVE-2024/CVE-2024-104xx/CVE-2024-10446.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10446",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-28T12:15:14.110",
"lastModified": "2024-10-28T13:58:09.230",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-01T16:39:25.890",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in Project Worlds Online Time Table Generator 1.0. Affected is an unknown function of the file /timetable/admin/admindashboard.php?info=add_course. The manipulation of the argument c leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en Project Worlds Online Time Table Generator 1.0. Se ve afectada una funci\u00f3n desconocida del archivo /timetable/admin/admindashboard.php?info=add_course. La manipulaci\u00f3n del argumento c conduce a una inyecci\u00f3n SQL. Es posible lanzar el ataque de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse."
}
],
"metrics": {
@ -57,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -116,22 +140,56 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:projectworlds:online_time_table_generator:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "89AF98EE-9983-48E4-B200-212717C6C739"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/jadu101/CVE/blob/main/project_worlds_online_time_table_generator_add_department_sqli.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.282006",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.282006",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.432371",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

137
CVE-2024/CVE-2024-106xx/CVE-2024-10656.json Normal file
View File

@ -0,0 +1,137 @@
{
"id": "CVE-2024-10656",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-11-01T15:15:16.960",
"lastModified": "2024-11-01T15:15:16.960",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Tongda OA 2017 up to 11.9. It has been rated as critical. This issue affects some unknown processing of the file /pda/meeting/apply.php. The manipulation of the argument mr_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/LvZCh/td/issues/12",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.282671",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.282671",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.433517",
"source": "cna@vuldb.com"
}
]
}

137
CVE-2024/CVE-2024-106xx/CVE-2024-10657.json Normal file
View File

@ -0,0 +1,137 @@
{
"id": "CVE-2024-10657",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-11-01T15:15:17.247",
"lastModified": "2024-11-01T15:15:17.247",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in Tongda OA up to 11.10. Affected is an unknown function of the file /pda/approve_center/prcs_info.php. The manipulation of the argument RUN_ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/LvZCh/td/issues/13",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.282672",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.282672",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.433528",
"source": "cna@vuldb.com"
}
]
}

137
CVE-2024/CVE-2024-106xx/CVE-2024-10658.json Normal file
View File

@ -0,0 +1,137 @@
{
"id": "CVE-2024-10658",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-11-01T15:15:17.500",
"lastModified": "2024-11-01T15:15:17.500",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in Tongda OA up to 11.10. Affected by this vulnerability is an unknown functionality of the file /pda/approve_center/check_seal.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/LvZCh/td/issues/14",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.282673",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.282673",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.433529",
"source": "cna@vuldb.com"
}
]
}

137
CVE-2024/CVE-2024-106xx/CVE-2024-10659.json Normal file
View File

@ -0,0 +1,137 @@
{
"id": "CVE-2024-10659",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-11-01T16:15:06.830",
"lastModified": "2024-11-01T16:15:06.830",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, has been found in ESAFENET CDG 5. Affected by this issue is the function delSystemEncryptPolicy of the file /com/esafenet/servlet/document/CDGAuthoriseTempletService.java. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://flowus.cn/share/eaefcf21-6a72-48f8-bc18-a4889512bfe5?code=G8A6P3",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.282674",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.282674",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.434862",
"source": "cna@vuldb.com"
}
]
}

137
CVE-2024/CVE-2024-106xx/CVE-2024-10660.json Normal file
View File

@ -0,0 +1,137 @@
{
"id": "CVE-2024-10660",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-11-01T16:15:07.130",
"lastModified": "2024-11-01T16:15:07.130",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, was found in ESAFENET CDG 5. This affects the function deleteHook of the file /com/esafenet/servlet/policy/HookService.java. The manipulation of the argument hookId leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://flowus.cn/share/9d33a5d8-87b1-482b-8642-a8fcf27585ba?code=G8A6P3",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.282675",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.282675",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.434863",
"source": "cna@vuldb.com"
}
]
}

141
CVE-2024/CVE-2024-106xx/CVE-2024-10661.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2024-10661",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-11-01T16:15:07.430",
"lastModified": "2024-11-01T16:15:07.430",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in Tenda AC15 15.03.05.19 and classified as critical. This vulnerability affects the function SetDlnaCfg of the file /goform/SetDlnaCfg. The manipulation of the argument scanList leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "HIGH",
"vulnerableSystemIntegrity": "HIGH",
"vulnerableSystemAvailability": "HIGH",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 8.7,
"baseSeverity": "HIGH"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0
},
"baseSeverity": "HIGH",
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-121"
}
]
}
],
"references": [
{
"url": "https://github.com/theRaz0r/iot-mycve/blob/main/tenda_ac15_stackflow_formDLNAserver/tenda_ac15_stackflow_formDLNAserver.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.282676",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.282676",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.434932",
"source": "cna@vuldb.com"
},
{
"url": "https://www.tenda.com.cn/",
"source": "cna@vuldb.com"
}
]
}

