admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 03:27:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-11-12T17:00:23.233250+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-11-12 17:03:24 +00:00
parent c16b7abbfa
commit 7ba80c8a4c
107 changed files with 9193 additions and 689 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
CVE-2006/CVE-2006-100xx/CVE-2006-10001.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2006-10001",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-03-05T21:15:09.693",
"lastModified": "2024-05-17T00:27:42.883",
"lastModified": "2024-11-12T15:38:25.570",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -101,9 +101,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pluginmirror:subscribe_to_comments:*:*:*:*:*:wordpress:*:*",
"criteria": "cpe:2.3:a:markjaquith:subscribe_to_comments:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.0.8",
"matchCriteriaId": "F9526C08-063B-4211-868E-25358D53FFD5"
"matchCriteriaId": "D27DAE94-3644-493F-9CEB-C0347173C41A"
}
]
}

14
CVE-2023/CVE-2023-317xx/CVE-2023-31704.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31704",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-13T15:15:08.930",
"lastModified": "2023-10-04T15:07:27.313",
"vulnStatus": "Analyzed",
"lastModified": "2024-11-12T15:35:01.787",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -45,6 +45,16 @@
"value": "NVD-CWE-Other"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"configurations": [

6
CVE-2024/CVE-2024-03xx/CVE-2024-0340.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-0340",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-01-09T18:15:47.503",
"lastModified": "2024-09-14T00:15:14.997",
"lastModified": "2024-11-12T16:15:19.680",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -133,6 +133,10 @@
"url": "https://access.redhat.com/errata/RHSA-2024:3627",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:9315",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2024-0340",
"source": "secalert@redhat.com",

4
CVE-2024/CVE-2024-103xx/CVE-2024-10315.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-10315",
"sourceIdentifier": "security@puppet.com",
"published": "2024-11-11T20:15:17.223",
"lastModified": "2024-11-12T13:55:21.227",
"lastModified": "2024-11-12T15:15:06.147",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Gliffy Online an insecure configuration was discovered in versions before 4.14.0-6"
"value": "In Gliffy Online an insecure configuration was discovered in versions before 4.14.0-6. Reported by Ather Iqbal."
},
{
"lang": "es",

33
CVE-2024/CVE-2024-109xx/CVE-2024-10971.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-10971",
"sourceIdentifier": "security@devolutions.net",
"published": "2024-11-12T16:15:19.930",
"lastModified": "2024-11-12T16:15:19.930",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper access control in the Password History feature in Devolutions DVLS 2024.3.7 and earlier allows a malicious authenticated user to obtain sensitive data via faulty permission."
}
],
"metrics": {},
"weaknesses": [
{
"source": "security@devolutions.net",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://devolutions.net/security/advisories/DEVO-2024-0015/",
"source": "security@devolutions.net"
}
]
}

56
CVE-2024/CVE-2024-110xx/CVE-2024-11007.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-11007",
"sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"published": "2024-11-12T16:15:20.050",
"lastModified": "2024-11-12T16:15:20.050",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Command injection in Ivanti Connect Secure before version 22.7R2.1 and Ivanti Policy Secure before version 22.7R1.1 allows a remote authenticated attacker with admin privileges to achieve remote code execution."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs",
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75"
}
]
}

4
CVE-2024/CVE-2024-110xx/CVE-2024-11060.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-11060",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-11-11T01:15:04.233",
"lastModified": "2024-11-12T13:55:21.227",
"lastModified": "2024-11-12T16:15:20.447",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in Jinher Network Collaborative Management Platform ??????????? 1.0. Affected is an unknown function of the file /C6/JHSoft.Web.AcceptAip/AcceptShow.aspx/. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
"value": "A vulnerability classified as critical has been found in Jinher Network Collaborative Management Platform \u91d1\u548c\u6570\u5b57\u5316\u667a\u80fd\u529e\u516c\u5e73\u53f0 1.0. Affected is an unknown function of the file /C6/JHSoft.Web.AcceptAip/AcceptShow.aspx/. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",

4
CVE-2024/CVE-2024-111xx/CVE-2024-11121.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-11121",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-11-12T13:15:06.360",
"lastModified": "2024-11-12T13:55:21.227",
"lastModified": "2024-11-12T16:15:20.770",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in ???????????? Lingdang CRM up to 8.6.4.3. Affected by this vulnerability is an unknown functionality of the file /crm/WeiXinApp/marketing/index.php?module=Users&action=getActionList. The manipulation of the argument userid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
"value": "A vulnerability classified as critical was found in \u4e0a\u6d77\u7075\u5f53\u4fe1\u606f\u79d1\u6280\u6709\u9650\u516c\u53f8 Lingdang CRM up to 8.6.4.3. Affected by this vulnerability is an unknown functionality of the file /crm/WeiXinApp/marketing/index.php?module=Users&action=getActionList. The manipulation of the argument userid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {

4
CVE-2024/CVE-2024-111xx/CVE-2024-11122.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-11122",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-11-12T13:15:06.700",
"lastModified": "2024-11-12T13:55:21.227",
"lastModified": "2024-11-12T16:15:20.873",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, has been found in ???????????? Lingdang CRM up to 8.6.4.3. Affected by this issue is some unknown functionality of the file /crm/wechatSession/index.php?msgid=1&operation=upload. The manipulation of the argument file leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
"value": "A vulnerability, which was classified as critical, has been found in \u4e0a\u6d77\u7075\u5f53\u4fe1\u606f\u79d1\u6280\u6709\u9650\u516c\u53f8 Lingdang CRM up to 8.6.4.3. Affected by this issue is some unknown functionality of the file /crm/wechatSession/index.php?msgid=1&operation=upload. The manipulation of the argument file leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {

4
CVE-2024/CVE-2024-111xx/CVE-2024-11123.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-11123",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-11-12T13:15:06.987",
"lastModified": "2024-11-12T13:55:21.227",
"lastModified": "2024-11-12T16:15:20.990",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, was found in ???????????? Lingdang CRM up to 8.6.4.3. This affects an unknown part of the file /crm/data/pdf.php. The manipulation of the argument url with the input ../config.inc.php leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
"value": "A vulnerability, which was classified as problematic, was found in \u4e0a\u6d77\u7075\u5f53\u4fe1\u606f\u79d1\u6280\u6709\u9650\u516c\u53f8 Lingdang CRM up to 8.6.4.3. This affects an unknown part of the file /crm/data/pdf.php. The manipulation of the argument url with the input ../config.inc.php leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {

4
CVE-2024/CVE-2024-111xx/CVE-2024-11124.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-11124",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-11-12T14:15:16.260",
"lastModified": "2024-11-12T14:15:16.260",
"vulnStatus": "Received",
"lastModified": "2024-11-12T15:48:59.103",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

141
CVE-2024/CVE-2024-111xx/CVE-2024-11125.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2024-11125",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-11-12T15:15:06.347",
"lastModified": "2024-11-12T15:48:59.103",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in GetSimpleCMS 3.3.16 and classified as problematic. This issue affects some unknown processing of the file /admin/profile.php. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "NONE",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 6.9,
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 5.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
},
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://github.com/Zeynalxan/zero-day/blob/main/GetSimpleCMS-CVE.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.283973",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.283973",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.437090",
"source": "cna@vuldb.com"
}
]
}

137
CVE-2024/CVE-2024-111xx/CVE-2024-11126.json Normal file
View File

@ -0,0 +1,137 @@
{
"id": "CVE-2024-11126",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-11-12T15:15:06.637",
"lastModified": "2024-11-12T15:48:59.103",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Digistar AG-30 Plus 2.6b. It has been classified as problematic. Affected is an unknown function of the component Login Page. The manipulation leads to improper restriction of excessive authentication attempts. The complexity of an attack is rather high. The exploitability is told to be difficult. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "ADJACENT",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "NONE",
"vulnerableSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 2.3,
"baseSeverity": "LOW"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.6,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:A/AC:H/Au:N/C:P/I:N/A:N",
"accessVector": "ADJACENT_NETWORK",
"accessComplexity": "HIGH",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.8
},
"baseSeverity": "LOW",
"exploitabilityScore": 3.2,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-307"
},
{
"lang": "en",
"value": "CWE-799"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.283974",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.283974",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.437096",
"source": "cna@vuldb.com"
}
]
}

145
CVE-2024/CVE-2024-111xx/CVE-2024-11127.json Normal file
View File

@ -0,0 +1,145 @@
{
"id": "CVE-2024-11127",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-11-12T15:15:06.920",
"lastModified": "2024-11-12T15:48:59.103",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in code-projects Job Recruitment up to 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file admin.php. The manipulation of the argument userid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://code-projects.org/",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/ljllll123/cve/blob/main/sql-1.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.283975",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.283975",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.441841",
"source": "cna@vuldb.com"
}
]
}

141
CVE-2024/CVE-2024-111xx/CVE-2024-11130.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2024-11130",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-11-12T15:15:07.243",
"lastModified": "2024-11-12T15:48:59.103",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in ZZCMS up to 2023. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/msg.php. The manipulation of the argument keyword leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "NONE",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 5.1,
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 2.4,
"baseSeverity": "LOW"
},
"exploitabilityScore": 0.9,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:M/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "MULTIPLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 3.3
},
"baseSeverity": "LOW",
"exploitabilityScore": 6.4,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
},
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "https://github.com/En0t5/vul/blob/main/zzcms-msg-xss.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.283976",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.283976",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.439699",
"source": "cna@vuldb.com"
}
]
}

6
CVE-2024/CVE-2024-11xx/CVE-2024-1151.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-1151",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-02-11T15:15:07.890",
"lastModified": "2024-09-05T16:15:07.097",
"lastModified": "2024-11-12T16:15:21.213",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -174,6 +174,10 @@
"Issue Tracking"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:9315",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2024-1151",
"source": "secalert@redhat.com",

14
CVE-2024/CVE-2024-222xx/CVE-2024-22257.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-22257",
"sourceIdentifier": "security@vmware.com",
"published": "2024-03-18T15:15:41.790",
"lastModified": "2024-04-19T07:15:09.223",
"lastModified": "2024-11-12T16:35:07.147",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20240419-0005/",

100
CVE-2024/CVE-2024-23xx/CVE-2024-2315.json Normal file
View File

@ -0,0 +1,100 @@
{
"id": "CVE-2024-2315",
"sourceIdentifier": "biossecurity@ami.com",
"published": "2024-11-12T15:15:07.737",
"lastModified": "2024-11-12T16:35:08.840",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "APTIOV contains a vulnerability in BIOS where may cause Improper Access Control by a local attacker. Successful exploitation of this vulnerability may lead to unexpected SPI flash modifications and BIOS boot kit launches, also impacting the availability."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "biossecurity@ami.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "NONE",
"vulnerableSystemIntegrity": "NONE",
"vulnerableSystemAvailability": "HIGH",
"subsequentSystemConfidentiality": "LOW",
"subsequentSystemIntegrity": "LOW",
"subsequentSystemAvailability": "LOW",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 6.8,
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "biossecurity@ami.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/2024/AMI-SA-2024004.pdf",
"source": "biossecurity@ami.com"
}
]
}

39
CVE-2024/CVE-2024-281xx/CVE-2024-28162.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-28162",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2024-03-06T17:15:11.140",
"lastModified": "2024-05-01T18:15:17.223",
"lastModified": "2024-11-12T16:35:08.007",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "En Jenkins Delphix Plugin 3.0.1 a 3.1.0 (ambos inclusive), una opci\u00f3n global para que los administradores habiliten o deshabiliten la validaci\u00f3n de certificados SSL/TLS para conexiones de la Torre de control de datos (DCT) no surte efecto hasta que se reinicia al cambiar de validaci\u00f3n deshabilitada a validaci\u00f3n habilitada."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.6,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-295"
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/03/06/3",

10
CVE-2024/CVE-2024-310xx/CVE-2024-31080.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-31080",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-04-04T14:15:10.330",
"lastModified": "2024-09-16T19:16:09.680",
"lastModified": "2024-11-12T15:15:07.940",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -104,6 +104,14 @@
"url": "https://access.redhat.com/errata/RHSA-2024:3343",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:9093",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:9122",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2024-31080",
"source": "secalert@redhat.com"

