admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-08-08T16:00:18.459792+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-08-08 16:03:15 +00:00
parent 71185be6a9
commit 7a14064f97
107 changed files with 6389 additions and 616 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
CVE-2002/CVE-2002-20xx/CVE-2002-2024.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2002-2024",
"sourceIdentifier": "cve@mitre.org",
"published": "2002-12-31T05:00:00.000",
"lastModified": "2008-09-05T20:32:07.853",
"vulnStatus": "Analyzed",
"lastModified": "2024-08-08T14:35:00.557",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -12,6 +12,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
@ -48,6 +70,16 @@
"value": "NVD-CWE-Other"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-219"
}
]
}
],
"configurations": [

70
CVE-2018/CVE-2018-08xx/CVE-2018-0824.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2018-0824",
"sourceIdentifier": "secure@microsoft.com",
"published": "2018-05-09T19:29:00.370",
"lastModified": "2024-08-06T14:35:00.867",
"vulnStatus": "Modified",
"lastModified": "2024-08-08T14:50:32.110",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2024-08-05",
"cisaActionDue": "2024-08-26",
@ -22,33 +22,31 @@
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.6,
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
@ -121,28 +119,28 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0"
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:*:*",
"matchCriteriaId": "542DAEEC-73CC-46C6-A630-BF474A3446AC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*",
"matchCriteriaId": "E01A4CCA-4C43-46E0-90E6-3E4DBFBACD64"
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:*:*",
"matchCriteriaId": "61019899-D7AF-46E4-A72C-D189180F66AB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*",
"matchCriteriaId": "AEE2E768-0F45-46E1-B6D7-087917109D98"
"criteria": "cpe:2.3:o:microsoft:windows_10_1703:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1DD582C-1660-4E6E-81A1-537BD1307A99"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*",
"matchCriteriaId": "83B14968-3985-43C3-ACE5-8307196EFAE3"
"criteria": "cpe:2.3:o:microsoft:windows_10_1709:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC160B20-3EA0-49A0-A857-4E7A1C2D74E2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*",
"matchCriteriaId": "7CB85C75-4D35-480E-843D-60579EC75FCB"
"criteria": "cpe:2.3:o:microsoft:windows_10_1803:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00345596-E9E0-4096-8DC6-0212F4747A13"
},
{
"vulnerable": true,
@ -159,6 +157,16 @@
"criteria": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6CE5198-C498-4672-AF4C-77AB4BE06C5C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_1709:-:*:*:*:*:*:*:*",
"matchCriteriaId": "53695559-6E95-43C1-AD7C-1D99473223C2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_1803:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37097C39-D588-4018-B94D-5EB87B1E3D5A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
@ -188,16 +196,6 @@
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:1709:*:*:*:*:*:*:*",
"matchCriteriaId": "5B454BFE-D3AB-4CDC-B79B-F60EA3F57DBA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*",
"matchCriteriaId": "CAACE735-003E-4ACB-A82E-C0CF97D7F013"
}
]
}
@ -209,6 +207,7 @@
"url": "http://www.securityfocus.com/bid/104030",
"source": "secure@microsoft.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
@ -217,6 +216,7 @@
"url": "http://www.securitytracker.com/id/1040848",
"source": "secure@microsoft.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]

39
CVE-2021/CVE-2021-474xx/CVE-2021-47449.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-47449",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-22T07:15:10.050",
"lastModified": "2024-05-22T12:46:53.887",
"lastModified": "2024-08-08T15:35:01.740",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: ice: corrige el bloqueo para el vaciado del seguimiento de la marca de tiempo de Tx. Commit 4dd0d5c33c3e (\"ice: agrega bloqueo alrededor del vaciado del rastreador de marca de tiempo de Tx\") agreg\u00f3 un bloqueo alrededor del flujo del rastreador de marca de tiempo de Tx que se utiliza para la sanitizaci\u00f3n. cualquier SKB sobrante y prep\u00e1rese para retirar el dispositivo. Este bloqueo es problem\u00e1tico porque se mantiene en torno a una llamada a ice_clear_phy_tstamp. La funci\u00f3n de borrado requiere un mutex para enviar un comando de escritura PHY al firmware. Esto podr\u00eda llevar a un punto muerto si el mutex realmente duerme y causa la siguiente advertencia en un kernel con la depuraci\u00f3n de prioridad habilitada: [715.419426] ERROR: funci\u00f3n de dormir llamada desde un contexto no v\u00e1lido en kernel/locking/mutex.c:573 [715.427900] in_atomic (): 1, irqs_disabled(): 0, non_block: 0, pid: 3100, nombre: rmmod [715.435652] INFORMACI\u00d3N: lockdep est\u00e1 desactivado. [715.439591] Prelaci\u00f3n deshabilitada en: [715.439594] [<0000000000000000>] 0x0 [715.446678] CPU: 52 PID: 3100 Comm: rmmod Contaminado: GW OE 5.15.0-rc4+ #42 bdd7ec3018e725f 159ca0d372ce8c2c0e784891c [ 715.458058] Nombre del hardware: Intel Corporation S2600STQ/ S2600STQ, BIOS SE5C620.86B.02.01.0010.010620200716 06/01/2020 [715.468483] Seguimiento de llamadas: [715.470940] dump_stack_lvl+0x6a/0x9a [715.474613] ___might_sleep. fr\u00edo+0x224/0x26a [ 715.478895] __mutex_lock+0xb3/0x1440 [ 715.482569] ? stack_depot_save+0x378/0x500 [715.486763]? ice_sq_send_cmd+0x78/0x14c0 [hielo 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d] [715.494979]? kfree+0xc1/0x520 [ 715.498128] ? mutex_lock_io_nested+0x12a0/0x12a0 [715.502837]? kasan_set_free_info+0x20/0x30 [715.507110]? __kasan_slab_free+0x10b/0x140 [715.511385] ? slab_free_freelist_hook+0xc7/0x220 [715.516092]? kfree+0xc1/0x520 [ 715.519235] ? ice_deinit_lag+0x16c/0x220 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d] [715.527359]? ice_remove+0x1cf/0x6a0 [hielo 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d] [715.535133]? pci_device_remove+0xab/0x1d0 [715.539318]? __device_release_driver+0x35b/0x690 [715.544110] ? driver_detach+0x214/0x2f0 [715.548035]? bus_remove_driver+0x11d/0x2f0 [715.552309]? pci_unregister_driver+0x26/0x250 [715.556840]? ice_module_exit+0xc/0x2f [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d] [715.564799]? __do_sys_delete_module.constprop.0+0x2d8/0x4e0 [715.570554]? do_syscall_64+0x3b/0x90 [715.574303]? entrada_SYSCALL_64_after_hwframe+0x44/0xae [715.579529]? start_flush_work+0x542/0x8f0 [715.583719]? ice_sq_send_cmd+0x78/0x14c0 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d] [715.591923] ice_sq_send_cmd+0x78/0x14c0 [ice 9a7e1ec00971c89ecd3fe0d4dc 7da2b3786a421d] [715.599960]? wait_for_completion_io+0x250/0x250 [715.604662]? lock_acquire+0x196/0x200 [715.608504]? do_raw_spin_trylock+0xa5/0x160 [715.612864] ice_sbq_rw_reg+0x1e6/0x2f0 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d] [715.620813]? ice_reset+0x130/0x130 [hielo 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d] [715.628497]? __debug_check_no_obj_freed+0x1e8/0x3c0 [715.633550]? trace_hardirqs_on+0x1c/0x130 [715.637748] ice_write_phy_reg_e810+0x70/0xf0 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d] [715.646220]? do_raw_spin_trylock+0xa5/0x160 [715.650581]? ice_ptp_release+0x910/0x910 [hielo 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d] [715.658797]? ice_ptp_release+0x255/0x910 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d] [715.667013] ice_clear_phy_tstamp+0x2c/0x110 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3 786a421d] [715.675403] ice_ptp_release+0x408/0x910 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d] [715.683440] ice_remove+0x560/0x6a0 [ice 9a7e1ec00971 c89ecd3fe0d4dc7da2b3786a421d] [715.691037]? _raw_spin_unlock_irqrestore+0x46/0x73 [ 715.696005] pci_device_remove+0xab/0x1d0 [ 715.700018] __device_release_driver+0x35b/0x690 [ 715.704637] driver_detach+0x214/0x2f0 [ 715 .708389] bus_remove_driver+0x11d/0x2f0 [ 715.712489] pci_unregister_driver+0x26/0x250 [ 71 --- truncado---"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-129"
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/4d4a223a86afe658cd878800f09458e8bb54415d",

63
CVE-2023/CVE-2023-276xx/CVE-2023-27636.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-27636",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-06-16T21:15:50.620",
"lastModified": "2024-08-01T13:43:34.370",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-08T14:08:34.707",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -51,14 +81,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:progress:sitefinity:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.0.0",
"matchCriteriaId": "290E16EC-92A8-406F-96BE-90E6149E0A34"
}
]
}
]
}
],
"references": [
{
"url": "https://aldisaw.id/security/2024/06/03/CVE-2023-27636.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.exploit-db.com/exploits/52035",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

34
CVE-2023/CVE-2023-528xx/CVE-2023-52817.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-52817",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-21T16:15:19.763",
"lastModified": "2024-05-24T01:14:32.607",
"vulnStatus": "Analyzed",
"lastModified": "2024-08-08T15:35:04.263",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.5,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-476"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [

12
CVE-2024/CVE-2024-218xx/CVE-2024-21823.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-21823",
"sourceIdentifier": "secure@intel.com",
"published": "2024-05-16T21:16:03.877",
"lastModified": "2024-06-10T18:15:25.450",
"lastModified": "2024-08-08T15:35:06.513",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -49,6 +49,16 @@
"value": "CWE-1264"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"references": [

39
CVE-2024/CVE-2024-250xx/CVE-2024-25077.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-25077",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-10T20:15:03.023",
"lastModified": "2024-07-11T13:05:54.930",
"lastModified": "2024-08-08T14:35:02.810",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Se descubri\u00f3 un problema en los dispositivos Renesas SmartBond DA14691, DA14695, DA14697 y DA14699. El Nonce utilizado para el descifrado sobre la marcha de im\u00e1genes flash se almacena en un encabezado sin firmar, lo que permite modificar su valor sin invalidar la firma utilizada para la verificaci\u00f3n de im\u00e1genes de arranque seguro. Debido a que el motor de cifrado para el descifrado sobre la marcha utiliza AES en modo CTR sin autenticaci\u00f3n, un Nonce modificado por un atacante puede provocar la ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "https://github.com/atredispartners/advisories/blob/master/ATREDIS-2024-0001.md",

67
CVE-2024/CVE-2024-25xx/CVE-2024-2544.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2544",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-06-15T02:15:50.547",
"lastModified": "2024-06-17T12:42:04.623",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-08T15:27:52.437",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -18,8 +18,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L",
@ -39,14 +59,51 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sygnoos:popup_builder:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.3.2",
"matchCriteriaId": "D037081F-B950-44C3-B909-D146ECEFB211"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3096000%40popup-builder%2Ftrunk&old=3085485%40popup-builder%2Ftrunk&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/04802c63-4a5d-4948-9ef1-cf89c4cc757e?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch",
"Third Party Advisory"
]
}
]
}

14
CVE-2024/CVE-2024-292xx/CVE-2024-29209.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-29209",
"sourceIdentifier": "support@hackerone.com",
"published": "2024-05-07T17:15:08.490",
"lastModified": "2024-05-07T20:07:58.737",
"lastModified": "2024-08-08T15:35:08.173",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "https://support.knowbe4.com/hc/en-us/articles/28959755127955-CVE-2024-29209",

34
CVE-2024/CVE-2024-325xx/CVE-2024-32502.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-32502",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-06-07T17:15:50.760",
"lastModified": "2024-06-07T19:24:09.243",
"lastModified": "2024-08-08T15:35:08.940",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -36,9 +36,41 @@
},
"exploitabilityScore": 2.5,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.5,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"references": [
{
"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/",

34
CVE-2024/CVE-2024-328xx/CVE-2024-32899.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-32899",
"sourceIdentifier": "dsap-vuln-management@google.com",
"published": "2024-06-13T21:15:54.287",
"lastModified": "2024-07-11T14:22:06.627",
"vulnStatus": "Analyzed",
"lastModified": "2024-08-08T14:35:04.040",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-362"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"configurations": [

34
CVE-2024/CVE-2024-329xx/CVE-2024-32906.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-32906",
"sourceIdentifier": "dsap-vuln-management@google.com",
"published": "2024-06-13T21:15:54.810",
"lastModified": "2024-07-11T15:13:02.713",
"vulnStatus": "Analyzed",
"lastModified": "2024-08-08T14:35:04.950",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-908"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"configurations": [

70
CVE-2024/CVE-2024-339xx/CVE-2024-33961.json
View File

@ -2,17 +2,41 @@
"id": "CVE-2024-33961",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-08-06T12:15:49.360",
"lastModified": "2024-08-06T16:30:24.547",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-08T15:28:36.957",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following\u00a0'code' in '/admin/mod_reservation/controller.php' parameter."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n SQL en PayPal, Credit Card and Debit Card Payment que afecta a la versi\u00f3n 1.0. Un atacante podr\u00eda explotar esta vulnerabilidad enviando una consulta especialmente manipulada al servidor y recuperando toda la informaci\u00f3n almacenada en \u00e9l a trav\u00e9s del siguiente 'c\u00f3digo' en el par\u00e1metro '/admin/mod_reservation/controller.php'."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
@ -47,10 +71,50 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:credit_card:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "10CC4BF0-06E7-433F-9902-A807B816240D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:debit_card_payment:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EAEEFF8B-8B26-4A87-8337-845D03FBEBCF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:paypal:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1DF7E11E-26AF-4E84-AD88-110350D9D25C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:school_attendence_monitoring_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9E6B8938-87CD-4605-98EF-F9830FE8EC3C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:school_event_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7C436FF2-199A-4964-9C5A-600289DC83C3"
}
]
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-janobe-products",
"source": "cve-coordination@incibe.es"
"source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
}
]
}

70
CVE-2024/CVE-2024-339xx/CVE-2024-33962.json
View File

@ -2,17 +2,41 @@
"id": "CVE-2024-33962",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-08-06T12:15:49.570",
"lastModified": "2024-08-06T16:30:24.547",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-08T15:29:37.537",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following\u00a0'code' in '/admin/mod_reservation/index.php' parameter."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n SQL en PayPal, Credit Card and Debit Card Payment que afecta a la versi\u00f3n 1.0. Un atacante podr\u00eda explotar esta vulnerabilidad enviando una consulta especialmente manipulada al servidor y recuperando toda la informaci\u00f3n almacenada en \u00e9l a trav\u00e9s del siguiente 'c\u00f3digo' en el par\u00e1metro '/admin/mod_reservation/index.php'."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
@ -47,10 +71,50 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:credit_card:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "10CC4BF0-06E7-433F-9902-A807B816240D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:debit_card_payment:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EAEEFF8B-8B26-4A87-8337-845D03FBEBCF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:paypal:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1DF7E11E-26AF-4E84-AD88-110350D9D25C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:school_attendence_monitoring_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9E6B8938-87CD-4605-98EF-F9830FE8EC3C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:school_event_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7C436FF2-199A-4964-9C5A-600289DC83C3"
}
]
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-janobe-products",
"source": "cve-coordination@incibe.es"
"source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
}
]
}

70
CVE-2024/CVE-2024-339xx/CVE-2024-33963.json
View File

@ -2,17 +2,41 @@
"id": "CVE-2024-33963",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-08-06T12:15:49.790",
"lastModified": "2024-08-06T16:30:24.547",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-08T15:29:09.743",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'id' in '/admin/mod_room/index.php' parameter."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n SQL en PayPal, Credit Card and Debit Card Payment que afecta a la versi\u00f3n 1.0. Un atacante podr\u00eda explotar esta vulnerabilidad enviando una consulta especialmente manipulada al servidor y recuperando toda la informaci\u00f3n almacenada en \u00e9l a trav\u00e9s del siguiente 'id' en el par\u00e1metro '/admin/mod_room/index.php'."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
@ -47,10 +71,50 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:credit_card:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "10CC4BF0-06E7-433F-9902-A807B816240D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:debit_card_payment:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EAEEFF8B-8B26-4A87-8337-845D03FBEBCF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:paypal:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1DF7E11E-26AF-4E84-AD88-110350D9D25C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:school_attendence_monitoring_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9E6B8938-87CD-4605-98EF-F9830FE8EC3C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:school_event_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7C436FF2-199A-4964-9C5A-600289DC83C3"
}
]
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-janobe-products",
"source": "cve-coordination@incibe.es"
"source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
}
]
}

70
CVE-2024/CVE-2024-339xx/CVE-2024-33964.json
View File

@ -2,17 +2,41 @@
"id": "CVE-2024-33964",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-08-06T12:15:50.000",
"lastModified": "2024-08-06T16:30:24.547",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-08T15:29:15.933",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'id' in '/admin/mod_users/index.php' parameter."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n SQL en PayPal, Credit Card and Debit Card Payment que afecta a la versi\u00f3n 1.0. Un atacante podr\u00eda explotar esta vulnerabilidad enviando una consulta especialmente manipulada al servidor y recuperando toda la informaci\u00f3n almacenada en \u00e9l a trav\u00e9s del siguiente 'id' en el par\u00e1metro '/admin/mod_users/index.php'."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
@ -47,10 +71,50 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:credit_card:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "10CC4BF0-06E7-433F-9902-A807B816240D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:debit_card_payment:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EAEEFF8B-8B26-4A87-8337-845D03FBEBCF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:paypal:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1DF7E11E-26AF-4E84-AD88-110350D9D25C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:school_attendence_monitoring_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9E6B8938-87CD-4605-98EF-F9830FE8EC3C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:school_event_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7C436FF2-199A-4964-9C5A-600289DC83C3"
}
]
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-janobe-products",
"source": "cve-coordination@incibe.es"
"source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
}
]
}