141
CVE-2024/CVE-2024-106xx/CVE-2024-10662.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2024-10662",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-11-01T16:15:07.723",
"lastModified": "2024-11-01T16:15:07.723",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Tenda AC15 15.03.05.19 and classified as critical. This issue affects the function formSetDeviceName of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "HIGH",
"vulnerableSystemIntegrity": "HIGH",
"vulnerableSystemAvailability": "HIGH",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 8.7,
"baseSeverity": "HIGH"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0
},
"baseSeverity": "HIGH",
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-121"
}
]
}
],
"references": [
{
"url": "https://github.com/theRaz0r/iot-mycve/blob/main/tenda_ac15_stackflow_formSetDeviceName/tenda_ac15_stackflow_formSetDeviceName.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.282677",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.282677",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.434933",
"source": "cna@vuldb.com"
},
{
"url": "https://www.tenda.com.cn/",
"source": "cna@vuldb.com"
}
]
}

27
CVE-2024/CVE-2024-15xx/CVE-2024-1549.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-1549",
"sourceIdentifier": "security@mozilla.org",
"published": "2024-02-20T14:15:08.683",
"lastModified": "2024-03-04T09:15:37.830",
"lastModified": "2024-11-01T16:35:10.463",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "Si un sitio web configura un cursor personalizado grande, partes del cursor podr\u00edan haberse superpuesto con el cuadro de di\u00e1logo de permisos, lo que podr\u00eda generar confusi\u00f3n en el usuario y permisos concedidos inesperados. Esta vulnerabilidad afecta a Firefox < 123, Firefox ESR < 115.8 y Thunderbird < 115.8."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1833814",

39
CVE-2024/CVE-2024-200xx/CVE-2024-20033.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-20033",
"sourceIdentifier": "security@mediatek.com",
"published": "2024-03-04T03:15:07.630",
"lastModified": "2024-03-04T13:58:23.447",
"lastModified": "2024-11-01T16:35:10.670",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "En nvram, existe una posible divulgaci\u00f3n de informaci\u00f3n debido a una verificaci\u00f3n de los l\u00edmites faltantes. Esto podr\u00eda conducir a la divulgaci\u00f3n de informaci\u00f3n local con privilegios de ejecuci\u00f3n de System necesarios. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: ALPS08499945; ID del problema: ALPS08499945."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/March-2024",

32
CVE-2024/CVE-2024-203xx/CVE-2024-20332.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-20332",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-04-03T17:15:48.713",
"lastModified": "2024-04-03T17:24:18.150",
"lastModified": "2024-11-01T16:35:11.657",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-918"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"references": [

14
CVE-2024/CVE-2024-210xx/CVE-2024-21066.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-21066",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2024-04-16T22:15:24.957",
"lastModified": "2024-04-17T12:48:31.863",
"lastModified": "2024-11-01T15:35:08.567",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://www.oracle.com/security-alerts/cpuapr2024.html",

14
CVE-2024/CVE-2024-222xx/CVE-2024-22248.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-22248",
"sourceIdentifier": "security@vmware.com",
"published": "2024-04-02T16:15:08.277",
"lastModified": "2024-04-02T18:12:16.283",
"lastModified": "2024-11-01T16:35:12.683",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-601"
}
]
}
],
"references": [
{
"url": "https://www.vmware.com/security/advisories/VMSA-2024-0008.html",

21
CVE-2024/CVE-2024-227xx/CVE-2024-22733.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-22733",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-01T16:15:08.077",
"lastModified": "2024-11-01T16:15:08.077",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TP Link MR200 V4 Firmware version 210201 was discovered to contain a null-pointer-dereference in the web administration panel on /cgi/login via the sign, Action or LoginStatus query parameters which could lead to a denial of service by a local or remote unauthenticated attacker."
}
],
"metrics": {},
"references": [
{
"url": "https://lenoctambule.dev/post/dos-on-tp-link-web-admin-panel",
"source": "cve@mitre.org"
}
]
}

39
CVE-2024/CVE-2024-232xx/CVE-2024-23201.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-23201",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-03-08T02:15:47.343",
"lastModified": "2024-03-13T23:15:45.840",
"lastModified": "2024-11-01T15:35:09.553",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Se solucion\u00f3 un problema de permisos con restricciones adicionales. Este problema se solucion\u00f3 en macOS Monterey 12.7.4, watchOS 10.3, tvOS 17.3, macOS Ventura 13.6.5, iOS 17.3 y iPadOS 17.3, macOS Sonoma 14.3. Una aplicaci\u00f3n puede provocar una denegaci\u00f3n de servicio."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.5,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2024/Mar/22",

27
CVE-2024/CVE-2024-267xx/CVE-2024-26769.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-26769",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-03T17:15:52.853",
"lastModified": "2024-04-03T17:24:18.150",
"lastModified": "2024-11-01T16:35:13.773",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: nvmet-fc: evita el punto muerto al eliminar la ruta de asociaci\u00f3n Al eliminar una asociaci\u00f3n, la ruta de cierre se bloquea porque intentamos vaciar el nvmet_wq anidado. Evite este punto muerto al diferir el trabajo colocado en su propio elemento de trabajo."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://git.kernel.org/stable/c/1d86f79287206deec36d63b89c741cf542b6cadd",