10
CVE-2024/CVE-2024-310xx/CVE-2024-31081.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-31081",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-04-04T14:15:10.593",
"lastModified": "2024-09-16T19:16:09.940",
"lastModified": "2024-11-12T15:15:08.220",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -104,6 +104,14 @@
"url": "https://access.redhat.com/errata/RHSA-2024:3343",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:9093",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:9122",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2024-31081",
"source": "secalert@redhat.com"

10
CVE-2024/CVE-2024-310xx/CVE-2024-31083.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-31083",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-04-05T12:15:37.577",
"lastModified": "2024-09-16T19:16:10.120",
"lastModified": "2024-11-12T15:15:08.420",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -104,6 +104,14 @@
"url": "https://access.redhat.com/errata/RHSA-2024:3343",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:9093",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:9122",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2024-31083",
"source": "secalert@redhat.com"

100
CVE-2024/CVE-2024-336xx/CVE-2024-33658.json Normal file
View File

@ -0,0 +1,100 @@
{
"id": "CVE-2024-33658",
"sourceIdentifier": "biossecurity@ami.com",
"published": "2024-11-12T15:15:08.610",
"lastModified": "2024-11-12T16:35:09.080",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "APTIOV contains a vulnerability in BIOS where an attacker may cause an Improper Restriction of Operations within the Bounds of a Memory Buffer by local. Successful exploitation of this vulnerability may lead to privilege escalation and potentially arbitrary code execution, and impact Integrity."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "biossecurity@ami.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:L/VI:H/VA:L/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"privilegesRequired": "LOW",
"userInteraction": "PASSIVE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "HIGH",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "LOW",
"subsequentSystemIntegrity": "LOW",
"subsequentSystemAvailability": "LOW",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.3,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "biossecurity@ami.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
],
"references": [
{
"url": "https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/2024/AMI-SA-2024004.pdf",
"source": "biossecurity@ami.com"
}
]
}

100
CVE-2024/CVE-2024-336xx/CVE-2024-33660.json Normal file
View File

@ -0,0 +1,100 @@
{
"id": "CVE-2024-33660",
"sourceIdentifier": "biossecurity@ami.com",
"published": "2024-11-12T15:15:08.727",
"lastModified": "2024-11-12T16:35:09.330",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An exploit is possible where an actor with physical access can manipulate SPI flash without being detected."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "biossecurity@ami.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "HIGH",
"subsequentSystemConfidentiality": "LOW",
"subsequentSystemIntegrity": "LOW",
"subsequentSystemAvailability": "LOW",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 5.2,
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "biossecurity@ami.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-494"
}
]
}
],
"references": [
{
"url": "https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/2024/AMI-SA-2024004.pdf",
"source": "biossecurity@ami.com"
}
]
}