70
CVE-2024/CVE-2024-339xx/CVE-2024-33965.json
View File

@ -2,17 +2,41 @@
"id": "CVE-2024-33965",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-08-06T12:15:50.223",
"lastModified": "2024-08-06T16:30:24.547",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-08T15:28:25.530",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'view' in '/tubigangarden/admin/mod_accomodation/index.php' parameter."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n SQL en PayPal, Credit Card and Debit Card Payment que afecta a la versi\u00f3n 1.0. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una consulta especialmente manipulada al servidor y recuperando toda la informaci\u00f3n almacenada en \u00e9l a trav\u00e9s de la siguiente 'vista' en el par\u00e1metro '/tubigangarden/admin/mod_accomodation/index.php'."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
@ -47,10 +71,50 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:credit_card:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "10CC4BF0-06E7-433F-9902-A807B816240D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:debit_card_payment:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EAEEFF8B-8B26-4A87-8337-845D03FBEBCF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:paypal:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1DF7E11E-26AF-4E84-AD88-110350D9D25C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:school_attendence_monitoring_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9E6B8938-87CD-4605-98EF-F9830FE8EC3C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:school_event_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7C436FF2-199A-4964-9C5A-600289DC83C3"
}
]
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-janobe-products",
"source": "cve-coordination@incibe.es"
"source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
}
]
}

70
CVE-2024/CVE-2024-339xx/CVE-2024-33966.json
View File

@ -2,17 +2,41 @@
"id": "CVE-2024-33966",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-08-06T12:15:50.440",
"lastModified": "2024-08-06T16:30:24.547",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-08T15:28:08.357",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'xtsearch' in '/admin/mod_reports/index.php' parameter."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n SQL en PayPal, Credit Card and Debit Card Payment que afecta a la versi\u00f3n 1.0. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una consulta especialmente manipulada al servidor y recuperando toda la informaci\u00f3n almacenada en \u00e9l a trav\u00e9s del siguiente par\u00e1metro 'xtsearch' en '/admin/mod_reports/index.php'."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
@ -47,10 +71,50 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:credit_card:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "10CC4BF0-06E7-433F-9902-A807B816240D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:debit_card_payment:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EAEEFF8B-8B26-4A87-8337-845D03FBEBCF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:paypal:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1DF7E11E-26AF-4E84-AD88-110350D9D25C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:school_attendence_monitoring_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9E6B8938-87CD-4605-98EF-F9830FE8EC3C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:school_event_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7C436FF2-199A-4964-9C5A-600289DC83C3"
}
]
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-janobe-products",
"source": "cve-coordination@incibe.es"
"source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
}
]
}

70
CVE-2024/CVE-2024-339xx/CVE-2024-33967.json
View File

@ -2,17 +2,41 @@
"id": "CVE-2024-33967",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-08-06T12:15:50.667",
"lastModified": "2024-08-06T16:30:24.547",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-08T15:27:50.917",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'view' in 'Attendance' and 'YearLevel' in '/AttendanceMonitoring/report/attendance_print.php' parameter."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n SQL en PayPal, Credit Card and Debit Card Payment que afecta a la versi\u00f3n 1.0. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una consulta especialmente manipulada al servidor y recuperando toda la informaci\u00f3n almacenada en \u00e9l a trav\u00e9s de la siguiente 'vista' en 'Asistencia' y 'Nivel de a\u00f1o' en el par\u00e1metro '/AttendanceMonitoring/report/attendance_print.php'."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
@ -47,10 +71,50 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:credit_card:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "10CC4BF0-06E7-433F-9902-A807B816240D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:debit_card_payment:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EAEEFF8B-8B26-4A87-8337-845D03FBEBCF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:paypal:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1DF7E11E-26AF-4E84-AD88-110350D9D25C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:school_attendence_monitoring_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9E6B8938-87CD-4605-98EF-F9830FE8EC3C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:school_event_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7C436FF2-199A-4964-9C5A-600289DC83C3"
}
]
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-janobe-products",
"source": "cve-coordination@incibe.es"
"source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
}
]
}

70
CVE-2024/CVE-2024-339xx/CVE-2024-33968.json
View File

@ -2,17 +2,41 @@
"id": "CVE-2024-33968",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-08-06T12:15:50.887",
"lastModified": "2024-08-06T16:30:24.547",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-08T15:27:34.080",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'Attendance' and 'YearLevel' in '/AttendanceMonitoring/report/index.php' parameter."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n SQL en PayPal, Credit Card and Debit Card Payment que afecta a la versi\u00f3n 1.0. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una consulta especialmente manipulada al servidor y recuperando toda la informaci\u00f3n almacenada en \u00e9l a trav\u00e9s de los siguientes par\u00e1metros 'Asistencia' y 'Nivel de a\u00f1o' en '/AttendanceMonitoring/report/index.php'."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
@ -47,10 +71,50 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:credit_card:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "10CC4BF0-06E7-433F-9902-A807B816240D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:debit_card_payment:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EAEEFF8B-8B26-4A87-8337-845D03FBEBCF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:paypal:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1DF7E11E-26AF-4E84-AD88-110350D9D25C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:school_attendence_monitoring_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9E6B8938-87CD-4605-98EF-F9830FE8EC3C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:school_event_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7C436FF2-199A-4964-9C5A-600289DC83C3"
}
]
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-janobe-products",
"source": "cve-coordination@incibe.es"
"source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
}
]
}

70
CVE-2024/CVE-2024-339xx/CVE-2024-33969.json
View File

@ -2,17 +2,41 @@
"id": "CVE-2024-33969",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-08-06T12:15:51.100",
"lastModified": "2024-08-06T16:30:24.547",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-08T15:27:09.497",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'id' in '/AttendanceMonitoring/department/index.php' parameter."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n SQL en PayPal, Credit Card and Debit Card Payment que afecta a la versi\u00f3n 1.0. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una consulta especialmente manipulada al servidor y recuperando toda la informaci\u00f3n almacenada en \u00e9l a trav\u00e9s del siguiente 'id' en el par\u00e1metro '/AttendanceMonitoring/department/index.php'."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
@ -47,10 +71,50 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:credit_card:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "10CC4BF0-06E7-433F-9902-A807B816240D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:debit_card_payment:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EAEEFF8B-8B26-4A87-8337-845D03FBEBCF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:paypal:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1DF7E11E-26AF-4E84-AD88-110350D9D25C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:school_attendence_monitoring_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9E6B8938-87CD-4605-98EF-F9830FE8EC3C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:school_event_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7C436FF2-199A-4964-9C5A-600289DC83C3"
}
]
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-janobe-products",
"source": "cve-coordination@incibe.es"
"source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
}
]
}

70
CVE-2024/CVE-2024-339xx/CVE-2024-33970.json
View File

@ -2,17 +2,41 @@
"id": "CVE-2024-33970",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-08-06T12:15:51.330",
"lastModified": "2024-08-06T16:30:24.547",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-08T15:26:48.940",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'studid' in '/candidate/controller.php' parameter."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n SQL en PayPal, Credit Card and Debit Card Payment que afecta a la versi\u00f3n 1.0. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una consulta especialmente manipulada al servidor y recuperando toda la informaci\u00f3n almacenada en \u00e9l a trav\u00e9s del siguiente par\u00e1metro 'studid' en '/candidate/controller.php'."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
@ -47,10 +71,50 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:credit_card:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "10CC4BF0-06E7-433F-9902-A807B816240D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:debit_card_payment:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EAEEFF8B-8B26-4A87-8337-845D03FBEBCF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:paypal:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1DF7E11E-26AF-4E84-AD88-110350D9D25C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:school_attendence_monitoring_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9E6B8938-87CD-4605-98EF-F9830FE8EC3C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:school_event_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7C436FF2-199A-4964-9C5A-600289DC83C3"
}
]
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-janobe-products",
"source": "cve-coordination@incibe.es"
"source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
}
]
}

70
CVE-2024/CVE-2024-339xx/CVE-2024-33971.json
View File

@ -2,17 +2,41 @@
"id": "CVE-2024-33971",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-08-06T12:15:51.550",
"lastModified": "2024-08-06T16:30:24.547",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-08T15:26:31.097",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'username' in '/login.php' parameter."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n SQL en PayPal, Credit Card and Debit Card Payment que afecta a la versi\u00f3n 1.0. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una consulta especialmente manipulada al servidor y recuperando toda la informaci\u00f3n almacenada en \u00e9l a trav\u00e9s del siguiente 'nombre de usuario' en el par\u00e1metro '/login.php'."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
@ -47,10 +71,50 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:credit_card:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "10CC4BF0-06E7-433F-9902-A807B816240D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:debit_card_payment:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EAEEFF8B-8B26-4A87-8337-845D03FBEBCF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:paypal:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1DF7E11E-26AF-4E84-AD88-110350D9D25C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:school_attendence_monitoring_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9E6B8938-87CD-4605-98EF-F9830FE8EC3C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:school_event_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7C436FF2-199A-4964-9C5A-600289DC83C3"
}
]
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-janobe-products",
"source": "cve-coordination@incibe.es"
"source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
}
]
}

70
CVE-2024/CVE-2024-339xx/CVE-2024-33972.json
View File

@ -2,17 +2,41 @@
"id": "CVE-2024-33972",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-08-06T12:15:51.773",
"lastModified": "2024-08-06T16:30:24.547",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-08T15:25:18.450",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'events' in '/report/event_print.php' parameter."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n SQL en PayPal, Credit Card and Debit Card Payment que afecta a la versi\u00f3n 1.0. Un atacante podr\u00eda explotar esta vulnerabilidad enviando una consulta especialmente manipulada al servidor y recuperando toda la informaci\u00f3n almacenada en \u00e9l a trav\u00e9s de los siguientes 'eventos' en el par\u00e1metro '/report/event_print.php'."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
@ -47,10 +71,50 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:credit_card:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "10CC4BF0-06E7-433F-9902-A807B816240D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:debit_card_payment:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EAEEFF8B-8B26-4A87-8337-845D03FBEBCF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:paypal:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1DF7E11E-26AF-4E84-AD88-110350D9D25C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:school_attendence_monitoring_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9E6B8938-87CD-4605-98EF-F9830FE8EC3C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:school_event_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7C436FF2-199A-4964-9C5A-600289DC83C3"
}
]
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-janobe-products",
"source": "cve-coordination@incibe.es"
"source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
}
]
}

80
CVE-2024/CVE-2024-339xx/CVE-2024-33973.json
View File

@ -2,17 +2,41 @@
"id": "CVE-2024-33973",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-08-06T12:15:51.993",
"lastModified": "2024-08-06T16:30:24.547",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-08T15:24:35.547",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'Attendance' and 'YearLevel' in '/report/attendance_print.php' parameter."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n SQL en PayPal, Credit Card and Debit Card Payment que afecta a la versi\u00f3n 1.0. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una consulta especialmente manipulada al servidor y recuperando toda la informaci\u00f3n almacenada en \u00e9l a trav\u00e9s de los siguientes par\u00e1metros 'Asistencia' y 'Nivel de a\u00f1o' en '/report/attendance_print.php'."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
@ -36,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
},
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
@ -47,10 +81,50 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:credit_card:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "10CC4BF0-06E7-433F-9902-A807B816240D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:debit_card_payment:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EAEEFF8B-8B26-4A87-8337-845D03FBEBCF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:paypal:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1DF7E11E-26AF-4E84-AD88-110350D9D25C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:school_attendence_monitoring_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9E6B8938-87CD-4605-98EF-F9830FE8EC3C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:school_event_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7C436FF2-199A-4964-9C5A-600289DC83C3"
}
]
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-janobe-products",
"source": "cve-coordination@incibe.es"
"source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
}
]
}

60
CVE-2024/CVE-2024-343xx/CVE-2024-34312.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-34312",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-06-24T20:15:10.480",
"lastModified": "2024-08-01T13:52:19.707",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-08T14:19:10.503",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -39,10 +59,44 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:virtual_programming_lab:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2.3",
"matchCriteriaId": "FB8B35E8-E77D-4268-B597-00A10A153CC8"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/vincentscode/CVE-2024-34312",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
]
}
]
}

61
CVE-2024/CVE-2024-344xx/CVE-2024-34479.json
View File

@ -2,17 +2,41 @@
"id": "CVE-2024-34479",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-07T16:15:44.327",
"lastModified": "2024-08-07T20:35:17.290",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-08T15:10:12.900",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SourceCodester Computer Laboratory Management System 1.0 allows classes/Master.php id SQL Injection."
},
{
"lang": "es",
"value": "SourceCodester Computer Laboratory Management System 1.0 permite la inyecci\u00f3n SQL de clases/Master.php id."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -36,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -47,10 +81,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oretnom23:computer_laboratory_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5A1D4E41-0B2D-4D1E-9AA9-CB4366C91AC4"
}
]
}
]
}
],
"references": [
{
"url": "https://cxsecurity.com/issue/WLB-2024080004",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

98
CVE-2024/CVE-2024-344xx/CVE-2024-34480.json
View File

@ -2,20 +2,110 @@
"id": "CVE-2024-34480",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-07T16:15:44.393",
"lastModified": "2024-08-07T19:09:46.290",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-08T15:35:10.330",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SourceCodester Computer Laboratory Management System 1.0 allows admin/category/view_category.php id SQL Injection."
},
{
"lang": "es",
"value": "SourceCodester Computer Laboratory Management System 1.0 permite la inyecci\u00f3n SQL de identificaci\u00f3n admin/category/view_category.php."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oretnom23:computer_laboratory_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5A1D4E41-0B2D-4D1E-9AA9-CB4366C91AC4"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://cxsecurity.com/issue/WLB-2024080003",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

39
CVE-2024/CVE-2024-349xx/CVE-2024-34949.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-34949",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-20T18:15:10.463",
"lastModified": "2024-06-04T19:20:04.827",
"lastModified": "2024-08-08T15:35:11.187",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": " likeshop 2.5.7 es vulnerable a la inyecci\u00f3n SQL a trav\u00e9s de la funci\u00f3n getOrderList."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.2
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://charm-august-88a.notion.site/CVE-2024-34949-SQL-injection-vulnerability-in-Likeshop-2-5-7-6139a82f9ab7423c9ef7c95950f68301",

39
CVE-2024/CVE-2024-350xx/CVE-2024-35009.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-35009",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-14T16:17:30.767",
"lastModified": "2024-05-14T19:17:55.627",
"lastModified": "2024-08-08T15:35:12.080",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Se descubri\u00f3 que idccms v1.35 conten\u00eda Cross-Site Request Forgery (CSRF) a trav\u00e9s del componente /admin/share_switch.php?mudi=switch&dataType=&fieldName=state&fieldName2=state&tabName=banner&dataID=6."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://github.com/Thirtypenny77/cms/blob/main/5.md",

39
CVE-2024/CVE-2024-355xx/CVE-2024-35579.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-35579",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-20T18:15:10.713",
"lastModified": "2024-05-20T19:34:58.277",
"lastModified": "2024-08-08T15:35:12.957",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": " Tenda AX1806 v1.0.0.1 contiene un desbordamiento de pila a trav\u00e9s del par\u00e1metro iptv.city.vlan en la funci\u00f3n formSetIptv."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.5
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-121"
}
]
}
],
"references": [
{
"url": "https://detailed-stetson-767.notion.site/Tenda-AX1806-Buffer-Overflow-in-formSetIptv-cebf9202122a4582ae86c5253b3f6da3?pvs=4",

39
CVE-2024/CVE-2024-360xx/CVE-2024-36048.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-36048",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-18T21:15:47.673",
"lastModified": "2024-06-10T17:16:32.167",
"lastModified": "2024-08-08T15:35:13.937",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": " QAbstractOAuth en Qt Network Authorization en Qt antes de 5.15.17, 6.x antes de 6.2.13, 6.3.x hasta 6.5.x antes de 6.5.6 y 6.6.x hasta 6.7.x antes de 6.7.1 usa solo el tiempo de inicializaci\u00f3n PRNG, lo que puede dar como resultado valores adivinables."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-335"
}
]
}
],
"references": [
{
"url": "https://codereview.qt-project.org/c/qt/qtnetworkauth/+/560317",

60
CVE-2024/CVE-2024-363xx/CVE-2024-36397.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-36397",
"sourceIdentifier": "cna@cyber.gov.il",
"published": "2024-06-16T08:15:31.630",
"lastModified": "2024-06-17T12:42:04.623",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-08T14:52:17.297",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "cna@cyber.gov.il",
"type": "Secondary",
@ -51,10 +71,44 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vantiva:mediaaccess_dga2232_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "19.4",
"versionEndExcluding": "19.4-810",
"matchCriteriaId": "8EF17048-C25A-43AD-A366-961F8782F4E3"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vantiva:mediaaccess_dga2232:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6D6A7B-87BC-4CF7-B098-95C78D370412"
}
]
}
]
}
],
"references": [
{
"url": "https://www.gov.il/en/Departments/faq/cve_advisories",
"source": "cna@cyber.gov.il"
"source": "cna@cyber.gov.il",
"tags": [
"Third Party Advisory"
]
}
]
}

62
CVE-2024/CVE-2024-365xx/CVE-2024-36572.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-36572",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-30T20:15:03.630",
"lastModified": "2024-08-01T13:53:06.967",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-08T14:28:25.750",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1321"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -51,14 +81,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:allpro:formmanager_data_handler:0.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "71E32868-786A-48EE-980B-A775C288255A"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/mestrtee/1771ab4fba733ca898b6e2463dc6ed19",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
},
{
"url": "https://github.com/allpro/form-manager/issues/1",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
}
]
}

64
CVE-2024/CVE-2024-365xx/CVE-2024-36597.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-36597",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-06-14T18:15:27.457",
"lastModified": "2024-06-17T12:42:04.623",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-08T15:49:26.397",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,11 +15,67 @@
"value": "Se descubri\u00f3 que Aegon Life v1.0 conten\u00eda una vulnerabilidad de inyecci\u00f3n SQL a trav\u00e9s del par\u00e1metro client_id en clientStatus.php."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:projectworlds:life_insurance_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7E652DAE-268A-458B-806B-8C96AA0F0C21"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/kaliankhe/CVE-Aslam-mahi/blob/9ec0572c68bfd3708a7d6e089181024131f4e927/vendors/projectworlds.in/AEGON%20LIFE%20v1.0%20Life%20Insurance%20Management%20System/CVE-2024-36597",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