27
CVE-2024/CVE-2024-267xx/CVE-2024-26772.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-26772",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-03T17:15:53.023",
"lastModified": "2024-06-27T13:15:56.257",
"lastModified": "2024-11-01T16:35:14.027",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ext4: evita asignar bloques del grupo corrupto en ext4_mb_find_by_goal() Coloca la l\u00f3gica para verificar si el mapa de bits del bloque del grupo est\u00e1 corrupto bajo la protecci\u00f3n del bloqueo del grupo para evitar la asignaci\u00f3n de bloques del grupo con un mapa de bits de bloque da\u00f1ado."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://git.kernel.org/stable/c/21dbe20589c7f48e9c5d336ce6402bcebfa6d76a",

27
CVE-2024/CVE-2024-267xx/CVE-2024-26789.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-26789",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-04T09:15:08.400",
"lastModified": "2024-04-04T12:48:41.700",
"lastModified": "2024-11-01T15:35:10.487",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: crypto: arm64/neonbs: corrige el acceso fuera de los l\u00edmites en entradas cortas. La implementaci\u00f3n de bits de AES-CTR opera en bloques de 128 bytes y recurrir\u00e1 al Versi\u00f3n NEON simple para bloques finales o entradas que, para empezar, tienen menos de 128 bytes. Llamar\u00e1 directamente al asistente simple NEON asm, que realiza todos los accesos a la memoria en gr\u00e1nulos de 16 bytes (el tama\u00f1o de un registro NEON). Por esta raz\u00f3n, el c\u00f3digo de pegamento NEON simple asociado copiar\u00e1 las entradas de menos de 16 bytes en un b\u00fafer temporal, dado que esto es algo poco com\u00fan y no vale la pena el esfuerzo de solucionarlo en el c\u00f3digo ASM. El respaldo de la versi\u00f3n NEON dividida en bits no tiene esto en cuenta, lo que podr\u00eda provocar accesos fuera de los l\u00edmites. As\u00ed que clone la misma soluci\u00f3n y use un b\u00fafer temporal para entradas/salidas cortas."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
}
]
},
"references": [
{
"url": "https://git.kernel.org/stable/c/034e2d70b5c7f578200ad09955aeb2aa65d1164a",

27
CVE-2024/CVE-2024-267xx/CVE-2024-26799.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-26799",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-04T09:15:08.953",
"lastModified": "2024-04-04T12:48:22.650",
"lastModified": "2024-11-01T15:35:10.707",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ASoC: qcom: corrige el puntero no inicializado dmactl. En el caso de que se llame a __lpass_get_dmactl_handle y el ID del controlador dai_id no sea v\u00e1lido, al puntero dmactl no se le asigna un valor y dmactl contiene un valor basura. ya que no se ha inicializado y, por lo tanto, es posible que la verificaci\u00f3n nula no funcione. Solucione esto para inicializar dmactl a NULL. Se podr\u00eda argumentar que los compiladores modernos establecer\u00e1n esto en cero, pero es \u00fatil mantenerlo inicializado de la misma manera en las funciones __lpass_platform_codec_intf_init y lpass_cdc_dma_daiops_hw_params. Limpia la advertencia de compilaci\u00f3n de escaneo clang: sound/soc/qcom/lpass-cdc-dma.c:275:7: advertencia: la condici\u00f3n de rama se eval\u00faa como un valor basura [core.uninitialized.Branch]"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.5,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://git.kernel.org/stable/c/1382d8b55129875b2e07c4d2a7ebc790183769ee",

27
CVE-2024/CVE-2024-268xx/CVE-2024-26808.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-26808",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-04T10:15:08.943",
"lastModified": "2024-06-25T22:15:23.127",
"lastModified": "2024-11-01T16:35:14.403",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: netfilter: nft_chain_filter: maneja NETDEV_UNREGISTER para la cadena base inet/ingress Elimine netdevice de la cadena base inet/ingress en caso de que se informe el evento NETDEV_UNREGISTER; de lo contrario, permanecer\u00e1 una referencia obsoleta a netdevice en la lista de enlaces."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://git.kernel.org/stable/c/01acb2e8666a6529697141a6017edbf206921913",