608
CVE-2024/CVE-2024-346xx/CVE-2024-34674.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-34674",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2024-11-06T03:15:03.473",
"lastModified": "2024-11-06T18:17:17.287",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-11-12T16:08:56.463",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 3.6
},
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
@ -39,10 +59,592 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:-:*:*:*:*:*:*",
"matchCriteriaId": "D757450C-270E-4FB2-A50C-7F769FED558A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "EC4A2EBA-038B-44D5-84F3-FF326CD1C62D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "40EB3FC1-D79A-40C7-9E2B-573E20780982"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "F1525232-54F0-467F-9575-2445F73F43B5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "0ABFBBDB-E935-4C54-865A-0E607497DA87"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "7B738B6B-78CE-4618-B70D-6BC9ED453105"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "2E61388E-2542-4198-8BC6-ABB20930F01A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "3899E3E7-1284-4223-A258-DA691F5D62FE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "ECD961EA-6881-4A14-83DE-C6972F6F681C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "18940389-1FBD-48B2-BCF0-1D709C2C3045"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "011CC4F5-6701-41E9-BC7D-CFE6EFF682AC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "13E145E2-CE11-4EE5-9085-B4960FE4F52F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "B3556856-6F56-465C-8254-BB3CD8252FF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "A3BBC8B6-1D2B-47C9-93EE-3D3DC43062F1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "02600CDD-6862-4146-88E8-A2E73B7ED534"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "2DB353A1-BE96-4FB5-9F4D-0119DC51F24E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "35F40D59-034B-44FB-8DCD-D469B50DE7E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "CC84021B-9846-40FB-834B-7C5BECEFFEAC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "06092D16-EBD5-489C-81D2-F6E0F922AE7D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "BC3F8572-578B-4D19-9453-1D03DA55EF70"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "EEABF42E-578E-4689-B80D-B305467AA72D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "E070DA79-8F09-4877-BFBA-3F23564DD8C8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "9137C66C-4966-4C90-ABE9-7E22F7E29BA7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "E261C9D8-1E74-44B8-9F11-F5769CF8B7FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "D80C2C7A-6F48-48B8-ACAD-720FC797F836"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "18CD523B-530E-4187-8BFF-729CDAC69282"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "4C28D3CD-DD34-4334-B03F-794B31A4BF48"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "EE03013A-AAB3-4426-BB22-E1487D3B3F6C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "5A81C86D-F1FE-4166-8F37-D7170E6B30FE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "A3D80783-523A-455E-B1AD-0961086F79E6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "D5EF09DB-023A-40CB-9C94-020172383EEC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-oct-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "89BE2958-0BEE-4CFD-A0BA-494DE62E7F32"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-oct-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "5C5B44E9-BA5B-4CFB-8452-B52B6CC833F5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-oct-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "57CE2207-ADF3-42F9-83D7-E7C530BDAACF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-sep-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "B0329C50-B904-480D-8EBB-F2757049FC81"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-sep-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "E1553CEA-FCF4-4A9C-85FE-F7DB7A500443"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr_sep-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "EE6DDF76-7C22-4AE7-A84E-431807413952"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:-:*:*:*:*:*:*",
"matchCriteriaId": "A123EDB1-3048-44B0-8D4D-39A2B24B5F6B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-apr-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "BDE4D65E-8F9B-4810-AED6-95564A97D741"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-apr-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "70825981-F895-4BFD-9B6E-92BFF0D67023"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-apr-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "A5E68B7B-BA08-4E8C-B60A-B3836C6986BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-aug-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "0AF1EDA0-2712-4C3C-8D8A-89E154BB63DF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-aug-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "88DC0A82-CAF3-4E88-8A4D-8AF79D0C226D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-aug-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "6239D93F-CA0E-4120-96A1-FB63276EAEE8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-dec-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "CD382E2D-0B51-4908-989A-88E083FC85BF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-dec-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "299284DA-85AB-4162-B858-E67E5C6C14F7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-dec-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "38B7AB56-AB65-4557-A91C-40CA2FD12351"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-feb-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "61D507C0-086B-4139-A560-126964DFA579"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-feb-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "D98F307E-3B01-4C17-86E5-1C6299919417"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-feb-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "952CA843-7CF0-4424-BDA4-3F2A93E077B6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jan-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "57B125ED-D939-4CBC-9E96-BBCF02402A69"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jan-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "7D7DA96D-9C25-4DDA-A6BF-D998AC346B89"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jan-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "07AC19C6-D245-4C3A-90CC-A931A901EA0A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jul-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "DF85AA7B-E1C7-4946-92B4-E4D545CAACDF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jul-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "34114DDC-DCDA-4306-8D23-2E628873171F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jul-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "B6871BC1-19F4-4F0C-88D8-4000590D8D5A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jun-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "9FA72654-2389-4709-BC70-59EC4349A826"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jun-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "85E4E8C1-749F-4A1C-8333-6BAFBF8B64D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jun-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "E346DCBD-7DEB-464F-B917-8624BE87D646"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-mar-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "79C89A24-B07F-43D2-AE83-8F4F03D6C114"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-mar-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "5F73D594-178F-4FC8-9F40-0E545E2647B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-mar-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "5697984D-08BA-412F-9BDF-26B658B0ADBC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-may-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "E4187BA1-226E-4976-A642-2F6DAE85538E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-may-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "3F3EF3F1-4E54-46E3-A308-69656A29FBD2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-may-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "73F22C26-52FC-42A7-B263-0CC7770A8C6A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-nov-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "BFB2B338-5E04-4136-939F-749A3B163656"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-nov-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "D2B24866-2B3A-4A1A-8B75-EF7A7541797A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-nov-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "3D30C02C-91FB-4D29-AF49-7903158E8FEB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-oct-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "EBB29F18-A929-432B-B20C-365401E6CA12"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-oct-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "2B6D9064-844B-4D3F-AAE4-D170DF45EF8D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-oct-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "C908A5B3-C47B-4DA1-A62F-F8FD77FF960D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-sep-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "4C17A088-2CA1-4818-940F-2FEFA881D598"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-sep-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "C581B7EE-CD08-4D6E-8858-EA8FA631F84C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-sep-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "1DD187E2-2655-407D-87F9-135A9D45F783"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:-:*:*:*:*:*:*",
"matchCriteriaId": "3093F6FE-C562-4F62-97B7-CA0D2DDF9BBE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-apr-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "9CBFF102-91A9-4BCC-BB43-912896BFCCEA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-apr-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "DAB2A0D7-8F4F-4128-AE09-D2658D793BF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-apr-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "6A89AE5B-4D1A-4ADA-B572-38B1FC4ED54C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-aug-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "401980A7-E64A-4773-83EB-C93B50AE0F73"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-aug-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "CC6E2FC7-2BAF-4C7B-9E0F-D9F844041A35"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-aug-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "6E12AB0B-728A-4478-B237-78CBAA2A44C5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-dec-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "0501033A-0D51-41E8-91A9-E72B6EE3F78D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-dec-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "2A901EFE-90BA-474C-88D2-8A3E7D99C0E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-dec-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "DF7B3213-520A-49F0-A183-C73A37A56854"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-feb-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "30F706F3-34F6-4D43-AE5E-C202C700A333"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-feb-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "FD8B9CD3-063E-481E-BE7C-1628ADA71849"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-feb-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "12C17130-A0C0-49E1-8525-9D65F0275270"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jan-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "4FAA7790-A323-4ECA-834E-F19E59C571F5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jan-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "9CE09EF7-B024-4D79-9400-C8223CDFBB86"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jan-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "C339A665-413D-443F-AD04-F71C161235D0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jul-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "213AC4D5-3B95-4120-B72D-A9327BADE2BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jul-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "3DD61EDA-98ED-4309-B54F-0CF8B7D07DC7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jul-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "F7DCB465-A0F7-496E-BE45-0B5FA1508D93"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jun-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "6D65C03E-7BC3-491A-8621-A8C93FBA0A69"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jun-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "4ECB0B7A-590C-460C-878B-9A78CB37D259"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jun-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "D66CF415-6C4A-4AF3-B660-B2E9CF484B51"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-mar-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "31B5B670-ACDE-4A64-97C5-358D79C65080"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-mar-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "EAFE015F-8130-4F10-A553-420F0BB2A132"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-mar-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "141E541B-8FA5-4829-A413-4F1DC19E9AE1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-may-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "77CE3494-F7C0-497B-8491-107D31C9A91F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-may-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "ACEA385E-3931-4438-A2A9-0357651F9B48"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-may-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "A57CB118-46CC-4CE8-ACC3-A806CD2C25A9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-nov-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "84F3023F-E65C-4871-A65A-738EFF64D365"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-nov-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "6DD1F78D-EA98-4825-A0EA-703196DDE5E4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-nov-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "BDDB3FBE-99EC-4763-961B-2C436D864A1A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-oct-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "1B02110E-71FB-495F-86CA-F2A4E55C0E42"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-oct-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "931CC6D7-A42D-4482-B901-B539DFF89C3E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-oct-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "F7EB9C6E-CF84-4E4D-94D8-39233F8EC4DD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-sep-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "852A1BEC-438F-4D1E-B361-87BD57D50157"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-sep-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "84ED2366-D4BA-4094-94AC-AD6E7AEBB6FF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-sep-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "ABFE99DC-4495-4D4F-80D4-C29A1D22A9C5"
}
]
}
]
}
],
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=11",
"source": "mobile.security@samsung.com"
"source": "mobile.security@samsung.com",
"tags": [
"Vendor Advisory"
]
}
]
}