79
CVE-2024/CVE-2024-369xx/CVE-2024-36971.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-36971",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-06-10T09:15:09.127",
"lastModified": "2024-08-08T01:00:01.727",
"vulnStatus": "Modified",
"lastModified": "2024-08-08T14:49:52.603",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2024-08-07",
"cisaActionDue": "2024-08-28",
@ -96,13 +96,50 @@
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.6",
"versionEndExcluding": "6.9.4",
"matchCriteriaId": "0AF142DE-E79F-45D3-9418-E0E28BCA1F3E"
"versionEndExcluding": "4.19.316",
"matchCriteriaId": "4A293D74-EB53-4BBF-86BD-0569A72A4192"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.10.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "C40DD2D9-90E3-4E95-9F1A-E7C680F11F2A"
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.278",
"matchCriteriaId": "7FDBF235-DA18-49A1-8690-6C7272FD0701"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.219",
"matchCriteriaId": "E9063AF3-D593-43B7-810D-58B87F82F9F9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.161",
"matchCriteriaId": "31130639-53FE-4726-8986-434EE2528CB2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.94",
"matchCriteriaId": "9D20DE32-76F8-4E4C-A8DF-5B53082D18E5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.34",
"matchCriteriaId": "6BD9DCFD-0342-4039-B8CE-70F26DB7173B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.9.4",
"matchCriteriaId": "991B9791-966A-4D18-9E8D-A8AB128E5627"
}
]
}
@ -112,19 +149,31 @@
"references": [
{
"url": "https://git.kernel.org/stable/c/051c0bde9f0450a2ec3d62a86d2a0d2fad117f13",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/2295a7ef5c8c49241bff769e7826ef2582e532a6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5af198c387128a9d2ddd620b0f0803564a4d4508",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/81dd3c82a456b0015461754be7cb2693991421b4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/92f1655aa2b2294d0b49925f3b875a634bd3b59e",
@ -142,11 +191,17 @@
},
{
"url": "https://git.kernel.org/stable/c/db0082825037794c5dba9959c9de13ca34cc5e72",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/eacb8b195579c174a6d3e12a9690b206eb7f28cf",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

37
CVE-2024/CVE-2024-36xx/CVE-2024-3659.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-3659",
"sourceIdentifier": "cvd@cert.pl",
"published": "2024-08-08T13:15:13.823",
"lastModified": "2024-08-08T13:15:13.823",
"lastModified": "2024-08-08T15:35:18.413",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
@ -11,7 +11,30 @@
"value": "Firmware in KAON\u00a0AR2140 routers prior to version 4.2.16 is vulnerable to a shell command injection via sending a crafted request to one of the endpoints.\nIn order to exploit this vulnerability, one has to have access to the administrative portal of the router."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "cvd@cert.pl",
@ -22,6 +45,16 @@
"value": "CWE-77"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"references": [

17
CVE-2024/CVE-2024-370xx/CVE-2024-37085.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-37085",
"sourceIdentifier": "security@vmware.com",
"published": "2024-06-25T15:15:12.377",
"lastModified": "2024-08-01T13:53:23.320",
"vulnStatus": "Modified",
"lastModified": "2024-08-08T14:48:49.303",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2024-07-30",
"cisaActionDue": "2024-08-20",
@ -70,7 +70,7 @@
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
"value": "CWE-287"
}
]
},
@ -96,15 +96,8 @@
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0",
"versionEndIncluding": "4.5.2",
"matchCriteriaId": "21FEEF73-B706-45D7-BFD5-B2C561D1CC5E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.0",
"versionEndExcluding": "5.2",
"matchCriteriaId": "F192C88D-3D38-4F29-B147-8CDA2C11E2DA"
"versionEndIncluding": "5.2",
"matchCriteriaId": "BC8A0BB4-A21B-4914-8F4B-37D300A4BBB9"
},
{
"vulnerable": true,

63
CVE-2024/CVE-2024-378xx/CVE-2024-37889.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-37889",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-06-14T20:15:11.873",
"lastModified": "2024-06-17T12:42:04.623",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-08T15:31:53.683",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-639"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -51,14 +81,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:treyww:myfinances:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.4.6",
"matchCriteriaId": "802B9E97-F183-4B53-9C42-440EB76AD3FD"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/TreyWW/MyFinances/commit/2c1e6d5b7ec8b2d6f660b260e3c5f4d3eaaa613f",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/TreyWW/MyFinances/security/advisories/GHSA-4884-3gvp-3wj2",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
}
]
}

114
CVE-2024/CVE-2024-382xx/CVE-2024-38276.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-38276",
"sourceIdentifier": "patrick@puiterwijk.org",
"published": "2024-06-18T20:15:14.093",
"lastModified": "2024-06-27T03:15:50.300",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-08T15:55:51.160",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,8 +15,41 @@
"value": "Las comprobaciones incorrectas de tokens CSRF dieron lugar a m\u00faltiples riesgos de CSRF."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
},
{
"source": "patrick@puiterwijk.org",
"type": "Secondary",
@ -28,18 +61,87 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*",
"matchCriteriaId": "CA277A6C-83EC-4536-9125-97B84C4FAF59"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.1.10",
"matchCriteriaId": "181FEE3D-2D75-4269-A095-C555B313E159"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.2.0",
"versionEndExcluding": "4.2.8",
"matchCriteriaId": "4EF79A9A-E117-44AF-BA6B-DC9620FDA8CE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.3.0",
"versionEndExcluding": "4.3.5",
"matchCriteriaId": "4E990456-42CD-4B17-8A62-1F2ACF3B0678"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "23575814-D590-4CDA-880B-E7214A53D7F5"
}
]
}
]
}
],
"references": [
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7AZYR7EXV6E5SQE2GYTNQE3NOENJCQ6/",
"source": "patrick@puiterwijk.org"
"source": "patrick@puiterwijk.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GHTIX55J4Q4LEOMLNEA4OZSWVEENQX7E/",
"source": "patrick@puiterwijk.org"
"source": "patrick@puiterwijk.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://moodle.org/mod/forum/discuss.php?d=459501",
"source": "patrick@puiterwijk.org"
"source": "patrick@puiterwijk.org",
"tags": [
"Patch",
"Third Party Advisory"
]
}
]
}

71
CVE-2024/CVE-2024-384xx/CVE-2024-38428.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-38428",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-06-16T03:15:08.430",
"lastModified": "2024-06-17T12:42:04.623",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-08T15:05:30.617",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,15 +15,76 @@
"value": "url.c en GNU Wget hasta 1.24.5 maneja mal los puntos y comas en el subcomponente de informaci\u00f3n de usuario de un URI y, por lo tanto, puede haber un comportamiento inseguro en el que los datos que se supon\u00eda que estaban en el subcomponente de informaci\u00f3n de usuario se malinterpretan como parte del subcomponente del host."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-436"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gnu:wget:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.24.5",
"matchCriteriaId": "CFC92ECA-B3E9-413B-A576-D563F357A047"
}
]
}
]
}
],
"references": [
{
"url": "https://git.savannah.gnu.org/cgit/wget.git/commit/?id=ed0c7c7e0e8f7298352646b2fd6e06a11e242ace",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch"
]
},
{
"url": "https://lists.gnu.org/archive/html/bug-wget/2024-06/msg00005.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch"
]
}
]
}

14
CVE-2024/CVE-2024-388xx/CVE-2024-38888.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-38888",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-02T20:17:00.137",
"lastModified": "2024-08-07T16:15:45.327",
"lastModified": "2024-08-08T15:35:14.817",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -22,20 +22,20 @@
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH"
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.5,
"impactScore": 5.9
"impactScore": 4.2
}
]
},

39
CVE-2024/CVE-2024-388xx/CVE-2024-38889.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-38889",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-02T20:17:00.407",
"lastModified": "2024-08-07T16:15:45.390",
"lastModified": "2024-08-08T15:35:15.143",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Un problema en Horizon Business Services Inc. Caterease 16.0.1.1663 hasta 24.0.1.2405 y posiblemente versiones posteriores, permite a un atacante remoto realizar una inyecci\u00f3n SQL debido a una neutralizaci\u00f3n inadecuada de elementos especiales utilizados en un comando SQL."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.8,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "http://caterease.com",

56
CVE-2024/CVE-2024-389xx/CVE-2024-38984.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-38984",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-30T20:15:03.873",
"lastModified": "2024-08-01T13:55:12.530",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-08T14:20:15.617",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1321"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -51,10 +81,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lukebond:json-override:0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "09353532-08F6-4D3F-A2BF-66129BBD023F"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/mestrtee/97a9a7d73fc8b38fcf01322239dd5fb1",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

56
CVE-2024/CVE-2024-389xx/CVE-2024-38986.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-38986",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-30T20:15:03.990",
"lastModified": "2024-08-01T13:55:13.857",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-08T14:18:47.127",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1321"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -51,10 +81,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:75lb:deep-merge:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6F84BE62-2346-4BD5-9A67-02F2C1FD5558"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/mestrtee/b20c3aee8bea16e1863933778da6e4cb",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

56
CVE-2024/CVE-2024-390xx/CVE-2024-39010.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-39010",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-30T20:15:04.103",
"lastModified": "2024-08-01T13:55:15.990",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-08T14:17:52.963",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1321"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -51,10 +81,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:chasemoskal:snapstate:0.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6383D821-154C-4BE2-B7A3-06F89564CD4C"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/mestrtee/af7a746df91ab5e944bd7a186816c262",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

56
CVE-2024/CVE-2024-390xx/CVE-2024-39011.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-39011",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-30T20:15:04.203",
"lastModified": "2024-08-01T13:55:17.323",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-08T14:16:25.860",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1321"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -51,10 +81,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:chargeover:redoc:2.0.9:rc69:*:*:*:node.js:*:*",
"matchCriteriaId": "7AD249A1-7D8E-4298-9AA8-4A6E97304148"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/mestrtee/693ef1c8b0a5ff1ae19f253381711f3e",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

63
CVE-2024/CVE-2024-390xx/CVE-2024-39012.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-39012",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-30T20:15:04.307",
"lastModified": "2024-07-31T12:57:02.300",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-08T14:03:03.583",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,11 +15,66 @@
"value": " Se descubri\u00f3 que ais-ltd Strategyen v0.4.0 contiene un prototype pollution a trav\u00e9s de la funci\u00f3n mergeObjects. Esta vulnerabilidad permite a los atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (DoS) mediante la inyecci\u00f3n de propiedades arbitrarias."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1321"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ais:strategyen:0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC3108C-03D3-4A79-BFEE-EF8FD157FB4C"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/mestrtee/acfbd724a4b73bfb5d030575b653453c",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

39
CVE-2024/CVE-2024-391xx/CVE-2024-39182.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-39182",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-05T23:15:10.137",
"lastModified": "2024-07-08T15:49:22.437",
"lastModified": "2024-08-08T14:35:05.753",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": " Una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n en ISPmanager v6.98.0 permite a los atacantes acceder a detalles confidenciales de la sesi\u00f3n del usuario root mediante un comando arbitrario (ISP6-1779)."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://ispmanager.com/changelog",

34
CVE-2024/CVE-2024-392xx/CVE-2024-39225.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-39225",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-06T16:15:48.647",
"lastModified": "2024-08-07T20:56:03.757",
"vulnStatus": "Analyzed",
"lastModified": "2024-08-08T15:35:16.513",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-307"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-307"
}
]
}
],
"configurations": [

34
CVE-2024/CVE-2024-392xx/CVE-2024-39228.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-39228",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-06T16:15:48.850",
"lastModified": "2024-08-07T20:55:20.677",
"vulnStatus": "Analyzed",
"lastModified": "2024-08-08T15:35:17.417",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-78"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [

43
CVE-2024/CVE-2024-412xx/CVE-2024-41226.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2024-41226",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-06T14:16:04.240",
"lastModified": "2024-08-06T16:30:24.547",
"lastModified": "2024-08-08T14:35:06.727",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A CSV injection vulnerability in Automation Anywhere Automation 360 version 21094 allows attackers to execute arbitrary code via a crafted payload."
},
{
"lang": "es",
"value": "Una vulnerabilidad de inyecci\u00f3n CSV en Automation Anywhere Automation 360 versi\u00f3n 21094 permite a los atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de un payload manipulado."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1236"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://medium.com/%40aksalsalimi/cve-2024-41226-response-manipulation-led-to-csv-injection-9ae3182dcc02",

39
CVE-2024/CVE-2024-412xx/CVE-2024-41237.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-41237",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-07T19:15:48.033",
"lastModified": "2024-08-08T13:04:18.753",
"lastModified": "2024-08-08T14:35:07.647",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Una vulnerabilidad de inyecci\u00f3n SQL en /smsa/teacher_login.php en Kashipara Responsive School Management System v1.0 permite a un atacante ejecutar comandos SQL arbitrarios a trav\u00e9s del par\u00e1metro \"nombre de usuario\"."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/takekaramey/CVE_Writeup/blob/main/Kashipara/Responsive%20School%20Management%20System%20v3.2.0/SQL%20Injection%20-%20Teacher.pdf",

61
CVE-2024/CVE-2024-412xx/CVE-2024-41240.json
View File

@ -2,17 +2,41 @@
"id": "CVE-2024-41240",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-07T18:15:37.627",
"lastModified": "2024-08-07T21:35:06.560",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-08T15:11:06.067",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Reflected Cross Site Scripting (XSS) vulnerability was found in \" /smsa/teacher_login.php\" in Kashipara Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary code via the \"error\" parameter."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad de Cross-Site Scripting (XSS) Reflejado en \" /smsa/teacher_login.php\" en Kashipara Responsive School Management System v3.2.0, que permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s del par\u00e1metro \"error\"."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -36,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -47,10 +81,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lopalopa:responsive_school_management_system:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "02775C53-3AA5-4707-A166-D1FE5B1288EF"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/takekaramey/CVE_Writeup/blob/main/Kashipara/Responsive%20School%20Management%20System%20v3.2.0/Reflected%20XSS%20-%20Teacher.pdf",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

68
CVE-2024/CVE-2024-412xx/CVE-2024-41241.json
View File

@ -2,20 +2,80 @@
"id": "CVE-2024-41241",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-07T18:15:37.703",
"lastModified": "2024-08-07T19:09:46.290",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-08T15:21:29.210",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Reflected Cross Site Scripting (XSS) vulnerability was found in \" /smsa/admin_login.php\" in Kashipara Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary code via \"error\" parameter."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad de Cross-Site Scripting (XSS) Reflejado en \" /smsa/admin_login.php\" en Kashipara Responsive School Management System v3.2.0, que permite a atacantes remotos ejecutar c\u00f3digo arbitrario mediante el par\u00e1metro \"error\"."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lopalopa:responsive_school_management_system:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "02775C53-3AA5-4707-A166-D1FE5B1288EF"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/takekaramey/CVE_Writeup/blob/main/Kashipara/Responsive%20School%20Management%20System%20v3.2.0/Reflected%20XSS%20-%20Admin.pdf",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

66
CVE-2024/CVE-2024-412xx/CVE-2024-41242.json
View File

@ -2,17 +2,41 @@
"id": "CVE-2024-41242",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-07T18:15:37.757",
"lastModified": "2024-08-07T21:35:07.870",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-08T15:21:56.590",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Reflected Cross Site Scripting (XSS) vulnerability was found in /smsa/student_login.php in Kashipara Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary code via \"error\" parameter."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad de Cross-Site Scripting (XSS) Reflejado en /smsa/student_login.php en Kashipara Responsive School Management System v3.2.0, que permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s del par\u00e1metro \"error\"."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -36,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -47,14 +81,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lopalopa:responsive_school_management_system:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "02775C53-3AA5-4707-A166-D1FE5B1288EF"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/takekaramey/CVE_Writeup/blob/main/Kashipara/Responsive%20School%20Management%20System%20v3.2.0/Reflected%20XSS%20-%20Student.pdf",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.kashipara.com/project/php/12362/responsive-school-management-system-php-project-source-code",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

73
CVE-2024/CVE-2024-412xx/CVE-2024-41243.json
View File

@ -2,24 +2,87 @@
"id": "CVE-2024-41243",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-07T17:15:51.620",
"lastModified": "2024-08-07T19:09:46.290",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-08T15:19:38.640",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An Incorrect Access Control vulnerability was found in /smsa/view_marks.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view MARKS details."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad de control de acceso incorrecto en /smsa/view_marks.php en Kashipara Responsive School Management System v3.2.0, que permite a atacantes remotos no autenticados ver detalles de MARKS."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lopalopa:responsive_school_management_system:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "02775C53-3AA5-4707-A166-D1FE5B1288EF"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/takekaramey/CVE_Writeup/blob/main/Kashipara/Responsive%20School%20Management%20System%20v3.2.0/Broken%20Access%20Control%20-%20Admin%20-%20View%20Marks.pdf",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.kashipara.com/project/php/12362/responsive-school-management-system-php-project-source-code",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

98
CVE-2024/CVE-2024-412xx/CVE-2024-41244.json
View File

@ -2,20 +2,110 @@
"id": "CVE-2024-41244",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-07T17:15:51.687",
"lastModified": "2024-08-07T19:09:46.290",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-08T15:20:24.533",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An Incorrect Access Control vulnerability was found in /smsa/view_class.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view CLASS details."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad de control de acceso incorrecto en /smsa/view_class.php en Kashipara Responsive School Management System v3.2.0, que permite a atacantes remotos no autenticados ver detalles de CLASS."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lopalopa:responsive_school_management_system:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "02775C53-3AA5-4707-A166-D1FE5B1288EF"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/takekaramey/CVE_Writeup/blob/main/Kashipara/Responsive%20School%20Management%20System%20v3.2.0/Broken%20Access%20Control%20-%20Admin%20-%20View%20Class.pdf",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