27
CVE-2024/CVE-2024-268xx/CVE-2024-26847.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-26847",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-17T11:15:08.273",
"lastModified": "2024-04-17T12:48:07.510",
"lastModified": "2024-11-01T15:35:10.913",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: powerpc/rtas: use el nombre de funci\u00f3n correcto para restablecer las tablas TCE La especificaci\u00f3n PAPR escribe el nombre de la funci\u00f3n como \"ibm,reset-pe-dma-windows\" pero en la pr\u00e1ctica el firmware usa el singular formulario: \"ibm,reset-pe-dma-window\" en el \u00e1rbol de dispositivos. Dado que tenemos una ortograf\u00eda incorrecta en la tabla de funciones RTAS, las b\u00fasquedas inversas (token -> nombre) fallan y advierten: b\u00fasqueda fallida inesperada del token 86 ADVERTENCIA: CPU: 1 PID: 545 en arch/powerpc/kernel/rtas.c:659 __do_enter_rtas_trace+0x2a4/0x2b4 cpu: 1 pid: 545 com: systemd-udevd no contaminado 6.8.0-rc4 #30 Nombre de hardware: IBM, 9105-22A Power10 (RAW) 0x800200 0xf000006 de: IBM, FW1060.00 (NL10606060) :phyp pSeries NIP [c0000000000417f0] __do_enter_rtas_trace+0x2a4/0x2b4 LR [c0000000000417ec] __do_enter_rtas_trace+0x2a0/0x2b4 Seguimiento de llamadas: __do_enter_rtas_trace+0x2a0/0x2b4 (no confiable) tas_call+0x1f8/0x3e0 enable_ddw.constprop.0+0x4d0/0xc84 dma_iommu_dma_supported+0xe8/ 0x24c dma_set_mask+0x5c/0xd8 mlx5_pci_init.constprop.0+0xf0/0x46c [mlx5_core] probe_one+0xfc/0x32c [mlx5_core] local_pci_probe+0x68/0x12c pci_call_probe+0x68/0x1ec pci_device_probe+0xbc /0x1a8 realmente_probe+0x104/0x570 __driver_probe_device+0xb8/ 0x224 driver_probe_device+0x54/0x130 __driver_attach+0x158/0x2b0 bus_for_each_dev+0xa8/0x120 driver_attach+0x34/0x48 bus_add_driver+0x174/0x304 driver_register+0x8c/0x1c4 __pci_register_driver+0x68 /0x7c mlx5_init+0xb8/0x118 [mlx5_core] do_one_initcall+0x60/0x388 do_init_module +0x7c/0x2a4 init_module_from_file+0xb4/0x108 idempotent_init_module+0x184/0x34c sys_finit_module+0x90/0x114 Y es posible que haya errores cuando lockdep est\u00e1 habilitado o los puntos de seguimiento RTAS est\u00e1n activos, ya que esas rutas eliminan la referencia al resultado de la b\u00fasqueda. Utilice la ortograf\u00eda correcta para que coincida con el comportamiento del firmware, ajustando las constantes relacionadas para que coincidan."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.4,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://git.kernel.org/stable/c/6b6282d56b14879124416a23837af9bd52ae2dfb",

39
CVE-2024/CVE-2024-270xx/CVE-2024-27041.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-27041",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-01T13:15:49.647",
"lastModified": "2024-05-01T19:50:25.633",
"lastModified": "2024-11-01T16:35:14.873",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amd/display: corrige comprobaciones NULL para adev->dm.dc en amdgpu_dm_fini() Dado que 'adev->dm.dc' en amdgpu_dm_fini() podr\u00eda resultar ser NULL antes de llamar a dc_enable_dmub_notifications(), verifique de antemano para asegurarse de que no habr\u00e1 un posible NULL-ptr-deref all\u00ed. Adem\u00e1s, desde la confirmaci\u00f3n 1e88eb1b2c25 (\"drm/amd/display: Drop CONFIG_DRM_AMD_DC_HDCP\") hay dos comprobaciones separadas para NULL en 'adev->dm.dc' antes de dc_deinit_callbacks() y dc_dmub_srv_destroy(). Limpia combin\u00e1ndolos todos bajo un solo \"si\". Encontrado por el Centro de verificaci\u00f3n de Linux (linuxtesting.org) con la herramienta de an\u00e1lisis est\u00e1tico SVACE."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/1c62697e4086de988b31124fb8c79c244ea05f2b",

27
CVE-2024/CVE-2024-273xx/CVE-2024-27358.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-27358",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-26T17:15:11.650",
"lastModified": "2024-07-29T14:12:08.783",
"lastModified": "2024-11-01T15:35:11.127",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": " Se descubri\u00f3 un problema en WithSecure Elements Agent hasta 23.x para macOS y WithSecure Elements Client Security hasta 23.x para macOS. Los usuarios locales pueden impedir que un administrador complete una instalaci\u00f3n, tambi\u00e9n conocido como Denegaci\u00f3n de servicio (DoS)."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://www.withsecure.com/en/support/security-advisories/cve-2024-27358",

25
CVE-2024/CVE-2024-275xx/CVE-2024-27524.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-27524",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-01T15:15:17.907",
"lastModified": "2024-11-01T15:15:17.907",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting vulnerability in Chamilo LMS v.1.11.26 allows a remote attacker to escalate privileges via a crafted script to the filename parameter of the new_ticket.php component."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/chamilo/chamilo-lms/commit/53275c152275958b33a1f87a21843daa52fb543a",
"source": "cve@mitre.org"
},
{
"url": "https://www.less-secure.com/2024/10/chamilo-lms-cve-2024-27524-cve-2024.html",
"source": "cve@mitre.org"
}
]
}

25
CVE-2024/CVE-2024-275xx/CVE-2024-27525.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-27525",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-01T15:15:18.003",
"lastModified": "2024-11-01T15:15:18.003",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting vulnerability in Chamilo LMS v.1.11.26 allows a remote attacker to escalate privileges via a crafted script to the filename parameter of the home.php component."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/chamilo/chamilo-lms/commit/a63e03ef961e7bf2dab56f4ede6f87edef40ba0c",
"source": "cve@mitre.org"
},
{
"url": "https://www.less-secure.com/2024/10/chamilo-lms-cve-2024-27524-cve-2024.html",
"source": "cve@mitre.org"
}
]
}

25
CVE-2024/CVE-2024-282xx/CVE-2024-28265.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-28265",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-01T16:15:08.277",
"lastModified": "2024-11-01T16:15:08.277",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBOS v4.5.5 has an arbitrary file deletion vulnerability via \\system\\modules\\dashboard\\controllers\\LoginController.php."
}
],
"metrics": {},
"references": [
{
"url": "https://gitee.com/ibos/IBOS",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/A7cc/cve/issues/1",
"source": "cve@mitre.org"
}
]
}