238
CVE-2024/CVE-2024-346xx/CVE-2024-34675.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-34675",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2024-11-06T03:15:03.643",
"lastModified": "2024-11-06T18:17:17.287",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-11-12T16:08:22.760",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 3.6
},
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
@ -39,10 +59,222 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:-:*:*:*:*:*:*",
"matchCriteriaId": "3093F6FE-C562-4F62-97B7-CA0D2DDF9BBE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-apr-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "9CBFF102-91A9-4BCC-BB43-912896BFCCEA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-apr-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "DAB2A0D7-8F4F-4128-AE09-D2658D793BF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-apr-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "6A89AE5B-4D1A-4ADA-B572-38B1FC4ED54C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-aug-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "401980A7-E64A-4773-83EB-C93B50AE0F73"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-aug-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "CC6E2FC7-2BAF-4C7B-9E0F-D9F844041A35"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-aug-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "6E12AB0B-728A-4478-B237-78CBAA2A44C5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-dec-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "0501033A-0D51-41E8-91A9-E72B6EE3F78D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-dec-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "2A901EFE-90BA-474C-88D2-8A3E7D99C0E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-dec-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "DF7B3213-520A-49F0-A183-C73A37A56854"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-feb-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "30F706F3-34F6-4D43-AE5E-C202C700A333"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-feb-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "FD8B9CD3-063E-481E-BE7C-1628ADA71849"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-feb-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "12C17130-A0C0-49E1-8525-9D65F0275270"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jan-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "4FAA7790-A323-4ECA-834E-F19E59C571F5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jan-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "9CE09EF7-B024-4D79-9400-C8223CDFBB86"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jan-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "C339A665-413D-443F-AD04-F71C161235D0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jul-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "213AC4D5-3B95-4120-B72D-A9327BADE2BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jul-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "3DD61EDA-98ED-4309-B54F-0CF8B7D07DC7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jul-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "F7DCB465-A0F7-496E-BE45-0B5FA1508D93"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jun-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "6D65C03E-7BC3-491A-8621-A8C93FBA0A69"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jun-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "4ECB0B7A-590C-460C-878B-9A78CB37D259"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jun-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "D66CF415-6C4A-4AF3-B660-B2E9CF484B51"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-mar-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "31B5B670-ACDE-4A64-97C5-358D79C65080"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-mar-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "EAFE015F-8130-4F10-A553-420F0BB2A132"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-mar-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "141E541B-8FA5-4829-A413-4F1DC19E9AE1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-may-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "77CE3494-F7C0-497B-8491-107D31C9A91F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-may-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "ACEA385E-3931-4438-A2A9-0357651F9B48"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-may-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "A57CB118-46CC-4CE8-ACC3-A806CD2C25A9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-nov-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "84F3023F-E65C-4871-A65A-738EFF64D365"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-nov-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "6DD1F78D-EA98-4825-A0EA-703196DDE5E4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-nov-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "BDDB3FBE-99EC-4763-961B-2C436D864A1A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-oct-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "1B02110E-71FB-495F-86CA-F2A4E55C0E42"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-oct-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "931CC6D7-A42D-4482-B901-B539DFF89C3E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-oct-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "F7EB9C6E-CF84-4E4D-94D8-39233F8EC4DD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-sep-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "852A1BEC-438F-4D1E-B361-87BD57D50157"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-sep-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "84ED2366-D4BA-4094-94AC-AD6E7AEBB6FF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-sep-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "ABFE99DC-4495-4D4F-80D4-C29A1D22A9C5"
}
]
}
]
}
],
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=11",
"source": "mobile.security@samsung.com"
"source": "mobile.security@samsung.com",
"tags": [
"Vendor Advisory"
]
}
]
}