103
CVE-2024/CVE-2024-412xx/CVE-2024-41245.json
View File

@ -2,24 +2,117 @@
"id": "CVE-2024-41245",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-07T17:15:51.763",
"lastModified": "2024-08-07T19:09:46.290",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-08T15:20:58.417",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An Incorrect Access Control vulnerability was found in /smsa/view_teachers.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view TEACHER details."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad de control de acceso incorrecto en /smsa/view_teachers.php en Kashipara Responsive School Management System v3.2.0, que permite a atacantes remotos no autenticados ver los detalles de los PROFESORES."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lopalopa:responsive_school_management_system:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "02775C53-3AA5-4707-A166-D1FE5B1288EF"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/takekaramey/CVE_Writeup/blob/main/Kashipara/Responsive%20School%20Management%20System%20v3.2.0/Broken%20Access%20Control%20-%20Admin%20-%20View%20Teachers.pdf",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.kashipara.com/project/php/12362/responsive-school-management-system-php-project-source-code",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

66
CVE-2024/CVE-2024-412xx/CVE-2024-41246.json
View File

@ -2,17 +2,54 @@
"id": "CVE-2024-41246",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-07T16:15:45.600",
"lastModified": "2024-08-07T19:35:07.937",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-08T15:08:51.867",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An Incorrect Access Control vulnerability was found in /smsa/admin_dashboard.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view administrator dashboard."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad de control de acceso incorrecto en /smsa/admin_dashboard.php en Kashipara Responsive School Management System v3.2.0, que permite a atacantes remotos no autenticados ver el panel del administrador."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -24,10 +61,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lopalopa:responsive_school_management_system:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "02775C53-3AA5-4707-A166-D1FE5B1288EF"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/takekaramey/CVE_Writeup/blob/main/Kashipara/Responsive%20School%20Management%20System%20v3.2.0/Broken%20Access%20Control%20-%20Admin%20Dashboard.pdf",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

61
CVE-2024/CVE-2024-412xx/CVE-2024-41247.json
View File

@ -2,17 +2,41 @@
"id": "CVE-2024-41247",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-07T16:15:45.663",
"lastModified": "2024-08-07T19:09:46.290",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-08T15:08:20.403",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An Incorrect Access Control vulnerability was found in /smsa/add_class.php and /smsa/add_class_submit.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to add a new class entry."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad de control de acceso incorrecto en /smsa/add_class.php y /smsa/add_class_submit.php en Kashipara Responsive School Management System v3.2.0, que permite a atacantes remotos no autenticados agregar una nueva entrada de clase."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -36,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -47,10 +81,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lopalopa:responsive_school_management_system:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "02775C53-3AA5-4707-A166-D1FE5B1288EF"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/takekaramey/CVE_Writeup/blob/main/Kashipara/Responsive%20School%20Management%20System%20v3.2.0/Broken%20Access%20Control%20-%20Admin%20Master%20-%20Add%20Classes.pdf",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

61
CVE-2024/CVE-2024-412xx/CVE-2024-41248.json
View File

@ -2,17 +2,41 @@
"id": "CVE-2024-41248",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-07T16:15:45.717",
"lastModified": "2024-08-07T20:35:20.683",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-08T15:07:27.853",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An Incorrect Access Control vulnerability was found in /smsa/add_subject.php and /smsa/add_subject_submit.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to add a new subject entry."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad de control de acceso incorrecto en /smsa/add_subject.php y /smsa/add_subject_submit.php en Kashipara Responsive School Management System v3.2.0, que permite a atacantes remotos no autenticados agregar una nueva entrada de tema."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -36,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -47,10 +81,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lopalopa:responsive_school_management_system:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "02775C53-3AA5-4707-A166-D1FE5B1288EF"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/takekaramey/CVE_Writeup/blob/main/Kashipara/Responsive%20School%20Management%20System%20v3.2.0/Broken%20Access%20Control%20-%20Admin%20Master%20-%20Add%20Subject.pdf",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

61
CVE-2024/CVE-2024-412xx/CVE-2024-41249.json
View File

@ -2,17 +2,41 @@
"id": "CVE-2024-41249",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-07T16:15:45.780",
"lastModified": "2024-08-07T20:35:21.500",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-08T15:06:48.843",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An Incorrect Access Control vulnerability was found in /smsa/view_subject.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view SUBJECT details."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad de control de acceso incorrecto en /smsa/view_subject.php en Kashipara Responsive School Management System v3.2.0, que permite a atacantes remotos no autenticados ver detalles del SUJETO."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -36,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -47,10 +81,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lopalopa:responsive_school_management_system:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "02775C53-3AA5-4707-A166-D1FE5B1288EF"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/takekaramey/CVE_Writeup/blob/main/Kashipara/Responsive%20School%20Management%20System%20v3.2.0/Broken%20Access%20Control%20-%20Admin%20-%20View%20Subjects.pdf",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

68
CVE-2024/CVE-2024-412xx/CVE-2024-41250.json
View File

@ -2,20 +2,80 @@
"id": "CVE-2024-41250",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-07T17:15:51.837",
"lastModified": "2024-08-07T19:09:46.290",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-08T15:21:18.130",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An Incorrect Access Control vulnerability was found in /smsa/view_students.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view STUDENT details."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad de control de acceso incorrecto en /smsa/view_students.php en Kashipara Responsive School Management System v3.2.0, que permite a atacantes remotos no autenticados ver detalles de los ESTUDIANTES."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lopalopa:responsive_school_management_system:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "02775C53-3AA5-4707-A166-D1FE5B1288EF"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/takekaramey/CVE_Writeup/blob/main/Kashipara/Responsive%20School%20Management%20System%20v3.2.0/Broken%20Access%20Control%20-%20Admin%20-%20View%20Students.pdf",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

68
CVE-2024/CVE-2024-412xx/CVE-2024-41251.json
View File

@ -2,20 +2,80 @@
"id": "CVE-2024-41251",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-07T16:15:45.850",
"lastModified": "2024-08-07T19:09:46.290",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-08T15:05:36.537",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An Incorrect Access Control vulnerability was found in /smsa/admin_teacher_register_approval.php and /smsa/admin_teacher_register_approval_submit.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view and approve Teacher registration."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad de control de acceso incorrecto en /smsa/admin_teacher_register_approval.php y /smsa/admin_teacher_register_approval_submit.php en Kashipara Responsive School Management System v3.2.0, que permite a atacantes remotos no autenticados ver y aprobar el registro de profesores."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lopalopa:responsive_school_management_system:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "02775C53-3AA5-4707-A166-D1FE5B1288EF"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/takekaramey/CVE_Writeup/blob/main/Kashipara/Responsive%20School%20Management%20System%20v3.2.0/Broken%20Access%20Control%20-%20Admin%20Dashboard%20-%20Registered%20Teacher.pdf",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

66
CVE-2024/CVE-2024-412xx/CVE-2024-41252.json
View File

@ -2,17 +2,41 @@
"id": "CVE-2024-41252",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-07T16:15:45.910",
"lastModified": "2024-08-07T19:35:08.727",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-08T15:04:56.287",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An Incorrect Access Control vulnerability was found in /smsa/admin_student_register_approval.php and /smsa/admin_student_register_approval_submit.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view and approve student registration."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad de control de acceso incorrecto en /smsa/admin_student_register_approval.php y /smsa/admin_student_register_approval_submit.php en Kashipara Responsive School Management System v3.2.0, que permite a atacantes remotos no autenticados ver y aprobar el registro de estudiantes."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -36,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -47,14 +81,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lopalopa:responsive_school_management_system:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "02775C53-3AA5-4707-A166-D1FE5B1288EF"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/takekaramey/CVE_Writeup/blob/main/Kashipara/Responsive%20School%20Management%20System%20v3.2.0/Broken%20Access%20Control%20-%20Admin%20Dashboard%20-%20Registered%20Student.pdf",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.kashipara.com/project/php/12362/responsive-school-management-system-php-project-source-code",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

56
CVE-2024/CVE-2024-413xx/CVE-2024-41305.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41305",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-30T18:15:05.910",
"lastModified": "2024-08-01T13:58:26.800",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-08T14:36:06.423",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -51,10 +81,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wondercms:wondercms:3.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BF7DC199-D4A1-44A2-977F-E614C0F6B98A"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/patrickdeanramos/WonderCMS-version-3.4.3-is-vulnerable-to-Server-Side-Request-Forgery",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

60
CVE-2024/CVE-2024-413xx/CVE-2024-41308.json
View File

@ -2,17 +2,41 @@
"id": "CVE-2024-41308",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-07T16:15:45.977",
"lastModified": "2024-08-07T21:35:09.417",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-08T15:04:28.510",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue in the Ping feature of IT Solutions Enjay CRM OS v1.0 allows attackers to escape the restricted terminal environment and gain root-level privileges on the underlying system."
},
{
"lang": "es",
"value": "Un problema en la funci\u00f3n Ping de IT Solutions Enjay CRM OS v1.0 permite a los atacantes escapar del entorno restringido del terminal y obtener privilegios de nivel superusuario en el sistema subyacente."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -36,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -47,10 +81,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:enjayworld:enjay_crm:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4058C3BF-A4FE-4E84-910D-A227C888519F"
}
]
}
]
}
],
"references": [
{
"url": "https://the-it-wonders.blogspot.com/2024/07/enjay-crm-10-multiple-code-executions.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

97
CVE-2024/CVE-2024-413xx/CVE-2024-41309.json
View File

@ -2,20 +2,109 @@
"id": "CVE-2024-41309",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-07T16:15:46.050",
"lastModified": "2024-08-07T19:09:46.290",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-08T15:35:19.553",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue in the Hardware info module of IT Solutions Enjay CRM OS v1.0 allows attackers to escape the restricted terminal environment and gain root-level privileges on the underlying system."
},
{
"lang": "es",
"value": "Un problema en el m\u00f3dulo de informaci\u00f3n de hardware de IT Solutions Enjay CRM OS v1.0 permite a los atacantes escapar del entorno restringido del terminal y obtener privilegios de nivel superusuario en el sistema subyacente."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.5,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:enjayworld:enjay_crm:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4058C3BF-A4FE-4E84-910D-A227C888519F"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://the-it-wonders.blogspot.com/2024/07/enjay-crm-10-multiple-code-executions.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

61
CVE-2024/CVE-2024-414xx/CVE-2024-41432.json
View File

@ -2,17 +2,41 @@
"id": "CVE-2024-41432",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-07T16:15:46.130",
"lastModified": "2024-08-07T19:09:46.290",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-08T15:02:52.647",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An IP Spoofing vulnerability has been discovered in Likeshop up to 2.5.7.20210811. This issue allows an attacker to replace their real IP address with any arbitrary IP address, specifically by adding a forged 'X-Forwarded' or 'Client-IP' header to requests. Exploiting IP spoofing, attackers can bypass account lockout mechanisms during attempts to log into admin accounts, spoof IP addresses in requests sent to the server, and impersonate IP addresses that have logged into user accounts, etc."
},
{
"lang": "es",
"value": "Se ha descubierto una vulnerabilidad de suplantaci\u00f3n de IP en Likeshop hasta la versi\u00f3n 2.5.7.20210811. Este problema permite a un atacante reemplazar su direcci\u00f3n IP real con cualquier direcci\u00f3n IP arbitraria, espec\u00edficamente agregando un encabezado falsificado 'X-Forwarded' o 'Client-IP' a las solicitudes. Al explotar la suplantaci\u00f3n de IP, los atacantes pueden eludir los mecanismos de bloqueo de cuentas durante los intentos de iniciar sesi\u00f3n en cuentas de administrador, falsificar direcciones IP en solicitudes enviadas al servidor y hacerse pasar por direcciones IP que han iniciado sesi\u00f3n en cuentas de usuario, etc."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -36,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-290"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -47,10 +81,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:likeshop:likeshop:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.5.7.20210811",
"matchCriteriaId": "23902305-30D6-45BD-9E41-C630811F36EF"
}
]
}
]
}
],
"references": [
{
"url": "https://gitlab.com/c2at3/cve-2024-41432/-/blob/main/README.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

64
CVE-2024/CVE-2024-419xx/CVE-2024-41942.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-41942",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-08-08T15:15:17.527",
"lastModified": "2024-08-08T15:15:17.527",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "JupyterHub is software that allows one to create a multi-user server for Jupyter notebooks. Prior to versions 4.1.6 and 5.1.0, if a user is granted the `admin:users` scope, they may escalate their own privileges by making themselves a full admin user. The impact is relatively small in that `admin:users` is already an extremely privileged scope only granted to trusted users.\nIn effect, `admin:users` is equivalent to `admin=True`, which is not intended. Note that the change here only prevents escalation to the built-in JupyterHub admin role that has unrestricted permissions. It does not prevent users with e.g. `groups` permissions from granting themselves or other users permissions via group membership, which is intentional. Versions 4.1.6 and 5.1.0 fix this issue."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-274"
}
]
}
],
"references": [
{
"url": "https://github.com/jupyterhub/jupyterhub/commit/99e2720b0fc626cbeeca3c6337f917fdacfaa428",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/jupyterhub/jupyterhub/commit/ff2db557a85b6980f90c3158634bf924063ab8ba",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/jupyterhub/jupyterhub/security/advisories/GHSA-9x4q-3gxw-849f",
"source": "security-advisories@github.com"
}
]
}

180
CVE-2024/CVE-2024-421xx/CVE-2024-42154.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-42154",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-07-30T08:15:06.933",
"lastModified": "2024-07-30T13:32:45.943",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-08T15:02:01.050",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,39 +15,197 @@
"value": " En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: tcp_metrics: validar la longitud de la direcci\u00f3n de origen. No veo nada comprobando que TCP_METRICS_ATTR_SADDR_IPV4 tenga al menos 4 bytes de longitud y la pol\u00edtica no tiene ninguna entrada para este atributo (tampoco lo hace para IPv6 pero v6 se valida manualmente)."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-754"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.14",
"versionEndExcluding": "4.19.318",
"matchCriteriaId": "41501C3F-D08F-4EAC-A463-95CDEF6987D8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.280",
"matchCriteriaId": "625DBFAB-C3D0-4309-A27F-12D6428FB38F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.222",
"matchCriteriaId": "00696AC5-EE29-437F-97F9-C4D66608B327"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.163",
"matchCriteriaId": "A97DEB09-4927-40F8-B5C6-F5BD5EAE0CFD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.98",
"matchCriteriaId": "E09E92A5-27EF-40E4-926A-B1CDC8270551"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.39",
"matchCriteriaId": "29E894E4-668F-4DB0-81F7-4FB5F698E970"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.9.9",
"matchCriteriaId": "ADCC1407-0CB3-4C8F-B4C5-07F682CD7085"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc1:*:*:*:*:*:*",
"matchCriteriaId": "2EBB4392-5FA6-4DA9-9772-8F9C750109FA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc2:*:*:*:*:*:*",
"matchCriteriaId": "331C2F14-12C7-45D5-893D-8C52EE38EA10"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc3:*:*:*:*:*:*",
"matchCriteriaId": "3173713D-909A-4DD3-9DD4-1E171EB057EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc4:*:*:*:*:*:*",
"matchCriteriaId": "79F18AFA-40F7-43F0-BA30-7BDB65F918B9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc5:*:*:*:*:*:*",
"matchCriteriaId": "BD973AA4-A789-49BD-8D57-B2846935D3C7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc6:*:*:*:*:*:*",
"matchCriteriaId": "8F3E9E0C-AC3E-4967-AF80-6483E8AB0078"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/19d997b59fa1fd7a02e770ee0881c0652b9c32c9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Mailing List",
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/2a2e79dbe2236a1289412d2044994f7ab419b44c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Mailing List",
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/31f03bb04146c1c6df6c03e9f45401f5f5a985d3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Mailing List",
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3d550dd5418729a6e77fe7721d27adea7152e321",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Mailing List",
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/66be40e622e177316ae81717aa30057ba9e61dff",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Mailing List",
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8c2debdd170e395934ac0e039748576dfde14e99",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Mailing List",
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/cdffc358717e436bb67122bb82c1a2a26e050f98",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Mailing List",
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ef7c428b425beeb52b894e16f1c4b629d6cebfb6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Mailing List",
"Patch"
]
}
]
}

70
CVE-2024/CVE-2024-421xx/CVE-2024-42155.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-42155",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-07-30T08:15:07.010",
"lastModified": "2024-07-30T13:32:45.943",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-08T15:01:33.093",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,15 +15,75 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: s390/pkey: borra copias de claves protegidas y seguras. Aunque la clave clara de las claves ni protegidas ni seguras es accesible, este material de clave solo debe ser visible para el proceso de llamada. Por lo tanto, borre todas las copias de claves protegidas o seguras de la pila, incluso en caso de error."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"baseSeverity": "LOW"
},
"exploitabilityScore": 0.5,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.11",
"versionEndExcluding": "6.9.9",
"matchCriteriaId": "F07A6B96-3EC3-44C6-A31F-BE7A176B3EDF"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/c746f7ced4ad88ee48d0b6c92710e4674403185b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f2ebdadd85af4f4d0cae1e5d009c70eccc78c207",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

39
CVE-2024/CVE-2024-422xx/CVE-2024-42218.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-42218",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-06T21:16:03.460",
"lastModified": "2024-08-07T15:17:46.717",
"lastModified": "2024-08-08T14:35:11.900",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "1Password 8 anterior a 8.10.38 para macOS permite a atacantes locales filtrar elementos de la b\u00f3veda eludiendo los mecanismos de seguridad espec\u00edficos de macOS."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.0,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1289"
}
]
}
],
"references": [
{
"url": "https://app-updates.agilebits.com",