39
CVE-2024/CVE-2024-285xx/CVE-2024-28571.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-28571",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-20T06:15:10.137",
"lastModified": "2024-03-20T13:00:16.367",
"lastModified": "2024-11-01T15:35:11.340",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "La vulnerabilidad de desbordamiento de b\u00fafer en FreeImage v.3.19.0 [r1909] de c\u00f3digo abierto permite a un atacante local provocar una denegaci\u00f3n de servicio (DoS) a trav\u00e9s de la funci\u00f3n fill_input_buffer() al leer im\u00e1genes en formato JPEG."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://github.com/Ruanxingzhi/vul-report/tree/master/freeimage-r1909",

39
CVE-2024/CVE-2024-286xx/CVE-2024-28679.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-28679",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-13T16:15:30.483",
"lastModified": "2024-03-13T18:15:58.530",
"lastModified": "2024-11-01T15:35:12.237",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Se descubri\u00f3 que DedeCMS v5.7 contiene una vulnerabilidad de Cross Site Scripting (XSS) a trav\u00e9s de Photo Collection."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/777erp/cms/blob/main/19.md",

39
CVE-2024/CVE-2024-287xx/CVE-2024-28715.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-28715",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-19T21:15:07.870",
"lastModified": "2024-03-20T13:00:16.367",
"lastModified": "2024-11-01T15:35:13.107",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "La vulnerabilidad de Cross Site Scripting en DOraCMS v.2.18 y anteriores permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de la funci\u00f3n markdown0 en el endpoint /app/public/apidoc/oas3/wrap-components/markdown.jsx."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.3
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/Lq0ne/CVE-2024-28715",

27
CVE-2024/CVE-2024-313xx/CVE-2024-31391.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-31391",
"sourceIdentifier": "security@apache.org",
"published": "2024-04-12T15:15:26.157",
"lastModified": "2024-05-01T17:15:36.400",
"lastModified": "2024-11-01T15:35:13.930",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "Vulnerabilidad de inserci\u00f3n de informaci\u00f3n confidencial en un archivo de registro en el operador Apache Solr. Este problema afecta a todas las versiones del operador Apache Solr desde la 0.3.0 hasta la 0.8.0. Cuando se le solicite iniciar la seguridad de Solr, el operador habilitar\u00e1 la autenticaci\u00f3n b\u00e1sica y crear\u00e1 varias cuentas para acceder a Solr: incluidas las cuentas \"solr\" y \"admin\" para uso de los usuarios finales, y una cuenta \"k8s-oper\" que utiliza el operador. para sus propias solicitudes a Solr. Una fuente com\u00fan de estas solicitudes de operadores son las comprobaciones de estado: las sondas de actividad, preparaci\u00f3n y arranque se utilizan para determinar el estado de Solr y su capacidad para recibir tr\u00e1fico. De forma predeterminada, el operador configura las API de Solr utilizadas para estas sondas para que est\u00e9n exentas de autenticaci\u00f3n, pero los usuarios pueden solicitar espec\u00edficamente que tambi\u00e9n se requiera autenticaci\u00f3n en los endpoints de las sondas. Cada vez que una de estas sondas fallaba, si se estaba utilizando la autenticaci\u00f3n, el operador Solr crear\u00eda un \"evento\" de Kubernetes que conten\u00eda el nombre de usuario y la contrase\u00f1a de la cuenta \"k8s-oper\". Dentro del rango de versiones afectadas, esta vulnerabilidad afecta a cualquier recurso de solrcloud que (1) haya iniciado la seguridad mediante el uso de la opci\u00f3n `.solrOptions.security.authenticationType=basic` y (2) requiera que se use autenticaci\u00f3n en las sondas configurando `.solrOptions. seguridad.probesRequireAuth=true`. Se recomienda a los usuarios actualizar a Solr Operador versi\u00f3n 0.8.1, que soluciona este problema al garantizar que las sondas ya no impriman las credenciales utilizadas para las solicitudes de Solr. Los usuarios tambi\u00e9n pueden mitigar la vulnerabilidad deshabilitando la autenticaci\u00f3n en sus sondas de verificaci\u00f3n de estado usando la configuraci\u00f3n `.solrOptions.security.probesRequireAuth=false`."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@apache.org",

39
CVE-2024/CVE-2024-329xx/CVE-2024-32920.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-32920",
"sourceIdentifier": "dsap-vuln-management@google.com",
"published": "2024-06-13T21:15:55.830",
"lastModified": "2024-06-17T12:43:31.090",
"lastModified": "2024-11-01T16:35:16.290",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "En set_secure_reg de sac_handler.c, existe una posible lectura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites faltantes. Esto podr\u00eda dar lugar a la divulgaci\u00f3n de informaci\u00f3n local de 4 bytes de memoria de pila sin necesidad de privilegios de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://source.android.com/security/bulletin/pixel/2024-06-01",