608
CVE-2024/CVE-2024-346xx/CVE-2024-34676.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-34676",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2024-11-06T03:15:03.820",
"lastModified": "2024-11-06T18:17:17.287",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-11-12T15:31:08.867",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
},
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
@ -39,10 +59,592 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:-:*:*:*:*:*:*",
"matchCriteriaId": "D757450C-270E-4FB2-A50C-7F769FED558A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "EC4A2EBA-038B-44D5-84F3-FF326CD1C62D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "40EB3FC1-D79A-40C7-9E2B-573E20780982"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "F1525232-54F0-467F-9575-2445F73F43B5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "0ABFBBDB-E935-4C54-865A-0E607497DA87"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "7B738B6B-78CE-4618-B70D-6BC9ED453105"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "2E61388E-2542-4198-8BC6-ABB20930F01A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "3899E3E7-1284-4223-A258-DA691F5D62FE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "ECD961EA-6881-4A14-83DE-C6972F6F681C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "18940389-1FBD-48B2-BCF0-1D709C2C3045"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "011CC4F5-6701-41E9-BC7D-CFE6EFF682AC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "13E145E2-CE11-4EE5-9085-B4960FE4F52F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "B3556856-6F56-465C-8254-BB3CD8252FF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "A3BBC8B6-1D2B-47C9-93EE-3D3DC43062F1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "02600CDD-6862-4146-88E8-A2E73B7ED534"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "2DB353A1-BE96-4FB5-9F4D-0119DC51F24E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "35F40D59-034B-44FB-8DCD-D469B50DE7E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "CC84021B-9846-40FB-834B-7C5BECEFFEAC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "06092D16-EBD5-489C-81D2-F6E0F922AE7D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "BC3F8572-578B-4D19-9453-1D03DA55EF70"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "EEABF42E-578E-4689-B80D-B305467AA72D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "E070DA79-8F09-4877-BFBA-3F23564DD8C8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "9137C66C-4966-4C90-ABE9-7E22F7E29BA7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "E261C9D8-1E74-44B8-9F11-F5769CF8B7FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "D80C2C7A-6F48-48B8-ACAD-720FC797F836"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "18CD523B-530E-4187-8BFF-729CDAC69282"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "4C28D3CD-DD34-4334-B03F-794B31A4BF48"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "EE03013A-AAB3-4426-BB22-E1487D3B3F6C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "5A81C86D-F1FE-4166-8F37-D7170E6B30FE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "A3D80783-523A-455E-B1AD-0961086F79E6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "D5EF09DB-023A-40CB-9C94-020172383EEC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-oct-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "89BE2958-0BEE-4CFD-A0BA-494DE62E7F32"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-oct-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "5C5B44E9-BA5B-4CFB-8452-B52B6CC833F5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-oct-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "57CE2207-ADF3-42F9-83D7-E7C530BDAACF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-sep-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "B0329C50-B904-480D-8EBB-F2757049FC81"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-sep-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "E1553CEA-FCF4-4A9C-85FE-F7DB7A500443"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr_sep-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "EE6DDF76-7C22-4AE7-A84E-431807413952"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:-:*:*:*:*:*:*",
"matchCriteriaId": "A123EDB1-3048-44B0-8D4D-39A2B24B5F6B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-apr-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "BDE4D65E-8F9B-4810-AED6-95564A97D741"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-apr-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "70825981-F895-4BFD-9B6E-92BFF0D67023"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-apr-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "A5E68B7B-BA08-4E8C-B60A-B3836C6986BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-aug-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "0AF1EDA0-2712-4C3C-8D8A-89E154BB63DF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-aug-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "88DC0A82-CAF3-4E88-8A4D-8AF79D0C226D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-aug-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "6239D93F-CA0E-4120-96A1-FB63276EAEE8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-dec-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "CD382E2D-0B51-4908-989A-88E083FC85BF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-dec-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "299284DA-85AB-4162-B858-E67E5C6C14F7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-dec-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "38B7AB56-AB65-4557-A91C-40CA2FD12351"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-feb-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "61D507C0-086B-4139-A560-126964DFA579"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-feb-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "D98F307E-3B01-4C17-86E5-1C6299919417"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-feb-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "952CA843-7CF0-4424-BDA4-3F2A93E077B6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jan-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "57B125ED-D939-4CBC-9E96-BBCF02402A69"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jan-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "7D7DA96D-9C25-4DDA-A6BF-D998AC346B89"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jan-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "07AC19C6-D245-4C3A-90CC-A931A901EA0A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jul-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "DF85AA7B-E1C7-4946-92B4-E4D545CAACDF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jul-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "34114DDC-DCDA-4306-8D23-2E628873171F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jul-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "B6871BC1-19F4-4F0C-88D8-4000590D8D5A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jun-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "9FA72654-2389-4709-BC70-59EC4349A826"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jun-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "85E4E8C1-749F-4A1C-8333-6BAFBF8B64D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jun-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "E346DCBD-7DEB-464F-B917-8624BE87D646"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-mar-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "79C89A24-B07F-43D2-AE83-8F4F03D6C114"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-mar-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "5F73D594-178F-4FC8-9F40-0E545E2647B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-mar-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "5697984D-08BA-412F-9BDF-26B658B0ADBC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-may-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "E4187BA1-226E-4976-A642-2F6DAE85538E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-may-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "3F3EF3F1-4E54-46E3-A308-69656A29FBD2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-may-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "73F22C26-52FC-42A7-B263-0CC7770A8C6A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-nov-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "BFB2B338-5E04-4136-939F-749A3B163656"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-nov-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "D2B24866-2B3A-4A1A-8B75-EF7A7541797A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-nov-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "3D30C02C-91FB-4D29-AF49-7903158E8FEB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-oct-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "EBB29F18-A929-432B-B20C-365401E6CA12"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-oct-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "2B6D9064-844B-4D3F-AAE4-D170DF45EF8D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-oct-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "C908A5B3-C47B-4DA1-A62F-F8FD77FF960D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-sep-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "4C17A088-2CA1-4818-940F-2FEFA881D598"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-sep-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "C581B7EE-CD08-4D6E-8858-EA8FA631F84C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-sep-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "1DD187E2-2655-407D-87F9-135A9D45F783"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:-:*:*:*:*:*:*",
"matchCriteriaId": "3093F6FE-C562-4F62-97B7-CA0D2DDF9BBE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-apr-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "9CBFF102-91A9-4BCC-BB43-912896BFCCEA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-apr-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "DAB2A0D7-8F4F-4128-AE09-D2658D793BF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-apr-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "6A89AE5B-4D1A-4ADA-B572-38B1FC4ED54C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-aug-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "401980A7-E64A-4773-83EB-C93B50AE0F73"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-aug-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "CC6E2FC7-2BAF-4C7B-9E0F-D9F844041A35"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-aug-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "6E12AB0B-728A-4478-B237-78CBAA2A44C5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-dec-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "0501033A-0D51-41E8-91A9-E72B6EE3F78D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-dec-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "2A901EFE-90BA-474C-88D2-8A3E7D99C0E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-dec-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "DF7B3213-520A-49F0-A183-C73A37A56854"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-feb-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "30F706F3-34F6-4D43-AE5E-C202C700A333"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-feb-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "FD8B9CD3-063E-481E-BE7C-1628ADA71849"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-feb-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "12C17130-A0C0-49E1-8525-9D65F0275270"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jan-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "4FAA7790-A323-4ECA-834E-F19E59C571F5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jan-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "9CE09EF7-B024-4D79-9400-C8223CDFBB86"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jan-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "C339A665-413D-443F-AD04-F71C161235D0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jul-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "213AC4D5-3B95-4120-B72D-A9327BADE2BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jul-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "3DD61EDA-98ED-4309-B54F-0CF8B7D07DC7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jul-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "F7DCB465-A0F7-496E-BE45-0B5FA1508D93"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jun-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "6D65C03E-7BC3-491A-8621-A8C93FBA0A69"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jun-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "4ECB0B7A-590C-460C-878B-9A78CB37D259"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jun-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "D66CF415-6C4A-4AF3-B660-B2E9CF484B51"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-mar-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "31B5B670-ACDE-4A64-97C5-358D79C65080"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-mar-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "EAFE015F-8130-4F10-A553-420F0BB2A132"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-mar-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "141E541B-8FA5-4829-A413-4F1DC19E9AE1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-may-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "77CE3494-F7C0-497B-8491-107D31C9A91F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-may-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "ACEA385E-3931-4438-A2A9-0357651F9B48"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-may-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "A57CB118-46CC-4CE8-ACC3-A806CD2C25A9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-nov-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "84F3023F-E65C-4871-A65A-738EFF64D365"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-nov-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "6DD1F78D-EA98-4825-A0EA-703196DDE5E4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-nov-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "BDDB3FBE-99EC-4763-961B-2C436D864A1A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-oct-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "1B02110E-71FB-495F-86CA-F2A4E55C0E42"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-oct-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "931CC6D7-A42D-4482-B901-B539DFF89C3E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-oct-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "F7EB9C6E-CF84-4E4D-94D8-39233F8EC4DD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-sep-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "852A1BEC-438F-4D1E-B361-87BD57D50157"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-sep-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "84ED2366-D4BA-4094-94AC-AD6E7AEBB6FF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-sep-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "ABFE99DC-4495-4D4F-80D4-C29A1D22A9C5"
}
]
}
]
}
],
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=11",
"source": "mobile.security@samsung.com"
"source": "mobile.security@samsung.com",
"tags": [
"Vendor Advisory"
]
}
]
}