145
CVE-2024/CVE-2024-422xx/CVE-2024-42232.json
View File

@ -2,48 +2,171 @@
"id": "CVE-2024-42232",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-07T16:15:46.213",
"lastModified": "2024-08-07T19:09:46.290",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-08T15:02:09.750",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibceph: fix race between delayed_work() and ceph_monc_stop()\n\nThe way the delayed work is handled in ceph_monc_stop() is prone to\nraces with mon_fault() and possibly also finish_hunting(). Both of\nthese can requeue the delayed work which wouldn't be canceled by any of\nthe following code in case that happens after cancel_delayed_work_sync()\nruns -- __close_session() doesn't mess with the delayed work in order\nto avoid interfering with the hunting interval logic. This part was\nmissed in commit b5d91704f53e (\"libceph: behave in mon_fault() if\ncur_mon < 0\") and use-after-free can still ensue on monc and objects\nthat hang off of it, with monc->auth and monc->monmap being\nparticularly susceptible to quickly being reused.\n\nTo fix this:\n\n- clear monc->cur_mon and monc->hunting as part of closing the session\n in ceph_monc_stop()\n- bail from delayed_work() if monc->cur_mon is cleared, similar to how\n it's done in mon_fault() and finish_hunting() (based on monc->hunting)\n- call cancel_delayed_work_sync() after the session is closed"
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: libceph: corrige la ejecuci\u00f3n entre retardado_work() y ceph_monc_stop() La forma en que se maneja el trabajo retrasado en ceph_monc_stop() es propensa a ejecuci\u00f3ns con mon_fault() y posiblemente tambi\u00e9n con Finish_hunting(). Ambos pueden volver a poner en cola el trabajo retrasado que no ser\u00eda cancelado por ninguno de los siguientes c\u00f3digos en caso de que eso suceda despu\u00e9s de que se ejecute cancel_delayed_work_sync() - __close_session() no interfiere con el trabajo retrasado para evitar interferir con la b\u00fasqueda l\u00f3gica de intervalo. Esta parte se omiti\u00f3 en el commit b5d91704f53e (\"libceph: comportarse en mon_fault() si cur_mon &lt; 0\") y el use-after-free a\u00fan puede producirse en monc y los objetos que cuelgan de \u00e9l, con monc-&gt;auth y monc-&gt; monmap es particularmente susceptible de ser reutilizado r\u00e1pidamente. Para solucionar esto: - borre monc-&gt;cur_mon y monc-&gt;hunting como parte del cierre de la sesi\u00f3n en ceph_monc_stop() - libere de delay_work() si monc-&gt;cur_mon est\u00e1 borrado, similar a como se hace en mon_fault() y Finish_hunting () (basado en monc-&gt;hunting): llame a cancel_delayed_work_sync() despu\u00e9s de cerrar la sesi\u00f3n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.19.318",
"matchCriteriaId": "43E390F8-BDB4-4990-B94D-095DD8369C31"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.280",
"matchCriteriaId": "625DBFAB-C3D0-4309-A27F-12D6428FB38F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.222",
"matchCriteriaId": "00696AC5-EE29-437F-97F9-C4D66608B327"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.163",
"matchCriteriaId": "A97DEB09-4927-40F8-B5C6-F5BD5EAE0CFD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.100",
"matchCriteriaId": "100CDF74-4DB5-4FC6-A54B-BDBDB0C27137"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.41",
"matchCriteriaId": "96AC42B8-D66D-4AC5-B466-E9BA7910FA29"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.9.10",
"matchCriteriaId": "AB2E8DEC-CFD5-4C2B-981D-E7E45A36C352"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/1177afeca833174ba83504688eec898c6214f4bf",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/20cf67dcb7db842f941eff1af6ee5e9dc41796d7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/2d33654d40a05afd91ab24c9a73ab512a0670a9a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/33d38c5da17f8db2d80e811b7829d2822c10625e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/34b76d1922e41da1fa73d43b764cddd82ac9733c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/63e5d035e3a7ab7412a008f202633c5e6a0a28ea",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/69c7b2fe4c9cc1d3b1186d1c5606627ecf0de883",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9525af1f58f67df387768770fcf6d6a8f23aee3d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

74
CVE-2024/CVE-2024-422xx/CVE-2024-42233.json
View File

@ -2,24 +2,88 @@
"id": "CVE-2024-42233",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-07T16:15:46.313",
"lastModified": "2024-08-07T19:09:46.290",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-08T14:56:18.620",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfilemap: replace pte_offset_map() with pte_offset_map_nolock()\n\nThe vmf->ptl in filemap_fault_recheck_pte_none() is still set from\nhandle_pte_fault(). But at the same time, we did a pte_unmap(vmf->pte). \nAfter a pte_unmap(vmf->pte) unmap and rcu_read_unlock(), the page table\nmay be racily changed and vmf->ptl maybe fails to protect the actual page\ntable. Fix this by replacing pte_offset_map() with\npte_offset_map_nolock().\n\nAs David said, the PTL pointer might be stale so if we continue to use\nit infilemap_fault_recheck_pte_none(), it might trigger UAF. Also, if\nthe PTL fails, the issue fixed by commit 58f327f2ce80 (\"filemap: avoid\nunnecessary major faults in filemap_fault()\") might reappear."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: filemap: reemplace pte_offset_map() con pte_offset_map_nolock() El vmf-&gt;ptl en filemap_fault_recheck_pte_none() todav\u00eda est\u00e1 configurado desde handle_pte_fault(). Pero al mismo tiempo, hicimos un pte_unmap(vmf-&gt;pte). Despu\u00e9s de desasignar pte_unmap(vmf-&gt;pte) y rcu_read_unlock(), la tabla de p\u00e1ginas puede cambiarse r\u00e1pidamente y vmf-&gt;ptl tal vez no pueda proteger la tabla de p\u00e1ginas real. Solucione este problema reemplazando pte_offset_map() con pte_offset_map_nolock(). Como dijo David, el puntero PTL puede estar obsoleto, por lo que si continuamos us\u00e1ndolo en filemap_fault_recheck_pte_none(), podr\u00eda activar UAF. Adem\u00e1s, si el PTL falla, el problema solucionado mediante el commit 58f327f2ce80 (\"filemap: evite errores importantes innecesarios en filemap_fault()\") podr\u00eda reaparecer."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.9",
"versionEndExcluding": "6.9.10",
"matchCriteriaId": "0F5C3789-472B-40EC-9D2A-48169EDB592B"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/24be02a42181f0707be0498045c4c4b13273b16d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6a6c2aec1a89506595801b4cf7e8eef035f33748",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

74
CVE-2024/CVE-2024-422xx/CVE-2024-42234.json
View File

@ -2,24 +2,88 @@
"id": "CVE-2024-42234",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-07T16:15:46.390",
"lastModified": "2024-08-07T19:09:46.290",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-08T14:55:29.913",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: fix crashes from deferred split racing folio migration\n\nEven on 6.10-rc6, I've been seeing elusive \"Bad page state\"s (often on\nflags when freeing, yet the flags shown are not bad: PG_locked had been\nset and cleared??), and VM_BUG_ON_PAGE(page_ref_count(page) == 0)s from\ndeferred_split_scan()'s folio_put(), and a variety of other BUG and WARN\nsymptoms implying double free by deferred split and large folio migration.\n\n6.7 commit 9bcef5973e31 (\"mm: memcg: fix split queue list crash when large\nfolio migration\") was right to fix the memcg-dependent locking broken in\n85ce2c517ade (\"memcontrol: only transfer the memcg data for migration\"),\nbut missed a subtlety of deferred_split_scan(): it moves folios to its own\nlocal list to work on them without split_queue_lock, during which time\nfolio->_deferred_list is not empty, but even the \"right\" lock does nothing\nto secure the folio and the list it is on.\n\nFortunately, deferred_split_scan() is careful to use folio_try_get(): so\nfolio_migrate_mapping() can avoid the race by folio_undo_large_rmappable()\nwhile the old folio's reference count is temporarily frozen to 0 - adding\nsuch a freeze in the !mapping case too (originally, folio lock and\nunmapping and no swap cache left an anon folio unreachable, so no freezing\nwas needed there: but the deferred split queue offers a way to reach it)."
},
{
"lang": "es",
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: mm: corrige fallas debido a la migraci\u00f3n diferida de folios de ejecuciones divididas Incluso en 6.10-rc6, he estado viendo \"estados de p\u00e1gina incorrectos\" esquivos (a menudo en indicadores al liberar, pero los indicadores mostrados no son malos: \u00bfPG_locked se hab\u00eda configurado y borrado?), y VM_BUG_ON_PAGE(page_ref_count(page) == 0)s de folio_put() de deferred_split_scan(), y una variedad de otros s\u00edntomas de ERROR y ADVERTENCIA que implican doble liberaci\u00f3n por divisi\u00f3n diferida y migraci\u00f3n de folios grandes. 6.7 el commit 9bcef5973e31 (\"mm: memcg: corregir el bloqueo de la lista de colas divididas cuando se migra un folio grande\") ten\u00eda raz\u00f3n al corregir el bloqueo dependiente de memcg roto en 85ce2c517ade (\"memcontrol: transferir solo los datos de memcg para la migraci\u00f3n\"), pero omiti\u00f3 una sutileza de deferred_split_scan(): mueve las publicaciones a su propia lista local para trabajar en ellas sin split_queue_lock, tiempo durante el cual folio-&gt;_deferred_list no est\u00e1 vac\u00edo, pero ni siquiera el bloqueo \"derecho\" hace nada para proteger la publicaci\u00f3n y la lista en la que se encuentra. Afortunadamente, deferred_split_scan() tiene cuidado al usar folio_try_get(): por lo que folio_migrate_mapping() puede evitar la ejecuci\u00f3n mediante folio_undo_large_rmappable() mientras el recuento de referencias de la publicaci\u00f3n anterior se congela temporalmente en 0; agregando dicha congelaci\u00f3n tambi\u00e9n en el caso de !mapping (originalmente, El bloqueo y la desasignaci\u00f3n de folios y la falta de cach\u00e9 de intercambio dejaron un folio an\u00f3nimo inalcanzable, por lo que no fue necesario congelarlo all\u00ed: pero la cola dividida diferida ofrece una forma de acceder a \u00e9l)."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-415"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.9.10",
"matchCriteriaId": "AB2E8DEC-CFD5-4C2B-981D-E7E45A36C352"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/be9581ea8c058d81154251cb0695987098996cad",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/fc7facce686b64201dbf0b9614cc1d0bfad70010",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

86
CVE-2024/CVE-2024-422xx/CVE-2024-42235.json
View File

@ -2,28 +2,102 @@
"id": "CVE-2024-42235",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-07T16:15:46.460",
"lastModified": "2024-08-07T19:09:46.290",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-08T14:55:16.533",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/mm: Add NULL pointer check to crst_table_free() base_crst_free()\n\ncrst_table_free() used to work with NULL pointers before the conversion\nto ptdescs. Since crst_table_free() can be called with a NULL pointer\n(error handling in crst_table_upgrade() add an explicit check.\n\nAlso add the same check to base_crst_free() for consistency reasons.\n\nIn real life this should not happen, since order two GFP_KERNEL\nallocations will not fail, unless FAIL_PAGE_ALLOC is enabled and used."
},
{
"lang": "es",
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: s390/mm: agregue verificaci\u00f3n de puntero NULL a crst_table_free() base_crst_free() crst_table_free() sol\u00eda trabajar con punteros NULL antes de la conversi\u00f3n a ptdescs. Dado que crst_table_free() se puede llamar con un puntero NULL (el manejo de errores en crst_table_upgrade() agrega una verificaci\u00f3n expl\u00edcita. Tambi\u00e9n agregue la misma verificaci\u00f3n a base_crst_free() por razones de coherencia. En la vida real, esto no deber\u00eda suceder, ya que ordenar dos asignaciones GFP_KERNEL no falla, a menos que FAIL_PAGE_ALLOC est\u00e9 habilitado y utilizado."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.6",
"versionEndExcluding": "6.6.41",
"matchCriteriaId": "BBD7DB8F-6881-4008-B9ED-5588CD8061D9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.9.10",
"matchCriteriaId": "AB2E8DEC-CFD5-4C2B-981D-E7E45A36C352"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/794fa52b94637d6b2e8c9474fbe3983af5c9f046",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b5efb63acf7bddaf20eacfcac654c25c446eabe8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f80bd8bb6f380bc265834c46058d38b34174813e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

145
CVE-2024/CVE-2024-422xx/CVE-2024-42236.json
View File

@ -2,48 +2,171 @@
"id": "CVE-2024-42236",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-07T16:15:46.530",
"lastModified": "2024-08-07T19:09:46.290",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-08T14:54:34.470",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: configfs: Prevent OOB read/write in usb_string_copy()\n\nUserspace provided string 's' could trivially have the length zero. Left\nunchecked this will firstly result in an OOB read in the form\n`if (str[0 - 1] == '\\n') followed closely by an OOB write in the form\n`str[0 - 1] = '\\0'`.\n\nThere is already a validating check to catch strings that are too long.\nLet's supply an additional check for invalid strings that are too short."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: usb: gadget: configfs: Evitar lectura/escritura OOB en usb_string_copy() Las cadenas 's' proporcionadas por el espacio de usuario podr\u00edan tener trivialmente una longitud cero. Si no se marca, esto dar\u00e1 como resultado en primer lugar una lectura OOB en el formato `if (str[0 - 1] == '\\n') seguida de cerca por una escritura OOB en el formato `str[0 - 1] = '\\0' `. Ya existe una verificaci\u00f3n de validaci\u00f3n para detectar cadenas que son demasiado largas. Proporcionemos una verificaci\u00f3n adicional para cadenas no v\u00e1lidas que sean demasiado cortas."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.19.318",
"matchCriteriaId": "43E390F8-BDB4-4990-B94D-095DD8369C31"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.280",
"matchCriteriaId": "625DBFAB-C3D0-4309-A27F-12D6428FB38F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.222",
"matchCriteriaId": "00696AC5-EE29-437F-97F9-C4D66608B327"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.163",
"matchCriteriaId": "A97DEB09-4927-40F8-B5C6-F5BD5EAE0CFD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.100",
"matchCriteriaId": "100CDF74-4DB5-4FC6-A54B-BDBDB0C27137"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.41",
"matchCriteriaId": "96AC42B8-D66D-4AC5-B466-E9BA7910FA29"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.9.10",
"matchCriteriaId": "AB2E8DEC-CFD5-4C2B-981D-E7E45A36C352"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/2d16f63d8030903e5031853e79d731ee5d474e70",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6d3c721e686ea6c59e18289b400cc95c76e927e0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/72b8ee0d9826e8ed00e0bdfce3e46b98419b37ce",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a444c3fc264119801575ab086e03fb4952f23fd0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c95fbdde87e39e5e0ae27f28bf6711edfb985caa",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d1205033e912f9332c1dbefa812e6ceb0575ce0a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e8474a10c535e6a2024c3b06e37e4a3a23beb490",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/eecfefad0953b2f31aaefa058f7f348ff39c4bba",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

104
CVE-2024/CVE-2024-422xx/CVE-2024-42237.json
View File

@ -2,32 +2,122 @@
"id": "CVE-2024-42237",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-07T16:15:46.600",
"lastModified": "2024-08-07T19:09:46.290",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-08T14:54:24.207",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: cs_dsp: Validate payload length before processing block\n\nMove the payload length check in cs_dsp_load() and cs_dsp_coeff_load()\nto be done before the block is processed.\n\nThe check that the length of a block payload does not exceed the number\nof remaining bytes in the firwmware file buffer was being done near the\nend of the loop iteration. However, some code before that check used the\nlength field without validating it."
},
{
"lang": "es",
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: firmware: cs_dsp: Validar la longitud de el payload antes de procesar el bloque. Mueva la verificaci\u00f3n de la longitud de el payload en cs_dsp_load() y cs_dsp_coeff_load() para que se realice antes de que se procese el bloque. La verificaci\u00f3n de que la longitud de el payload de un bloque no exceda el n\u00famero de bytes restantes en el b\u00fafer del archivo de firmware se estaba realizando cerca del final de la iteraci\u00f3n del bucle. Sin embargo, alg\u00fan c\u00f3digo anterior a esa verificaci\u00f3n usaba el campo de longitud sin validarlo."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-834"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.16",
"matchCriteriaId": "D692A2AE-8E9E-46AE-8670-7E1284317A25"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.17",
"versionEndExcluding": "6.1.100",
"matchCriteriaId": "DC17596B-BA9E-4298-B220-9D2BFBD7A860"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.41",
"matchCriteriaId": "96AC42B8-D66D-4AC5-B466-E9BA7910FA29"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.9.10",
"matchCriteriaId": "AB2E8DEC-CFD5-4C2B-981D-E7E45A36C352"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/259955eca9b7acf1299b1ac077d8cfbe12df35d8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3a9cd924aec1288d675df721f244da4dd7e16cff",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6598afa9320b6ab13041616950ca5f8f938c0cf1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/71d9e313d8f7e18c543a9c80506fe6b1eb1fe0c8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

98
CVE-2024/CVE-2024-422xx/CVE-2024-42238.json
View File

@ -2,32 +2,116 @@
"id": "CVE-2024-42238",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-07T16:15:46.667",
"lastModified": "2024-08-07T19:09:46.290",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-08T14:54:45.470",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: cs_dsp: Return error if block header overflows file\n\nReturn an error from cs_dsp_power_up() if a block header is longer\nthan the amount of data left in the file.\n\nThe previous code in cs_dsp_load() and cs_dsp_load_coeff() would loop\nwhile there was enough data left in the file for a valid region. This\nprotected against overrunning the end of the file data, but it didn't\nabort the file processing with an error."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: firmware: cs_dsp: Devuelve error si el encabezado del bloque desborda el archivo devuelve un error de cs_dsp_power_up() si el encabezado de un bloque es m\u00e1s largo que la cantidad de datos que quedan en el archivo. El c\u00f3digo anterior en cs_dsp_load() y cs_dsp_load_coeff() se repetir\u00eda mientras quedaran suficientes datos en el archivo para una regi\u00f3n v\u00e1lida. Esto proteg\u00eda contra la sobrecarga del final de los datos del archivo, pero no cancelaba el procesamiento del archivo con un error."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.100",
"matchCriteriaId": "100CDF74-4DB5-4FC6-A54B-BDBDB0C27137"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.41",
"matchCriteriaId": "96AC42B8-D66D-4AC5-B466-E9BA7910FA29"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.9.10",
"matchCriteriaId": "AB2E8DEC-CFD5-4C2B-981D-E7E45A36C352"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/6eabd23383805725eff416c203688b7a390d4153",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/90ab191b7d181057d71234e8632e06b5844ac38e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/959fe01e85b7241e3ec305d657febbe82da16a02",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b8be70566b33abbd0180105070b4c67cfef8c44f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