39
CVE-2024/CVE-2024-340xx/CVE-2024-34046.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-34046",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-30T00:15:07.713",
"lastModified": "2024-04-30T13:11:16.690",
"lastModified": "2024-11-01T16:35:17.327",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "La funci\u00f3n de incremento m\u00e9trico de O-RAN E2T I-Release Prometheus puede fallar en sctpThread.cpp para message.peerInfo->sctpParams->e2tCounters[IN_SUCC][MSG_COUNTER][ProcedureCode_id_RICsubscription]->Increment()."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"references": [
{
"url": "https://jira.o-ran-sc.org/browse/RIC-1047",

39
CVE-2024/CVE-2024-355xx/CVE-2024-35545.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-35545",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-06-26T18:15:14.940",
"lastModified": "2024-06-27T12:47:19.847",
"lastModified": "2024-11-01T15:35:14.157",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": " Se descubri\u00f3 que MAP-OS v4.45.0 y anteriores contienen una vulnerabilidad de Cross Site Scripting (XSS)."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/RamonSilva20/mapos/commit/3559bae4782162faab94670f503fd35b0f331929",

27
CVE-2024/CVE-2024-358xx/CVE-2024-35865.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-35865",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-19T09:15:08.033",
"lastModified": "2024-05-20T13:00:04.957",
"lastModified": "2024-11-01T16:35:18.357",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: smb: cliente: corrige UAF potencial en smb2_is_valid_oplock_break() Omita las sesiones que se est\u00e1n eliminando (estado == SES_EXITING) para evitar UAF."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://git.kernel.org/stable/c/21fed37d2bdcde33453faf61d3d4d96c355f04bd",

39
CVE-2024/CVE-2024-368xx/CVE-2024-36819.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-36819",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-06-25T19:15:11.837",
"lastModified": "2024-06-26T12:44:29.693",
"lastModified": "2024-11-01T16:35:18.640",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "MAP-OS 4.45.0 y versiones anteriores son vulnerables a Cross-Site Scripting (XSS). Esta vulnerabilidad permite a usuarios malintencionados insertar un payload malicioso en la entrada \"Nombre del cliente\". Cuando se crea una orden de servicio de este cliente, el payload malicioso se muestra en los paneles de administrador y de empleado, lo que resulta en la ejecuci\u00f3n de scripts no autorizados cada vez que se carga el panel."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/RamonSilva20/mapos/commit/3559bae4782162faab94670f503fd35b0f331929",

27
CVE-2024/CVE-2024-369xx/CVE-2024-36977.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-36977",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-06-18T20:15:13.517",
"lastModified": "2024-06-20T12:44:01.637",
"lastModified": "2024-11-01T15:35:14.983",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: usb: dwc3: Espere incondicionalmente despu\u00e9s de emitir el comando EndXfer Actualmente, todas las IP/revisiones del controlador excepto DWC3_usb3 >= 310a esperan 1 ms incondicionalmente para que ENDXFER se complete cuando el IOC no est\u00e1 configurado. Esto se debe a que las revisiones del controlador DWC_usb3 >= 3.10a admiten el bit GUCTL2[14: Rst_actbitlater] que permite sondear el bit CMDACT para saber si se complet\u00f3 el comando ENDXFER. Considere un caso en el que se puso en cola una solicitud IN y, en paralelo, se llam\u00f3 a soft_disconnect (debido a ffs_epfile_release). Esto eventualmente llama a stop_active_transfer con el IOC borrado, por lo tanto, send_gadget_ep_cmd() omite la espera de que CMDACT se borre durante EndXfer. Para los controladores DWC3 con revisiones >= 310a, tampoco esperamos forzosamente 1 ms y procedemos a desasignar las solicitudes. Si ENDXFER no se complet\u00f3 en este momento, se producir\u00e1n fallas de SMMU ya que el controlador a\u00fan estar\u00eda accediendo a esas solicitudes. Solucione este problema asegurando la finalizaci\u00f3n de ENDXFER agregando un retraso de 1 ms en __dwc3_stop_active_transfer() incondicionalmente."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.0,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://git.kernel.org/stable/c/1ba145f05b5c8f0b1a947a0633b5edff5dd1f1c5",