608
CVE-2024/CVE-2024-346xx/CVE-2024-34677.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-34677",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2024-11-06T03:15:03.980",
"lastModified": "2024-11-06T18:17:17.287",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-11-12T16:07:39.377",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
},
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
@ -39,10 +59,592 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-922"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:-:*:*:*:*:*:*",
"matchCriteriaId": "D757450C-270E-4FB2-A50C-7F769FED558A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "EC4A2EBA-038B-44D5-84F3-FF326CD1C62D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "40EB3FC1-D79A-40C7-9E2B-573E20780982"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "F1525232-54F0-467F-9575-2445F73F43B5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "0ABFBBDB-E935-4C54-865A-0E607497DA87"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "7B738B6B-78CE-4618-B70D-6BC9ED453105"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "2E61388E-2542-4198-8BC6-ABB20930F01A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "3899E3E7-1284-4223-A258-DA691F5D62FE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "ECD961EA-6881-4A14-83DE-C6972F6F681C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "18940389-1FBD-48B2-BCF0-1D709C2C3045"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "011CC4F5-6701-41E9-BC7D-CFE6EFF682AC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "13E145E2-CE11-4EE5-9085-B4960FE4F52F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "B3556856-6F56-465C-8254-BB3CD8252FF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "A3BBC8B6-1D2B-47C9-93EE-3D3DC43062F1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "02600CDD-6862-4146-88E8-A2E73B7ED534"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "2DB353A1-BE96-4FB5-9F4D-0119DC51F24E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "35F40D59-034B-44FB-8DCD-D469B50DE7E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "CC84021B-9846-40FB-834B-7C5BECEFFEAC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "06092D16-EBD5-489C-81D2-F6E0F922AE7D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "BC3F8572-578B-4D19-9453-1D03DA55EF70"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "EEABF42E-578E-4689-B80D-B305467AA72D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "E070DA79-8F09-4877-BFBA-3F23564DD8C8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "9137C66C-4966-4C90-ABE9-7E22F7E29BA7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "E261C9D8-1E74-44B8-9F11-F5769CF8B7FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "D80C2C7A-6F48-48B8-ACAD-720FC797F836"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "18CD523B-530E-4187-8BFF-729CDAC69282"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "4C28D3CD-DD34-4334-B03F-794B31A4BF48"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "EE03013A-AAB3-4426-BB22-E1487D3B3F6C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "5A81C86D-F1FE-4166-8F37-D7170E6B30FE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "A3D80783-523A-455E-B1AD-0961086F79E6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "D5EF09DB-023A-40CB-9C94-020172383EEC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-oct-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "89BE2958-0BEE-4CFD-A0BA-494DE62E7F32"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-oct-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "5C5B44E9-BA5B-4CFB-8452-B52B6CC833F5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-oct-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "57CE2207-ADF3-42F9-83D7-E7C530BDAACF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-sep-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "B0329C50-B904-480D-8EBB-F2757049FC81"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-sep-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "E1553CEA-FCF4-4A9C-85FE-F7DB7A500443"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr_sep-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "EE6DDF76-7C22-4AE7-A84E-431807413952"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:-:*:*:*:*:*:*",
"matchCriteriaId": "A123EDB1-3048-44B0-8D4D-39A2B24B5F6B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-apr-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "BDE4D65E-8F9B-4810-AED6-95564A97D741"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-apr-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "70825981-F895-4BFD-9B6E-92BFF0D67023"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-apr-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "A5E68B7B-BA08-4E8C-B60A-B3836C6986BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-aug-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "0AF1EDA0-2712-4C3C-8D8A-89E154BB63DF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-aug-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "88DC0A82-CAF3-4E88-8A4D-8AF79D0C226D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-aug-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "6239D93F-CA0E-4120-96A1-FB63276EAEE8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-dec-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "CD382E2D-0B51-4908-989A-88E083FC85BF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-dec-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "299284DA-85AB-4162-B858-E67E5C6C14F7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-dec-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "38B7AB56-AB65-4557-A91C-40CA2FD12351"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-feb-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "61D507C0-086B-4139-A560-126964DFA579"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-feb-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "D98F307E-3B01-4C17-86E5-1C6299919417"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-feb-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "952CA843-7CF0-4424-BDA4-3F2A93E077B6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jan-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "57B125ED-D939-4CBC-9E96-BBCF02402A69"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jan-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "7D7DA96D-9C25-4DDA-A6BF-D998AC346B89"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jan-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "07AC19C6-D245-4C3A-90CC-A931A901EA0A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jul-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "DF85AA7B-E1C7-4946-92B4-E4D545CAACDF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jul-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "34114DDC-DCDA-4306-8D23-2E628873171F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jul-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "B6871BC1-19F4-4F0C-88D8-4000590D8D5A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jun-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "9FA72654-2389-4709-BC70-59EC4349A826"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jun-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "85E4E8C1-749F-4A1C-8333-6BAFBF8B64D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jun-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "E346DCBD-7DEB-464F-B917-8624BE87D646"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-mar-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "79C89A24-B07F-43D2-AE83-8F4F03D6C114"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-mar-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "5F73D594-178F-4FC8-9F40-0E545E2647B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-mar-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "5697984D-08BA-412F-9BDF-26B658B0ADBC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-may-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "E4187BA1-226E-4976-A642-2F6DAE85538E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-may-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "3F3EF3F1-4E54-46E3-A308-69656A29FBD2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-may-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "73F22C26-52FC-42A7-B263-0CC7770A8C6A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-nov-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "BFB2B338-5E04-4136-939F-749A3B163656"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-nov-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "D2B24866-2B3A-4A1A-8B75-EF7A7541797A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-nov-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "3D30C02C-91FB-4D29-AF49-7903158E8FEB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-oct-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "EBB29F18-A929-432B-B20C-365401E6CA12"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-oct-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "2B6D9064-844B-4D3F-AAE4-D170DF45EF8D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-oct-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "C908A5B3-C47B-4DA1-A62F-F8FD77FF960D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-sep-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "4C17A088-2CA1-4818-940F-2FEFA881D598"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-sep-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "C581B7EE-CD08-4D6E-8858-EA8FA631F84C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-sep-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "1DD187E2-2655-407D-87F9-135A9D45F783"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:-:*:*:*:*:*:*",
"matchCriteriaId": "3093F6FE-C562-4F62-97B7-CA0D2DDF9BBE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-apr-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "9CBFF102-91A9-4BCC-BB43-912896BFCCEA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-apr-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "DAB2A0D7-8F4F-4128-AE09-D2658D793BF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-apr-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "6A89AE5B-4D1A-4ADA-B572-38B1FC4ED54C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-aug-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "401980A7-E64A-4773-83EB-C93B50AE0F73"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-aug-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "CC6E2FC7-2BAF-4C7B-9E0F-D9F844041A35"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-aug-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "6E12AB0B-728A-4478-B237-78CBAA2A44C5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-dec-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "0501033A-0D51-41E8-91A9-E72B6EE3F78D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-dec-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "2A901EFE-90BA-474C-88D2-8A3E7D99C0E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-dec-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "DF7B3213-520A-49F0-A183-C73A37A56854"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-feb-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "30F706F3-34F6-4D43-AE5E-C202C700A333"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-feb-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "FD8B9CD3-063E-481E-BE7C-1628ADA71849"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-feb-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "12C17130-A0C0-49E1-8525-9D65F0275270"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jan-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "4FAA7790-A323-4ECA-834E-F19E59C571F5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jan-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "9CE09EF7-B024-4D79-9400-C8223CDFBB86"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jan-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "C339A665-413D-443F-AD04-F71C161235D0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jul-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "213AC4D5-3B95-4120-B72D-A9327BADE2BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jul-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "3DD61EDA-98ED-4309-B54F-0CF8B7D07DC7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jul-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "F7DCB465-A0F7-496E-BE45-0B5FA1508D93"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jun-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "6D65C03E-7BC3-491A-8621-A8C93FBA0A69"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jun-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "4ECB0B7A-590C-460C-878B-9A78CB37D259"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jun-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "D66CF415-6C4A-4AF3-B660-B2E9CF484B51"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-mar-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "31B5B670-ACDE-4A64-97C5-358D79C65080"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-mar-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "EAFE015F-8130-4F10-A553-420F0BB2A132"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-mar-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "141E541B-8FA5-4829-A413-4F1DC19E9AE1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-may-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "77CE3494-F7C0-497B-8491-107D31C9A91F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-may-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "ACEA385E-3931-4438-A2A9-0357651F9B48"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-may-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "A57CB118-46CC-4CE8-ACC3-A806CD2C25A9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-nov-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "84F3023F-E65C-4871-A65A-738EFF64D365"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-nov-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "6DD1F78D-EA98-4825-A0EA-703196DDE5E4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-nov-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "BDDB3FBE-99EC-4763-961B-2C436D864A1A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-oct-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "1B02110E-71FB-495F-86CA-F2A4E55C0E42"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-oct-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "931CC6D7-A42D-4482-B901-B539DFF89C3E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-oct-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "F7EB9C6E-CF84-4E4D-94D8-39233F8EC4DD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-sep-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "852A1BEC-438F-4D1E-B361-87BD57D50157"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-sep-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "84ED2366-D4BA-4094-94AC-AD6E7AEBB6FF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-sep-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "ABFE99DC-4495-4D4F-80D4-C29A1D22A9C5"
}
]
}
]
}
],
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=11",
"source": "mobile.security@samsung.com"
"source": "mobile.security@samsung.com",
"tags": [
"Vendor Advisory"
]
}
]
}