86
CVE-2024/CVE-2024-422xx/CVE-2024-42239.json
View File

@ -2,28 +2,102 @@
"id": "CVE-2024-42239",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-07T16:15:46.733",
"lastModified": "2024-08-07T19:09:46.290",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-08T14:54:08.330",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fail bpf_timer_cancel when callback is being cancelled\n\nGiven a schedule:\n\ntimer1 cb\t\t\ttimer2 cb\n\nbpf_timer_cancel(timer2);\tbpf_timer_cancel(timer1);\n\nBoth bpf_timer_cancel calls would wait for the other callback to finish\nexecuting, introducing a lockup.\n\nAdd an atomic_t count named 'cancelling' in bpf_hrtimer. This keeps\ntrack of all in-flight cancellation requests for a given BPF timer.\nWhenever cancelling a BPF timer, we must check if we have outstanding\ncancellation requests, and if so, we must fail the operation with an\nerror (-EDEADLK) since cancellation is synchronous and waits for the\ncallback to finish executing. This implies that we can enter a deadlock\nsituation involving two or more timer callbacks executing in parallel\nand attempting to cancel one another.\n\nNote that we avoid incrementing the cancelling counter for the target\ntimer (the one being cancelled) if bpf_timer_cancel is not invoked from\na callback, to avoid spurious errors. The whole point of detecting\ncur->cancelling and returning -EDEADLK is to not enter a busy wait loop\n(which may or may not lead to a lockup). This does not apply in case the\ncaller is in a non-callback context, the other side can continue to\ncancel as it sees fit without running into errors.\n\nBackground on prior attempts:\n\nEarlier versions of this patch used a bool 'cancelling' bit and used the\nfollowing pattern under timer->lock to publish cancellation status.\n\nlock(t->lock);\nt->cancelling = true;\nmb();\nif (cur->cancelling)\n\treturn -EDEADLK;\nunlock(t->lock);\nhrtimer_cancel(t->timer);\nt->cancelling = false;\n\nThe store outside the critical section could overwrite a parallel\nrequests t->cancelling assignment to true, to ensure the parallely\nexecuting callback observes its cancellation status.\n\nIt would be necessary to clear this cancelling bit once hrtimer_cancel\nis done, but lack of serialization introduced races. Another option was\nexplored where bpf_timer_start would clear the bit when (re)starting the\ntimer under timer->lock. This would ensure serialized access to the\ncancelling bit, but may allow it to be cleared before in-flight\nhrtimer_cancel has finished executing, such that lockups can occur\nagain.\n\nThus, we choose an atomic counter to keep track of all outstanding\ncancellation requests and use it to prevent lockups in case callbacks\nattempt to cancel each other while executing in parallel."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: bpf: falla bpf_timer_cancel cuando se cancela la devoluci\u00f3n de llamada. Dada una programaci\u00f3n: timer1 cb timer2 cb bpf_timer_cancel(timer2); bpf_timer_cancel(timer1); Ambas llamadas a bpf_timer_cancel esperar\u00edan a que la otra devoluci\u00f3n de llamada termine de ejecutarse, introduciendo un bloqueo. Agregue un recuento atomic_t llamado 'cancelaci\u00f3n' en bpf_hrtimer. Esto realiza un seguimiento de todas las solicitudes de cancelaci\u00f3n en vuelo para un temporizador BPF determinado. Siempre que cancelemos un temporizador BPF, debemos verificar si tenemos solicitudes de cancelaci\u00f3n pendientes y, de ser as\u00ed, debemos fallar la operaci\u00f3n con un error (-EDEADLK) ya que la cancelaci\u00f3n es sincr\u00f3nica y espera a que termine de ejecutarse la devoluci\u00f3n de llamada. Esto implica que podemos entrar en una situaci\u00f3n de punto muerto que involucre dos o m\u00e1s devoluciones de llamada de temporizador ejecut\u00e1ndose en paralelo e intentando cancelarse entre s\u00ed. Tenga en cuenta que evitamos incrementar el contador de cancelaci\u00f3n para el temporizador de destino (el que se cancela) si no se invoca bpf_timer_cancel desde una devoluci\u00f3n de llamada, para evitar errores falsos. El objetivo de detectar cur-&gt;cancelar y devolver -EDEADLK es no ingresar a un ciclo de espera ocupado (que puede o no conducir a un bloqueo). Esto no se aplica en caso de que la persona que llama se encuentre en un contexto sin devoluci\u00f3n de llamada; la otra parte puede continuar cancelando como mejor le parezca sin cometer errores. Antecedentes de intentos anteriores: Las versiones anteriores de este parche usaban un bit bool de 'cancelaci\u00f3n' y usaban el siguiente patr\u00f3n en temporizador-&gt;bloqueo para publicar el estado de cancelaci\u00f3n. lock(t-&gt;lock); t-&gt;cancelling = true; mb(); if (cur-&gt;cancelling) return -EDEADLK; unlock(t-&gt;lock); hrtimer_cancel(t-&gt;timer); t-&gt;cancelling = false; El almac\u00e9n fuera de la secci\u00f3n cr\u00edtica podr\u00eda sobrescribir una asignaci\u00f3n de cancelaci\u00f3n t-&gt;de solicitudes paralelas a verdadero, para garantizar que la devoluci\u00f3n de llamada que se ejecuta en paralelo observe su estado de cancelaci\u00f3n. Ser\u00eda necesario borrar este bit de cancelaci\u00f3n una vez que se complete hrtimer_cancel, pero la falta de serializaci\u00f3n introdujo ejecuciones. Se explor\u00f3 otra opci\u00f3n donde bpf_timer_start borrar\u00eda el bit al (re)iniciar el temporizador bajo temporizador-&gt;bloqueo. Esto garantizar\u00eda el acceso serializado al bit de cancelaci\u00f3n, pero puede permitir que se borre antes de que hrtimer_cancel en vuelo haya terminado de ejecutarse, de modo que los bloqueos puedan ocurrir nuevamente. Por lo tanto, elegimos un contador at\u00f3mico para realizar un seguimiento de todas las solicitudes de cancelaci\u00f3n pendientes y lo utilizamos para evitar bloqueos en caso de que las devoluciones de llamada intenten cancelarse entre s\u00ed mientras se ejecutan en paralelo."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-667"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.15",
"versionEndExcluding": "6.6.41",
"matchCriteriaId": "DA87C02E-A4BF-4FD7-AE47-A2AB23061A91"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.9.10",
"matchCriteriaId": "AB2E8DEC-CFD5-4C2B-981D-E7E45A36C352"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/3e4e8178a8666c56813bd167b848fca0f4c9af0a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9369830518688ecd5b08ffc08ab3302ce2b5d0f7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d4523831f07a267a943f0dde844bf8ead7495f13",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

103
CVE-2024/CVE-2024-422xx/CVE-2024-42240.json
View File

@ -2,36 +2,123 @@
"id": "CVE-2024-42240",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-07T16:15:46.810",
"lastModified": "2024-08-07T19:09:46.290",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-08T14:53:59.897",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/bhi: Avoid warning in #DB handler due to BHI mitigation\n\nWhen BHI mitigation is enabled, if SYSENTER is invoked with the TF flag set\nthen entry_SYSENTER_compat() uses CLEAR_BRANCH_HISTORY and calls the\nclear_bhb_loop() before the TF flag is cleared. This causes the #DB handler\n(exc_debug_kernel()) to issue a warning because single-step is used outside the\nentry_SYSENTER_compat() function.\n\nTo address this issue, entry_SYSENTER_compat() should use CLEAR_BRANCH_HISTORY\nafter making sure the TF flag is cleared.\n\nThe problem can be reproduced with the following sequence:\n\n $ cat sysenter_step.c\n int main()\n { asm(\"pushf; pop %ax; bts $8,%ax; push %ax; popf; sysenter\"); }\n\n $ gcc -o sysenter_step sysenter_step.c\n\n $ ./sysenter_step\n Segmentation fault (core dumped)\n\nThe program is expected to crash, and the #DB handler will issue a warning.\n\nKernel log:\n\n WARNING: CPU: 27 PID: 7000 at arch/x86/kernel/traps.c:1009 exc_debug_kernel+0xd2/0x160\n ...\n RIP: 0010:exc_debug_kernel+0xd2/0x160\n ...\n Call Trace:\n <#DB>\n ? show_regs+0x68/0x80\n ? __warn+0x8c/0x140\n ? exc_debug_kernel+0xd2/0x160\n ? report_bug+0x175/0x1a0\n ? handle_bug+0x44/0x90\n ? exc_invalid_op+0x1c/0x70\n ? asm_exc_invalid_op+0x1f/0x30\n ? exc_debug_kernel+0xd2/0x160\n exc_debug+0x43/0x50\n asm_exc_debug+0x1e/0x40\n RIP: 0010:clear_bhb_loop+0x0/0xb0\n ...\n </#DB>\n <TASK>\n ? entry_SYSENTER_compat_after_hwframe+0x6e/0x8d\n </TASK>\n\n [ bp: Massage commit message. ]"
},
{
"lang": "es",
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: x86/bhi: evitar advertencia en el controlador #DB debido a la mitigaci\u00f3n de BHI Cuando la mitigaci\u00f3n de BHI est\u00e1 habilitada, si se invoca SYSENTER con el indicador TF configurado, entonces Entry_SYSENTER_compat() usa CLEAR_BRANCH_HISTORY y llama al clear_bhb_loop() antes de que se borre la bandera TF. Esto hace que el controlador #DB (exc_debug_kernel()) emita una advertencia porque se utiliza un solo paso fuera de la funci\u00f3n Entry_SYSENTER_compat(). Para solucionar este problema, Entry_SYSENTER_compat() debe usar CLEAR_BRANCH_HISTORY despu\u00e9s de asegurarse de que el indicador TF est\u00e9 borrado. El problema se puede reproducir con la siguiente secuencia: $ cat sysenter_step.c int main() { asm(\"pushf; pop %ax; bts $8,%ax; push %ax; popf; sysenter\"); } $ gcc -o sysenter_step sysenter_step.c $ ./sysenter_step Fallo de segmentaci\u00f3n (n\u00facleo volcado) Se espera que el programa falle y el controlador #DB emitir\u00e1 una advertencia. Registro del kernel: ADVERTENCIA: CPU: 27 PID: 7000 en arch/x86/kernel/traps.c:1009 exc_debug_kernel+0xd2/0x160... RIP: 0010:exc_debug_kernel+0xd2/0x160... Seguimiento de llamadas: &lt;#DB&gt; ? show_regs+0x68/0x80? __advertir+0x8c/0x140 ? exc_debug_kernel+0xd2/0x160? report_bug+0x175/0x1a0? handle_bug+0x44/0x90? exc_invalid_op+0x1c/0x70? asm_exc_invalid_op+0x1f/0x30? exc_debug_kernel+0xd2/0x160 exc_debug+0x43/0x50 asm_exc_debug+0x1e/0x40 RIP: 0010:clear_bhb_loop+0x0/0xb0 ... ? Entry_SYSENTER_compat_after_hwframe+0x6e/0x8d [bp: mensaje de commit de masaje. ]"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-835"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.15.163",
"versionEndExcluding": "6.1.100",
"matchCriteriaId": "CAAB30CE-506C-42CC-B146-52655F61012E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.41",
"matchCriteriaId": "96AC42B8-D66D-4AC5-B466-E9BA7910FA29"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.9.10",
"matchCriteriaId": "AB2E8DEC-CFD5-4C2B-981D-E7E45A36C352"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/08518d48e5b744620524f0acd7c26c19bda7f513",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a765679defe1dc1b8fa01928a6ad6361e72a1364",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ac8b270b61d48fcc61f052097777e3b5e11591e0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/dae3543db8f0cf8ac1a198c3bb4b6e3c24d576cf",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/db56615e96c439e13783d7715330e824b4fd4b84",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

89
CVE-2024/CVE-2024-422xx/CVE-2024-42241.json
View File

@ -2,28 +2,105 @@
"id": "CVE-2024-42241",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-07T16:15:46.920",
"lastModified": "2024-08-07T19:09:46.290",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-08T14:53:50.763",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/shmem: disable PMD-sized page cache if needed\n\nFor shmem files, it's possible that PMD-sized page cache can't be\nsupported by xarray. For example, 512MB page cache on ARM64 when the base\npage size is 64KB can't be supported by xarray. It leads to errors as the\nfollowing messages indicate when this sort of xarray entry is split.\n\nWARNING: CPU: 34 PID: 7578 at lib/xarray.c:1025 xas_split_alloc+0xf8/0x128\nModules linked in: binfmt_misc nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 \\\nnft_fib nft_reject_inet nf_reject_ipv4 nf_reject_ipv6 nft_reject \\\nnft_ct nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 \\\nip_set rfkill nf_tables nfnetlink vfat fat virtio_balloon drm fuse xfs \\\nlibcrc32c crct10dif_ce ghash_ce sha2_ce sha256_arm64 sha1_ce virtio_net \\\nnet_failover virtio_console virtio_blk failover dimlib virtio_mmio\nCPU: 34 PID: 7578 Comm: test Kdump: loaded Tainted: G W 6.10.0-rc5-gavin+ #9\nHardware name: QEMU KVM Virtual Machine, BIOS edk2-20240524-1.el9 05/24/2024\npstate: 83400005 (Nzcv daif +PAN -UAO +TCO +DIT -SSBS BTYPE=--)\npc : xas_split_alloc+0xf8/0x128\nlr : split_huge_page_to_list_to_order+0x1c4/0x720\nsp : ffff8000882af5f0\nx29: ffff8000882af5f0 x28: ffff8000882af650 x27: ffff8000882af768\nx26: 0000000000000cc0 x25: 000000000000000d x24: ffff00010625b858\nx23: ffff8000882af650 x22: ffffffdfc0900000 x21: 0000000000000000\nx20: 0000000000000000 x19: ffffffdfc0900000 x18: 0000000000000000\nx17: 0000000000000000 x16: 0000018000000000 x15: 52f8004000000000\nx14: 0000e00000000000 x13: 0000000000002000 x12: 0000000000000020\nx11: 52f8000000000000 x10: 52f8e1c0ffff6000 x9 : ffffbeb9619a681c\nx8 : 0000000000000003 x7 : 0000000000000000 x6 : ffff00010b02ddb0\nx5 : ffffbeb96395e378 x4 : 0000000000000000 x3 : 0000000000000cc0\nx2 : 000000000000000d x1 : 000000000000000c x0 : 0000000000000000\nCall trace:\n xas_split_alloc+0xf8/0x128\n split_huge_page_to_list_to_order+0x1c4/0x720\n truncate_inode_partial_folio+0xdc/0x160\n shmem_undo_range+0x2bc/0x6a8\n shmem_fallocate+0x134/0x430\n vfs_fallocate+0x124/0x2e8\n ksys_fallocate+0x4c/0xa0\n __arm64_sys_fallocate+0x24/0x38\n invoke_syscall.constprop.0+0x7c/0xd8\n do_el0_svc+0xb4/0xd0\n el0_svc+0x44/0x1d8\n el0t_64_sync_handler+0x134/0x150\n el0t_64_sync+0x17c/0x180\n\nFix it by disabling PMD-sized page cache when HPAGE_PMD_ORDER is larger\nthan MAX_PAGECACHE_ORDER. As Matthew Wilcox pointed, the page cache in a\nshmem file isn't represented by a multi-index entry and doesn't have this\nlimitation when the xarry entry is split until commit 6b24ca4a1a8d (\"mm:\nUse multi-index entries in the page cache\")."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mm/shmem: deshabilite la cach\u00e9 de p\u00e1ginas de tama\u00f1o PMD si es necesario. Para archivos shmem, es posible que xarray no admita la cach\u00e9 de p\u00e1ginas de tama\u00f1o PMD. Por ejemplo, xarray no puede admitir una memoria cach\u00e9 de p\u00e1gina de 512 MB en ARM64 cuando el tama\u00f1o de p\u00e1gina base es de 64 KB. Genera errores, ya que los siguientes mensajes indican cuando se divide este tipo de entrada de matriz x. ADVERTENCIA: CPU: 34 PID: 7578 en lib/xarray.c:1025 xas_split_alloc+0xf8/0x128 M\u00f3dulos vinculados en: binfmt_misc nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 \\ nft_fib nft_reject_inet nf_reject_ipv4 ject_ipv6 nft_reject \\ nft_ct nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 \\ ip_set rfkill nf_tables nfnetlink vfat fat virtio_balloon drm fuse xfs \\ libcrc32c crct10dif_ce ghash_ce sha2_ce sha256_arm64 sha1_ce virtio_net \\ net_failover virtio_console virtio_blk failover dimlib virtio_mmio CPU: 34 PID: 7578 Comm: test Kdump: cargado Contaminado: GW 6.10.0-rc5-gavin+ #9 Nombre del hardware: M\u00e1quina virtual QEMU KVM, Bios EDK2-20240524-1.EL9 24/05/2024 PSTATE: 83400005 (NZCV DAIF +PAN -UAO +TCO +DIT -SSBS BTYPE =-) PC: xas_split_alloc +0xf8/0x128 Lr: Split_huge_Page_To_List_To_Order +0x1c4/0x1c4/0x1c4/0x1c420 ffff8000882af5f0 x29: ffff8000882af5f0 x28: ffff8000882af650 x27: ffff8000882af768 x26: 0000000000000cc0 x25: 000000000000000d x24: 5b858 x23: ffff8000882af650 x22: ffffffdfc0900000 x21: 000000000000000 x20: 0000000000000000 x19: ffffffdfc0900000 x18: 00000000000000000 x1 7: 0000000000000000 x16: 0000018000000000 x15: 52f8004000000000 x14: 0000e00000000000 x13 : 0000000000002000 x12: 0000000000000020 x11: 52f8000000000000 x10: 52f8e1c0ffff6000 x9 : ffffbeb9619a681c x8 : 0000000000000003 x7 : 0000000000000 x6: ffff00010b02ddb0 x5: ffffbeb96395e378 x4: 000000000000000 x3: 0000000000000cc0 x2: 000000000000000d x1: 000000000000000 0c x0: 0000000000000000 Rastreo de llamadas: xas_split_alloc+0xf8/0x128 split_huge_page_to_list_to_order +0x1c4/0x720 truncate_inode_partial_folio+0xdc/0x160 shmem_undo_range+0x2bc/0x6a8 shmem_fallocate+0x134/0x430 vfs_fallocate+0x124/0x2e8 ksys_fallocate+0x4c/0xa0 __arm64_sys_fallo cate+0x24/0x38 invoke_syscall.constprop.0+0x7c/0xd8 do_el0_svc+0xb4/0xd0 el0_svc+ 0x44/0x1d8 el0t_64_sync_handler+0x134/0x150 el0t_64_sync+0x17c/0x180 Soluci\u00f3nelo deshabilitando el cach\u00e9 de p\u00e1ginas de tama\u00f1o PMD cuando HPAGE_PMD_ORDER es mayor que MAX_PAGECACHE_ORDER. Como se\u00f1al\u00f3 Matthew Wilcox, la cach\u00e9 de p\u00e1gina en un archivo shmem no est\u00e1 representada por una entrada de \u00edndice m\u00faltiple y no tiene esta limitaci\u00f3n cuando la entrada xarry se divide hasta el commit 6b24ca4a1a8d (\"mm: use entradas de \u00edndice m\u00faltiple en la p\u00e1gina cache\")."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.17",
"versionEndExcluding": "6.6.41",
"matchCriteriaId": "C6D591C1-AEB0-4E97-9BAD-4ECDED47C02D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.9.10",
"matchCriteriaId": "AB2E8DEC-CFD5-4C2B-981D-E7E45A36C352"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/93893eacb372b0a4a30f7de6609b08c3ba6c4fd9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Mailing List",
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9fd154ba926b34c833b7bfc4c14ee2e931b3d743",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Mailing List",
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/cd25208ca9b0097f8e079d692fc678f36fdbc3f9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Mailing List",
"Patch"
]
}
]
}