56
CVE-2024/CVE-2024-370xx/CVE-2024-37095.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37095",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-11-01T15:15:18.303",
"lastModified": "2024-11-01T15:15:18.303",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in Envira Gallery Team Envira Photo Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Envira Photo Gallery: from n/a through 1.8.7.3."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/envira-gallery-lite/wordpress-envira-photo-gallery-plugin-1-8-7-3-csrf-leading-to-notice-dismissal-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-370xx/CVE-2024-37096.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37096",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-11-01T15:15:18.537",
"lastModified": "2024-11-01T15:15:18.537",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in Popup Box Team Popup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Popup box: from n/a through 4.5.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/ays-popup-box/wordpress-popup-box-plugin-4-5-1-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-371xx/CVE-2024-37106.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37106",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-11-01T15:15:18.797",
"lastModified": "2024-11-01T15:15:18.797",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in WishList Products WishList Member X allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WishList Member X: from n/a through 3.26.6"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.2
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wishlist-member-x/wordpress-wishlist-member-x-plugin-3-25-1-unautenticated-plugin-settings-change-leading-to-stored-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-371xx/CVE-2024-37108.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37108",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-11-01T15:15:19.067",
"lastModified": "2024-11-01T15:15:19.067",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WishList Products WishList Member X allows Path Traversal.This issue affects WishList Member X: from n/a through 3.26.6."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.1,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wishlist-member-x/wordpress-wishlist-member-x-plugin-3-25-1-authenticated-arbitrary-file-deletion-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-371xx/CVE-2024-37119.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37119",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-11-01T15:15:19.347",
"lastModified": "2024-11-01T15:15:19.347",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in Uncanny Owl Uncanny Automator Pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Uncanny Automator Pro: from n/a through 5.3.0.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/uncanny-automator-pro/wordpress-uncanny-automator-pro-plugin-5-3-unauthenticated-license-settings-reset-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-371xx/CVE-2024-37123.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37123",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-11-01T15:15:19.567",
"lastModified": "2024-11-01T15:15:19.567",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in VowelWeb Ibtana allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ibtana: from n/a through 1.2.3.3."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/ibtana-visual-editor/wordpress-ibtana-wordpress-website-builder-plugin-1-2-3-3-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-372xx/CVE-2024-37201.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37201",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-11-01T15:15:19.797",
"lastModified": "2024-11-01T15:15:19.797",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in javmah Woocommerce Customers Order History allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Woocommerce Customers Order History: from n/a through 5.2.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/woo-customers-order-history/wordpress-woocommerce-customers-order-history-plugin-5-2-2-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-372xx/CVE-2024-37203.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37203",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-11-01T15:15:20.020",
"lastModified": "2024-11-01T15:15:20.020",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in Laybuy Laybuy Payment Extension for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Laybuy Payment Extension for WooCommerce: from n/a through 5.3.9."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/laybuy-gateway-for-woocommerce/wordpress-laybuy-payment-extension-for-woocommerce-plugin-5-3-9-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-372xx/CVE-2024-37204.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37204",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-11-01T15:15:20.223",
"lastModified": "2024-11-01T15:15:20.223",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in PropertyHive allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PropertyHive: from n/a through 2.0.9."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/propertyhive/wordpress-propertyhive-plugin-2-0-9-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-372xx/CVE-2024-37207.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37207",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-11-01T15:15:20.470",
"lastModified": "2024-11-01T15:15:20.470",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in Theme4Press Demo Awesome allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Demo Awesome: from n/a through 1.0.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/demo-awesome/wordpress-demo-awesome-plugin-1-0-1-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-372xx/CVE-2024-37209.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37209",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-11-01T15:15:20.690",
"lastModified": "2024-11-01T15:15:20.690",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Access Control vulnerability in Prism IT Systems User Rights Access Manager allows .\n\nThis issue affects User Rights Access Manager: from n/a through 1.1.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/user-rights-access-manager/wordpress-user-rights-access-manager-plugin-1-1-2-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-372xx/CVE-2024-37214.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37214",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-11-01T15:15:20.933",
"lastModified": "2024-11-01T15:15:20.933",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in Dropshipping Guru Ali2Woo Lite Exploiting Incorrectly Configured Access Control Security Levels, Stored XSS.This issue affects Ali2Woo Lite: from n/a through 3.3.5."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/ali2woo-lite/wordpress-aliexpress-dropshipping-with-alinext-lite-plugin-3-3-5-broken-access-control-to-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-372xx/CVE-2024-37218.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37218",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-11-01T15:15:21.153",
"lastModified": "2024-11-01T15:15:21.153",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in WordPress Page Builder Sandwich Team Page Builder Sandwich \u2013 Front-End Page Builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Page Builder Sandwich \u2013 Front-End Page Builder: from n/a through 5.1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/page-builder-sandwich/wordpress-page-builder-sandwich-5-1-0-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-372xx/CVE-2024-37220.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37220",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-11-01T15:15:21.367",
"lastModified": "2024-11-01T15:15:21.367",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in OptinlyHQ Optinly allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Optinly: from n/a through 1.0.18."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/optinly/wordpress-optinly-plugin-1-0-18-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-372xx/CVE-2024-37226.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37226",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-11-01T15:15:21.610",
"lastModified": "2024-11-01T15:15:21.610",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in Kanban for WordPress Kanban Boards for WordPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Kanban Boards for WordPress: from n/a through 2.5.21."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/kanban/wordpress-kanban-boards-for-wordpress-plugin-2-5-21-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-372xx/CVE-2024-37232.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37232",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-11-01T15:15:21.820",
"lastModified": "2024-11-01T15:15:21.820",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in Hercules Design Hercules Core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hercules Core: from n/a through 6.5."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/hercules-core/wordpress-hercules-core-plugin-6-4-subscriber-arbitrary-settings-change-access-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-372xx/CVE-2024-37249.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37249",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-11-01T15:15:22.037",