74
CVE-2024/CVE-2024-422xx/CVE-2024-42242.json
View File

@ -2,24 +2,88 @@
"id": "CVE-2024-42242",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-07T16:15:47.013",
"lastModified": "2024-08-07T19:09:46.290",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-08T14:53:42.797",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmmc: sdhci: Fix max_seg_size for 64KiB PAGE_SIZE\n\nblk_queue_max_segment_size() ensured:\n\n\tif (max_size < PAGE_SIZE)\n\t\tmax_size = PAGE_SIZE;\n\nwhereas:\n\nblk_validate_limits() makes it an error:\n\n\tif (WARN_ON_ONCE(lim->max_segment_size < PAGE_SIZE))\n\t\treturn -EINVAL;\n\nThe change from one to the other, exposed sdhci which was setting maximum\nsegment size too low in some circumstances.\n\nFix the maximum segment size when it is too low."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mmc: sdhci: Correcci\u00f3n max_seg_size para 64KiB PAGE_SIZE blk_queue_max_segment_size() asegurado: if (max_size &lt; PAGE_SIZE) max_size = PAGE_SIZE; mientras que: blk_validate_limits() lo convierte en un error: if (WARN_ON_ONCE(lim-&gt;max_segment_size &lt; PAGE_SIZE)) return -EINVAL; El cambio de uno a otro expuso a sdhci, que estaba estableciendo un tama\u00f1o de segmento m\u00e1ximo demasiado bajo en algunas circunstancias. Fije el tama\u00f1o m\u00e1ximo del segmento cuando sea demasiado bajo."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.9",
"versionEndExcluding": "6.9.10",
"matchCriteriaId": "0F5C3789-472B-40EC-9D2A-48169EDB592B"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/63d20a94f24fc1cbaf44d0e7c0e0a8077fde0aef",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/bf78b1accef46efd9b624967cb74ae8d3c215a2b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

86
CVE-2024/CVE-2024-422xx/CVE-2024-42243.json
View File

@ -2,28 +2,102 @@
"id": "CVE-2024-42243",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-07T16:15:47.080",
"lastModified": "2024-08-07T19:09:46.290",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-08T14:53:35.073",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/filemap: make MAX_PAGECACHE_ORDER acceptable to xarray\n\nPatch series \"mm/filemap: Limit page cache size to that supported by\nxarray\", v2.\n\nCurrently, xarray can't support arbitrary page cache size. More details\ncan be found from the WARN_ON() statement in xas_split_alloc(). In our\ntest whose code is attached below, we hit the WARN_ON() on ARM64 system\nwhere the base page size is 64KB and huge page size is 512MB. The issue\nwas reported long time ago and some discussions on it can be found here\n[1].\n\n[1] https://www.spinics.net/lists/linux-xfs/msg75404.html\n\nIn order to fix the issue, we need to adjust MAX_PAGECACHE_ORDER to one\nsupported by xarray and avoid PMD-sized page cache if needed. The code\nchanges are suggested by David Hildenbrand.\n\nPATCH[1] adjusts MAX_PAGECACHE_ORDER to that supported by xarray\nPATCH[2-3] avoids PMD-sized page cache in the synchronous readahead path\nPATCH[4] avoids PMD-sized page cache for shmem files if needed\n\nTest program\n============\n# cat test.c\n#define _GNU_SOURCE\n#include <stdio.h>\n#include <stdlib.h>\n#include <unistd.h>\n#include <string.h>\n#include <fcntl.h>\n#include <errno.h>\n#include <sys/syscall.h>\n#include <sys/mman.h>\n\n#define TEST_XFS_FILENAME\t\"/tmp/data\"\n#define TEST_SHMEM_FILENAME\t\"/dev/shm/data\"\n#define TEST_MEM_SIZE\t\t0x20000000\n\nint main(int argc, char **argv)\n{\n\tconst char *filename;\n\tint fd = 0;\n\tvoid *buf = (void *)-1, *p;\n\tint pgsize = getpagesize();\n\tint ret;\n\n\tif (pgsize != 0x10000) {\n\t\tfprintf(stderr, \"64KB base page size is required\\n\");\n\t\treturn -EPERM;\n\t}\n\n\tsystem(\"echo force > /sys/kernel/mm/transparent_hugepage/shmem_enabled\");\n\tsystem(\"rm -fr /tmp/data\");\n\tsystem(\"rm -fr /dev/shm/data\");\n\tsystem(\"echo 1 > /proc/sys/vm/drop_caches\");\n\n\t/* Open xfs or shmem file */\n\tfilename = TEST_XFS_FILENAME;\n\tif (argc > 1 && !strcmp(argv[1], \"shmem\"))\n\t\tfilename = TEST_SHMEM_FILENAME;\n\n\tfd = open(filename, O_CREAT | O_RDWR | O_TRUNC);\n\tif (fd < 0) {\n\t\tfprintf(stderr, \"Unable to open <%s>\\n\", filename);\n\t\treturn -EIO;\n\t}\n\n\t/* Extend file size */\n\tret = ftruncate(fd, TEST_MEM_SIZE);\n\tif (ret) {\n\t\tfprintf(stderr, \"Error %d to ftruncate()\\n\", ret);\n\t\tgoto cleanup;\n\t}\n\n\t/* Create VMA */\n\tbuf = mmap(NULL, TEST_MEM_SIZE,\n\t\t PROT_READ | PROT_WRITE, MAP_SHARED, fd, 0);\n\tif (buf == (void *)-1) {\n\t\tfprintf(stderr, \"Unable to mmap <%s>\\n\", filename);\n\t\tgoto cleanup;\n\t}\n\n\tfprintf(stdout, \"mapped buffer at 0x%p\\n\", buf);\n\tret = madvise(buf, TEST_MEM_SIZE, MADV_HUGEPAGE);\n if (ret) {\n\t\tfprintf(stderr, \"Unable to madvise(MADV_HUGEPAGE)\\n\");\n\t\tgoto cleanup;\n\t}\n\n\t/* Populate VMA */\n\tret = madvise(buf, TEST_MEM_SIZE, MADV_POPULATE_WRITE);\n\tif (ret) {\n\t\tfprintf(stderr, \"Error %d to madvise(MADV_POPULATE_WRITE)\\n\", ret);\n\t\tgoto cleanup;\n\t}\n\n\t/* Punch the file to enforce xarray split */\n\tret = fallocate(fd, FALLOC_FL_KEEP_SIZE | FALLOC_FL_PUNCH_HOLE,\n \t\tTEST_MEM_SIZE - pgsize, pgsize);\n\tif (ret)\n\t\tfprintf(stderr, \"Error %d to fallocate()\\n\", ret);\n\ncleanup:\n\tif (buf != (void *)-1)\n\t\tmunmap(buf, TEST_MEM_SIZE);\n\tif (fd > 0)\n\t\tclose(fd);\n\n\treturn 0;\n}\n\n# gcc test.c -o test\n# cat /proc/1/smaps | grep KernelPageSize | head -n 1\nKernelPageSize: 64 kB\n# ./test shmem\n :\n------------[ cut here ]------------\nWARNING: CPU: 17 PID: 5253 at lib/xarray.c:1025 xas_split_alloc+0xf8/0x128\nModules linked in: nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib \\\nnft_reject_inet nf_reject_ipv4 nf_reject_ipv6 nft_reject nft_ct \\\nnft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 \\\nip_set nf_tables rfkill nfnetlink vfat fat virtio_balloon \\\ndrm fuse xfs libcrc32c crct10dif_ce ghash_ce sha2_ce sha256_arm64 \\\nvirtio_net sha1_ce net_failover failover virtio_console virtio_blk \\\ndimlib virtio_mmio\nCPU: 17 PID: 5253 Comm: test Kdump: loaded Tainted: G W 6.10.0-rc5-gavin+ #12\nHardware name: QEMU KVM Virtual Machine, BIOS edk2-20240524-1.el9 05/24/2024\npstate: 83400005 (Nzcv daif +PAN -UAO +TC\n---truncated---"
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mm/filemap: hacer que MAX_PAGECACHE_ORDER sea aceptable para xarray Serie de parches \"mm/filemap: limitar el tama\u00f1o de cach\u00e9 de p\u00e1gina al admitido por xarray\", v2. Actualmente, xarray no puede admitir un tama\u00f1o de cach\u00e9 de p\u00e1gina arbitrario. Se pueden encontrar m\u00e1s detalles en la declaraci\u00f3n WARN_ON() en xas_split_alloc(). En nuestra prueba cuyo c\u00f3digo se adjunta a continuaci\u00f3n, presionamos WARN_ON() en el sistema ARM64 donde el tama\u00f1o de p\u00e1gina base es de 64 KB y el tama\u00f1o de p\u00e1gina enorme es de 512 MB. El problema se inform\u00f3 hace mucho tiempo y se pueden encontrar algunas discusiones al respecto aqu\u00ed [1]. [1] https://www.spinics.net/lists/linux-xfs/msg75404.html Para solucionar el problema, debemos ajustar MAX_PAGECACHE_ORDER a uno compatible con xarray y evitar el cach\u00e9 de p\u00e1ginas del tama\u00f1o de PMD si es necesario. Los cambios de c\u00f3digo los sugiere David Hildenbrand. PATCH[1] ajusta MAX_PAGECACHE_ORDER al soportado por xarray PATCH[2-3] evita el cach\u00e9 de p\u00e1ginas de tama\u00f1o PMD en la ruta de lectura anticipada sincr\u00f3nica PATCH[4] evita el cach\u00e9 de p\u00e1ginas de tama\u00f1o PMD para archivos shmem si es necesario Programa de prueba ===== ======= # cat test.c #define _GNU_SOURCE #incluye #incluye #incluye #incluye #incluye #include #include #include #define TEST_XFS_FILENAME \"/tmp/data\" #define TEST_SHMEM_FILENAME \"/dev/shm/data\" #define TEST_MEM_SIZE 0x20000000 int main(int argc, char **argv) { const char *nombre de archivo; intfd = 0; vac\u00edo *buf = (vac\u00edo *)-1, *p; int pgsize = getpagesize(); ret int; if (pgsize != 0x10000) { fprintf(stderr, \"se requiere un tama\u00f1o de p\u00e1gina base de 64 KB\\n\"); devolver -EPERM; } system(\"echo force &gt; /sys/kernel/mm/transparent_hugepage/shmem_enabled\"); sistema(\"rm -fr /tmp/data\"); sistema(\"rm -fr /dev/shm/data\"); sistema(\"echo 1 &gt; /proc/sys/vm/drop_caches\"); /* Abrir archivo xfs o shmem */ filename = TEST_XFS_FILENAME; if (argc &gt; 1 &amp;&amp; !strcmp(argv[1], \"shmem\")) nombre de archivo = TEST_SHMEM_FILENAME; fd = open(nombre de archivo, O_CREAT | O_RDWR | O_TRUNC); if (fd &lt; 0) { fprintf(stderr, \"No se puede abrir &lt;%s&gt;\\n\", nombre de archivo); devolver -EIO; } /* Ampliar tama\u00f1o de archivo */ ret = ftruncate(fd, TEST_MEM_SIZE); if (ret) { fprintf(stderr, \"Error %d al ftruncate()\\n\", ret); ir a limpieza; } /* Crear VMA */ buf = mmap(NULL, TEST_MEM_SIZE, PROT_READ | PROT_WRITE, MAP_SHARED, fd, 0); if (buf == (void *)-1) { fprintf(stderr, \"No se puede mmap &lt;%s&gt;\\n\", nombre de archivo); ir a limpieza; } fprintf(stdout, \"b\u00fafer asignado en 0x%p\\n\", buf); ret = madvise(buf, TEST_MEM_SIZE, MADV_HUGEPAGE); if (ret) { fprintf(stderr, \"No se puede madvise(MADV_HUGEPAGE)\\n\"); ir a limpieza; } /* Completar VMA */ ret = madvise(buf, TEST_MEM_SIZE, MADV_POPULATE_WRITE); if (ret) { fprintf(stderr, \"Error %d en madvise(MADV_POPULATE_WRITE)\\n\", ret); ir a limpieza; } /* Perfora el archivo para aplicar la divisi\u00f3n xarray */ ret = fallocate(fd, FALLOC_FL_KEEP_SIZE | FALLOC_FL_PUNCH_HOLE, TEST_MEM_SIZE - pgsize, pgsize); if (ret) fprintf(stderr, \"Error %d al fallacate()\\n\", ret); limpieza: if (buf != (void *)-1) munmap(buf, TEST_MEM_SIZE); si (fd &gt; 0) cerrar(fd); devolver 0; } # gcc test.c -o prueba # cat /proc/1/smaps | grep Tama\u00f1o de p\u00e1gina de kernel | head -n 1 KernelPageSize: 64 kB # ./test shmem : ------------[ cortar aqu\u00ed ]------------ ADVERTENCIA: CPU: 17 PID: 5253 en lib/xarray.c:1025 xas_split_alloc+0xf8/0x128 M\u00f3dulos vinculados en: nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib \\ nft_reject_inet nf_reject_ipv4 nf_reject_ipv6 nft_reject nft_ct \\ nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 \\ ip_set nf_tables rfkill nfnetlink vfat fat virtio_balloon \\ drm fuse xfs libcrc32c crct10dif_ce ghash_ce sha2_ce sha256_arm64 \\ virtio_net sha1_ce net_failover failover virtio_console virtio_blk \\ dimlib virtio_mmio CPU: 17 PID: 5253 Comm: prueba Kdump: cargado Contaminado: GW 6.10.0-rc5-gavin+ #12 ---truncado---"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.18",
"versionEndExcluding": "6.6.41",
"matchCriteriaId": "CB8B6FE0-8AA9-42BD-BCE9-F8A593A9F032"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.9.10",
"matchCriteriaId": "AB2E8DEC-CFD5-4C2B-981D-E7E45A36C352"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/099d90642a711caae377f53309abfe27e8724a8b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/333c5539a31f48828456aa9997ec2808f06a699a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a0c42ddd0969fdc760a85e20e267776028a7ca4e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

122
CVE-2024/CVE-2024-422xx/CVE-2024-42244.json
View File

@ -2,40 +2,144 @@
"id": "CVE-2024-42244",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-07T16:15:47.160",
"lastModified": "2024-08-07T19:09:46.290",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-08T14:53:27.147",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: serial: mos7840: fix crash on resume\n\nSince commit c49cfa917025 (\"USB: serial: use generic method if no\nalternative is provided in usb serial layer\"), USB serial core calls the\ngeneric resume implementation when the driver has not provided one.\n\nThis can trigger a crash on resume with mos7840 since support for\nmultiple read URBs was added back in 2011. Specifically, both port read\nURBs are now submitted on resume for open ports, but the context pointer\nof the second URB is left set to the core rather than mos7840 port\nstructure.\n\nFix this by implementing dedicated suspend and resume functions for\nmos7840.\n\nTested with Delock 87414 USB 2.0 to 4x serial adapter.\n\n[ johan: analyse crash and rewrite commit message; set busy flag on\n resume; drop bulk-in check; drop unnecessary usb_kill_urb() ]"
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: USB: serial: mos7840: corrige el fallo al reanudar desde el commit c49cfa917025 (\"USB: serial: use un m\u00e9todo gen\u00e9rico si no se proporciona ninguna alternativa en la capa serial USB\"), llamadas al n\u00facleo serial USB la implementaci\u00f3n del curr\u00edculum gen\u00e9rico cuando el conductor no lo haya proporcionado. Esto puede provocar una falla en el curr\u00edculum con mos7840 desde que se agreg\u00f3 soporte para m\u00faltiples URB de lectura en 2011. Espec\u00edficamente, ambos URB de lectura de puerto ahora se env\u00edan en el curr\u00edculum para puertos abiertos, pero el puntero de contexto del segundo URB se deja configurado en el n\u00facleo en lugar de la estructura del puerto mos7840. Solucione este problema implementando funciones dedicadas de suspensi\u00f3n y reanudaci\u00f3n para mos7840. Probado con el adaptador serie Delock 87414 USB 2.0 a 4x. [ johan: analiza el fallo y reescribe el mensaje de confirmaci\u00f3n; establecer una bandera de ocupado en el curr\u00edculum; dejar caer el cheque a granel; soltar usb_kill_urb() innecesario]"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.3",
"versionEndExcluding": "5.10.222",
"matchCriteriaId": "AFA22D89-D167-4A59-9B75-E2709E0FCED6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.163",
"matchCriteriaId": "A97DEB09-4927-40F8-B5C6-F5BD5EAE0CFD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.100",
"matchCriteriaId": "100CDF74-4DB5-4FC6-A54B-BDBDB0C27137"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.41",
"matchCriteriaId": "96AC42B8-D66D-4AC5-B466-E9BA7910FA29"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.9.10",
"matchCriteriaId": "AB2E8DEC-CFD5-4C2B-981D-E7E45A36C352"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/1094ed500987e67a9d18b0f95e1812f1cc720856",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/553e67dec846323b5575e78a776cf594c13f98c4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5ae6a64f18211851c8df6b4221381c438b9a7348",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/932a86a711c722b45ed47ba2103adca34d225b33",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b14aa5673e0a8077ff4b74f0bb260735e7d5e6a4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c15a688e49987385baa8804bf65d570e362f8576",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