"lastModified": "2024-11-01T15:15:22.037",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in WPEngine Inc. Advanced Custom Fields PRO allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced Custom Fields PRO: from n/a through 6.3.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/advanced-custom-fields-pro/wordpress-advanced-custom-fields-pro-plugin-6-3-2-contributor-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-372xx/CVE-2024-37250.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37250",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-11-01T15:15:22.243",
"lastModified": "2024-11-01T15:15:22.243",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in WPEngine Inc. Advanced Custom Fields PRO allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced Custom Fields PRO: from n/a through 6.3.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/advanced-custom-fields-pro/wordpress-advanced-custom-fields-pro-6-3-2-subscriber-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-372xx/CVE-2024-37254.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37254",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-11-01T15:15:22.447",
"lastModified": "2024-11-01T15:15:22.447",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in mndpsingh287 File Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects File Manager: from n/a through 7.2.7."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-file-manager/wordpress-wp-file-manager-plugin-7-2-7-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-372xx/CVE-2024-37255.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37255",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-11-01T15:15:22.660",
"lastModified": "2024-11-01T15:15:22.660",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in Wpmet Elements kit Elementor addons allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Elements kit Elementor addons: from n/a through 3.1.4."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/elementskit-lite/wordpress-elementskit-lite-plugin-3-1-4-unauthenticated-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-372xx/CVE-2024-37269.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37269",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-11-01T15:15:22.867",
"lastModified": "2024-11-01T15:15:22.867",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in StylemixThemes Masterstudy Elementor Widgets allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Masterstudy Elementor Widgets: from n/a through 1.2.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/masterstudy-elementor-widgets/wordpress-masterstudy-elementor-widgets-plugin-1-2-2-unauthenticated-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-372xx/CVE-2024-37276.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37276",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-11-01T15:15:23.073",
"lastModified": "2024-11-01T15:15:23.073",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in fifu.App Featured Image from URL allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Featured Image from URL: from n/a through 4.8.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/featured-image-from-url/wordpress-featured-image-from-url-fifu-plugin-4-8-1-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-372xx/CVE-2024-37277.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37277",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-11-01T15:15:23.293",
"lastModified": "2024-11-01T15:15:23.293",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Authorization Bypass Through User-Controlled Key vulnerability in Paid Memberships Pro allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Paid Memberships Pro: from n/a through 3.0.4."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-639"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/paid-memberships-pro/wordpress-paid-memberships-pro-plugin-3-0-4-insecure-direct-object-references-idor-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-374xx/CVE-2024-37411.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37411",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-11-01T15:15:23.500",
"lastModified": "2024-11-01T15:15:23.500",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in Team Emilia Projects Progress Planner allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Progress Planner: from n/a through 0.9.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/progress-planner/wordpress-progress-planner-plugin-0-9-1-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-374xx/CVE-2024-37415.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37415",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-11-01T15:15:23.710",
"lastModified": "2024-11-01T15:15:23.710",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in E2Pdf.Com allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects e2pdf: from n/a through 1.20.27."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/e2pdf/wordpress-e2pdf-plugin-1-20-27-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-374xx/CVE-2024-37423.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37423",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-11-01T15:15:23.923",
"lastModified": "2024-11-01T15:15:23.923",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Automattic Newspack Blocks allows Path Traversal.This issue affects Newspack Blocks: from n/a through 3.0.8."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"baseScore": 8.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.1,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/newspack-blocks/wordpress-newspack-blocks-plugin-3-0-8-contributor-arbitrary-directory-deletion-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-374xx/CVE-2024-37425.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37425",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-11-01T15:15:24.140",
"lastModified": "2024-11-01T15:15:24.140",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in Automattic Newspack Blocks newspack-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Newspack Blocks: from n/a through 3.0.8."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/newspack-blocks/wordpress-newspack-blocks-plugin-3-0-8-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-374xx/CVE-2024-37427.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37427",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-11-01T15:15:24.343",
"lastModified": "2024-11-01T15:15:24.343",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in Arraytics Timetics allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Timetics: from n/a through 1.0.21."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/timetics/wordpress-timetics-plugin-1-0-21-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-374xx/CVE-2024-37439.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37439",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-11-01T15:15:24.550",
"lastModified": "2024-11-01T15:15:24.550",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in Uncanny Owl Uncanny Toolkit Pro for LearnDash allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Uncanny Toolkit Pro for LearnDash: from n/a through\u00a04.1.4.0"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/uncanny-toolkit-pro/wordpress-uncanny-toolkit-pro-for-learndash-plugin-4-1-4-1-subscriber-arbitrary-post-page-duplication-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-374xx/CVE-2024-37440.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37440",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-11-01T15:15:24.757",
"lastModified": "2024-11-01T15:15:24.757",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in Andy Moyle Church Admin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Church Admin: from n/a through 4.4.4."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/church-admin/wordpress-church-admin-plugin-4-4-4-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-374xx/CVE-2024-37443.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37443",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-11-01T15:15:24.973",
"lastModified": "2024-11-01T15:15:24.973",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in Automattic WP Job Manager - Resume Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Job Manager - Resume Manager: from n/a through 2.1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-job-manager-resumes/wordpress-wp-job-manager-resume-manager-plugin-2-1-0-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-374xx/CVE-2024-37444.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37444",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-11-01T15:15:25.207",
"lastModified": "2024-11-01T15:15:25.207",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in WPMU DEV Defender Security allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Defender Security: from n/a through 4.7.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/defender-security/wordpress-defender-plugin-4-7-1-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-374xx/CVE-2024-37453.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37453",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-11-01T15:15:25.677",
"lastModified": "2024-11-01T15:15:25.677",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in ProfileGrid User Profiles ProfileGrid allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ProfileGrid: from n/a through 5.8.7."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/profilegrid-user-profiles-groups-and-communities/wordpress-profilegrid-user-profiles-groups-and-communities-plugin-5-8-7-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

Some files were not shown because too many files have changed in this diff Show More