98
CVE-2024/CVE-2024-422xx/CVE-2024-42245.json
View File

@ -2,32 +2,116 @@
"id": "CVE-2024-42245",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-07T16:15:47.230",
"lastModified": "2024-08-07T19:09:46.290",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-08T14:53:19.530",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRevert \"sched/fair: Make sure to try to detach at least one movable task\"\n\nThis reverts commit b0defa7ae03ecf91b8bfd10ede430cff12fcbd06.\n\nb0defa7ae03ec changed the load balancing logic to ignore env.max_loop if\nall tasks examined to that point were pinned. The goal of the patch was\nto make it more likely to be able to detach a task buried in a long list\nof pinned tasks. However, this has the unfortunate side effect of\ncreating an O(n) iteration in detach_tasks(), as we now must fully\niterate every task on a cpu if all or most are pinned. Since this load\nbalance code is done with rq lock held, and often in softirq context, it\nis very easy to trigger hard lockups. We observed such hard lockups with\na user who affined O(10k) threads to a single cpu.\n\nWhen I discussed this with Vincent he initially suggested that we keep\nthe limit on the number of tasks to detach, but increase the number of\ntasks we can search. However, after some back and forth on the mailing\nlist, he recommended we instead revert the original patch, as it seems\nlikely no one was actually getting hit by the original issue."
},
{
"lang": "es",
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: Revertir \"programado/justo: aseg\u00farese de intentar desconectar al menos una tarea m\u00f3vil\". Esto revierte el commit b0defa7ae03ecf91b8bfd10ede430cff12fcbd06. b0defa7ae03ec cambi\u00f3 la l\u00f3gica de equilibrio de carga para ignorar env.max_loop si todas las tareas examinadas hasta ese punto estaban fijadas. El objetivo del parche era hacer que fuera m\u00e1s probable poder separar una tarea oculta en una larga lista de tareas fijadas. Sin embargo, esto tiene el desafortunado efecto secundario de crear una iteraci\u00f3n O(n) en detach_tasks(), ya que ahora debemos iterar completamente cada tarea en una CPU si todas o la mayor\u00eda est\u00e1n fijadas. Dado que este c\u00f3digo de equilibrio de carga se realiza con el bloqueo rq mantenido y, a menudo, en el contexto de softirq, es muy f\u00e1cil activar bloqueos duros. Observamos bloqueos tan dif\u00edciles con un usuario que afin\u00f3 O(10k) subprocesos a una sola CPU. Cuando habl\u00e9 de esto con Vincent, inicialmente sugiri\u00f3 que mantuvi\u00e9ramos el l\u00edmite en la cantidad de tareas para separar, pero que increment\u00e1ramos la cantidad de tareas que podemos buscar. Sin embargo, despu\u00e9s de algunos intercambios en la lista de correo, recomend\u00f3 que revirti\u00e9ramos el parche original, ya que parece probable que nadie se haya visto afectado por el problema original."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-667"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.1",
"versionEndExcluding": "6.1.100",
"matchCriteriaId": "11AA9FD7-8CF6-4561-A31F-2BD173451E8A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.41",
"matchCriteriaId": "96AC42B8-D66D-4AC5-B466-E9BA7910FA29"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.9.10",
"matchCriteriaId": "AB2E8DEC-CFD5-4C2B-981D-E7E45A36C352"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/0fa6dcbfa2e2b97c1e6febbea561badf0931a38b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/1e116c18e32b035a2d1bd460800072c8bf96bc44",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/2feab2492deb2f14f9675dd6388e9e2bf669c27a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d467194018dd536fe6c65a2fd3aedfcdb1424903",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

98
CVE-2024/CVE-2024-422xx/CVE-2024-42246.json
View File

@ -2,32 +2,116 @@
"id": "CVE-2024-42246",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-07T16:15:47.297",
"lastModified": "2024-08-07T19:09:46.290",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-08T14:52:35.353",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet, sunrpc: Remap EPERM in case of connection failure in xs_tcp_setup_socket\n\nWhen using a BPF program on kernel_connect(), the call can return -EPERM. This\ncauses xs_tcp_setup_socket() to loop forever, filling up the syslog and causing\nthe kernel to potentially freeze up.\n\nNeil suggested:\n\n This will propagate -EPERM up into other layers which might not be ready\n to handle it. It might be safer to map EPERM to an error we would be more\n likely to expect from the network system - such as ECONNREFUSED or ENETDOWN.\n\nECONNREFUSED as error seems reasonable. For programs setting a different error\ncan be out of reach (see handling in 4fbac77d2d09) in particular on kernels\nwhich do not have f10d05966196 (\"bpf: Make BPF_PROG_RUN_ARRAY return -err\ninstead of allow boolean\"), thus given that it is better to simply remap for\nconsistent behavior. UDP does handle EPERM in xs_udp_send_request()."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net, sunrpc: reasignar EPERM en caso de falla de conexi\u00f3n en xs_tcp_setup_socket Cuando se usa un programa BPF en kernel_connect(), la llamada puede devolver -EPERM. Esto hace que xs_tcp_setup_socket() se repita indefinidamente, llenando el syslog y provocando que el kernel se congele potencialmente. Neil sugiri\u00f3: Esto propagar\u00e1 -EPERM a otras capas que podr\u00edan no estar listas para manejarlo. Podr\u00eda ser m\u00e1s seguro asignar EPERM a un error que probablemente esperar\u00edamos del sistema de red, como ECONNREFUSED o ENETDOWN. ECONNREFUSED como error parece razonable. Para los programas, configurar un error diferente puede estar fuera de su alcance (consulte el manejo en 4fbac77d2d09), en particular en los n\u00facleos que no tienen f10d05966196 (\"bpf: Make BPF_PROG_RUN_ARRAY return -err en lugar de permitir boolean\"), por lo que es mejor simplemente reasignar para un comportamiento consistente. UDP maneja EPERM en xs_udp_send_request()."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-835"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.17",
"versionEndExcluding": "6.1.100",
"matchCriteriaId": "0573E395-3D6E-46EA-B0B9-C915C6EF8375"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.41",
"matchCriteriaId": "96AC42B8-D66D-4AC5-B466-E9BA7910FA29"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.9.10",
"matchCriteriaId": "AB2E8DEC-CFD5-4C2B-981D-E7E45A36C352"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/626dfed5fa3bfb41e0dffd796032b555b69f9cde",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d6c686c01c5f12ff8f7264e0ddf71df6cb0d4414",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f2431e7db0fe0daccb2f06bb0d23740affcd2fa6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f388cfd913a2b96c05339a335f365795db1b36b6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

122
CVE-2024/CVE-2024-422xx/CVE-2024-42247.json
View File

@ -2,40 +2,144 @@
"id": "CVE-2024-42247",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-07T16:15:47.367",
"lastModified": "2024-08-07T19:09:46.290",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-08T14:52:25.213",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwireguard: allowedips: avoid unaligned 64-bit memory accesses\n\nOn the parisc platform, the kernel issues kernel warnings because\nswap_endian() tries to load a 128-bit IPv6 address from an unaligned\nmemory location:\n\n Kernel: unaligned access to 0x55f4688c in wg_allowedips_insert_v6+0x2c/0x80 [wireguard] (iir 0xf3010df)\n Kernel: unaligned access to 0x55f46884 in wg_allowedips_insert_v6+0x38/0x80 [wireguard] (iir 0xf2010dc)\n\nAvoid such unaligned memory accesses by instead using the\nget_unaligned_be64() helper macro.\n\n[Jason: replace src[8] in original patch with src+8]"
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: wireguard: Allowips: evita accesos a memoria de 64 bits no alineados. En la plataforma Parisc, el kernel emite advertencias del kernel porque swap_endian() intenta cargar una direcci\u00f3n IPv6 de 128 bits desde una memoria no alineada. ubicaci\u00f3n: Kernel: acceso no alineado a 0x55f4688c en wg_allowedips_insert_v6+0x2c/0x80 [wireguard] (iir 0xf3010df) Kernel: acceso no alineado a 0x55f46884 en wg_allowedips_insert_v6+0x38/0x80 [wireguard] (iir 0xf2010dc ) Evite dichos accesos a la memoria no alineados utilizando en su lugar get_unaligned_be64 () macro auxiliar. [Jason: reemplaza src[8] en el parche original con src+8]"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.6",
"versionEndExcluding": "5.10.222",
"matchCriteriaId": "80527C48-7C72-465F-8262-B0C3936E4714"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.163",
"matchCriteriaId": "A97DEB09-4927-40F8-B5C6-F5BD5EAE0CFD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.100",
"matchCriteriaId": "100CDF74-4DB5-4FC6-A54B-BDBDB0C27137"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.41",
"matchCriteriaId": "96AC42B8-D66D-4AC5-B466-E9BA7910FA29"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.9.10",
"matchCriteriaId": "AB2E8DEC-CFD5-4C2B-981D-E7E45A36C352"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/217978a29c6ceca76d3c640bf94bdf50c268d801",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/2fb34bf76431e831f9863cd59adc0bd1f67b0fbf",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6638a203abad35fa636d59ac47bdbc4bc100fd74",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/948f991c62a4018fb81d85804eeab3029c6209f8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ae630de24efb123d7199a43256396d7758f4cb75",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b4764f0ad3d68de8a0b847c05f427afb86dd54e6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

72
CVE-2024/CVE-2024-423xx/CVE-2024-42354.json Normal file
View File

@ -0,0 +1,72 @@
{
"id": "CVE-2024-42354",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-08-08T15:15:17.793",
"lastModified": "2024-08-08T15:15:17.793",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Shopware is an open commerce platform. The store-API works with regular entities and not expose all fields for the public API; fields need to be marked as ApiAware in the EntityDefinition. So only ApiAware fields of the EntityDefinition will be encoded to the final JSON. Prior to versions 6.6.5.1 and 6.5.8.13, the processing of the Criteria did not considered ManyToMany associations and so they were not considered properly and the protections didn't get used. This issue cannot be reproduced with the default entities by Shopware, but can be triggered with extensions. Update to Shopware 6.6.5.1 or 6.5.8.13 to receive a patch. For older versions of 6.2, 6.3, and 6.4, corresponding security measures are also available via a plugin."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://github.com/shopware/core/commit/a784aa1cec0624e36e0ee4d41aeebaed40e0442f",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/shopware/core/commit/d35ee2eda5c995faeb08b3dad127eab65c64e2a2",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/shopware/shopware/commit/8504ba7e56e53add6a1d5b9d45015e3d899cd0ac",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/shopware/shopware/commit/ad83d38809df457efef21c37ce0996430334bf01",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-hhcq-ph6w-494g",
"source": "security-advisories@github.com"
}
]
}

72
CVE-2024/CVE-2024-423xx/CVE-2024-42355.json Normal file
View File

@ -0,0 +1,72 @@
{
"id": "CVE-2024-42355",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-08-08T15:15:18.013",
"lastModified": "2024-08-08T15:15:18.013",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Shopware, an open ecommerce platform, has a new Twig Tag `sw_silent_feature_call` which silences deprecation messages while triggered in this tag. Prior to versions 6.6.5.1 and 6.5.8.13, it accepts as parameter a string the feature flag name to silence, but this parameter is not escaped properly and allows execution of code. Update to Shopware 6.6.5.1 or 6.5.8.13 to receive a patch. For older versions of 6.2, 6.3, and 6.4, corresponding security measures are also available via a plugin."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.5
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1336"
}
]
}
],
"references": [
{
"url": "https://github.com/shopware/core/commit/a784aa1cec0624e36e0ee4d41aeebaed40e0442f",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/shopware/core/commit/d35ee2eda5c995faeb08b3dad127eab65c64e2a2",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/shopware/shopware/commit/445c6763cc093fbd651e0efaa4150deae4ae60da",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/shopware/shopware/commit/8504ba7e56e53add6a1d5b9d45015e3d899cd0ac",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-27wp-jvhw-v4xp",
"source": "security-advisories@github.com"
}
]
}

72
CVE-2024/CVE-2024-423xx/CVE-2024-42356.json Normal file
View File

@ -0,0 +1,72 @@
{
"id": "CVE-2024-42356",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-08-08T15:15:18.247",
"lastModified": "2024-08-08T15:15:18.247",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Shopware is an open commerce platform. Prior to versions 6.6.5.1 and 6.5.8.13, the `context` variable is injected into almost any Twig Template and allows to access to current language, currency information. The context object allows also to switch for a short time the scope of the Context as a helper with a callable function. The function can be called also from Twig and as the second parameter allows any callable, it's possible to call from Twig any statically callable PHP function/method. It's not possible as customer to provide any Twig code, the attacker would require access to Administration to exploit it using Mail templates or using App Scripts. Update to Shopware 6.6.5.1 or 6.5.8.13 to receive a patch. For older versions of 6.1, 6.2, 6.3 and 6.4 corresponding security measures are also available via a plugin."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.5
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1336"
}
]
}
],
"references": [
{
"url": "https://github.com/shopware/core/commit/04183e0c02af3b404eb7d52c683734bfe0595038",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/shopware/core/commit/a784aa1cec0624e36e0ee4d41aeebaed40e0442f",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/shopware/shopware/commit/8504ba7e56e53add6a1d5b9d45015e3d899cd0ac",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/shopware/shopware/commit/e43423bcc93c618c3036f94c12aa29514da8cf2e",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-35jp-8cgg-p4wj",
"source": "security-advisories@github.com"
}
]
}

72
CVE-2024/CVE-2024-423xx/CVE-2024-42357.json Normal file
View File

@ -0,0 +1,72 @@
{
"id": "CVE-2024-42357",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-08-08T15:15:18.460",
"lastModified": "2024-08-08T15:15:18.460",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Shopware is an open commerce platform. Prior to versions 6.6.5.1 and 6.5.8.13, the Shopware application API contains a search functionality which enables users to search through information stored within their Shopware instance. The searches performed by this function can be aggregated using the parameters in the `aggregations` object. The `name` field in this `aggregations` object is vulnerable SQL-injection and can be exploited using SQL parameters. Update to Shopware 6.6.5.1 or 6.5.8.13 to receive a patch. For older versions of 6.1, 6.2, 6.3, and 6.4, corresponding security measures are also available via a plugin."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/shopware/core/commit/63c05615694790f5790a04ef889f42b764fa53c9",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/shopware/core/commit/a784aa1cec0624e36e0ee4d41aeebaed40e0442f",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/shopware/shopware/commit/57ea2f3c59483cf7c0f853e7a0d68c23ded1fe5b",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/shopware/shopware/commit/8504ba7e56e53add6a1d5b9d45015e3d899cd0ac",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-p6w9-r443-r752",
"source": "security-advisories@github.com"
}
]
}

14
CVE-2024/CVE-2024-423xx/CVE-2024-42395.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-42395",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2024-08-06T19:15:57.017",
"lastModified": "2024-08-07T15:17:46.717",
"lastModified": "2024-08-08T15:35:20.467",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-295"
}
]
}
],
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04678en_us&docLocale=en_US",

2
CVE-2024/CVE-2024-49xx/CVE-2024-4965.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-4965",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-05-16T08:15:39.030",
"lastModified": "2024-08-01T21:15:54.367",
"lastModified": "2024-08-08T15:15:18.730",
"vulnStatus": "Awaiting Analysis",
"cveTags": [
{

14
CVE-2024/CVE-2024-62xx/CVE-2024-6206.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-6206",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2024-06-25T20:15:14.210",
"lastModified": "2024-06-26T12:44:29.693",
"lastModified": "2024-08-08T14:35:13.290",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbgn04659en_us&docLocale=en_US",

27
CVE-2024/CVE-2024-64xx/CVE-2024-6481.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-6481",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-08-08T06:15:40.917",
"lastModified": "2024-08-08T13:04:18.753",
"lastModified": "2024-08-08T14:35:14.190",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "El complemento Search &amp; Filter Pro de WordPress anterior a 2.5.18 no desinfecta ni escapa a algunas de sus configuraciones, lo que podr\u00eda permitir a usuarios con privilegios elevados, como el administrador, realizar ataques de Cross Site Scripting (XSS) Almacenado incluso cuando la capacidad unfiltered_html no est\u00e1 permitida (por ejemplo, en una configuraci\u00f3n multisitio)"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://wpscan.com/vulnerability/53357868-2bcb-48eb-8abd-83186ff8d027/",

27
CVE-2024/CVE-2024-67xx/CVE-2024-6706.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-6706",
"sourceIdentifier": "bbf0bd87-ece2-41be-b873-96928ee8fab9",
"published": "2024-08-07T23:15:41.350",
"lastModified": "2024-08-08T13:04:18.753",
"lastModified": "2024-08-08T14:35:14.497",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "Los atacantes pueden crear un mensaje malicioso que obligue al modelo de lenguaje a ejecutar JavaScript arbitrario en el contexto de la p\u00e1gina web."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "bbf0bd87-ece2-41be-b873-96928ee8fab9",

27
CVE-2024/CVE-2024-67xx/CVE-2024-6707.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-6707",
"sourceIdentifier": "bbf0bd87-ece2-41be-b873-96928ee8fab9",
"published": "2024-08-07T23:15:41.457",
"lastModified": "2024-08-08T13:04:18.753",
"lastModified": "2024-08-08T14:35:14.743",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "Los archivos controlados por un atacante se pueden cargar en ubicaciones arbitrarias en el sistema de archivos del servidor web abusando de una vulnerabilidad de path traversal."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "bbf0bd87-ece2-41be-b873-96928ee8fab9",

Some files were not shown because too many files have changed in this diff Show More