608
CVE-2024/CVE-2024-346xx/CVE-2024-34678.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-34678",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2024-11-06T03:15:04.153",
"lastModified": "2024-11-06T18:17:17.287",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-11-12T15:30:20.817",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
@ -39,10 +59,592 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:-:*:*:*:*:*:*",
"matchCriteriaId": "D757450C-270E-4FB2-A50C-7F769FED558A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "EC4A2EBA-038B-44D5-84F3-FF326CD1C62D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "40EB3FC1-D79A-40C7-9E2B-573E20780982"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "F1525232-54F0-467F-9575-2445F73F43B5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "0ABFBBDB-E935-4C54-865A-0E607497DA87"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "7B738B6B-78CE-4618-B70D-6BC9ED453105"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "2E61388E-2542-4198-8BC6-ABB20930F01A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "3899E3E7-1284-4223-A258-DA691F5D62FE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "ECD961EA-6881-4A14-83DE-C6972F6F681C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "18940389-1FBD-48B2-BCF0-1D709C2C3045"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "011CC4F5-6701-41E9-BC7D-CFE6EFF682AC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "13E145E2-CE11-4EE5-9085-B4960FE4F52F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "B3556856-6F56-465C-8254-BB3CD8252FF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "A3BBC8B6-1D2B-47C9-93EE-3D3DC43062F1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "02600CDD-6862-4146-88E8-A2E73B7ED534"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "2DB353A1-BE96-4FB5-9F4D-0119DC51F24E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "35F40D59-034B-44FB-8DCD-D469B50DE7E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "CC84021B-9846-40FB-834B-7C5BECEFFEAC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "06092D16-EBD5-489C-81D2-F6E0F922AE7D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "BC3F8572-578B-4D19-9453-1D03DA55EF70"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "EEABF42E-578E-4689-B80D-B305467AA72D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "E070DA79-8F09-4877-BFBA-3F23564DD8C8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "9137C66C-4966-4C90-ABE9-7E22F7E29BA7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "E261C9D8-1E74-44B8-9F11-F5769CF8B7FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "D80C2C7A-6F48-48B8-ACAD-720FC797F836"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "18CD523B-530E-4187-8BFF-729CDAC69282"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "4C28D3CD-DD34-4334-B03F-794B31A4BF48"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "EE03013A-AAB3-4426-BB22-E1487D3B3F6C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "5A81C86D-F1FE-4166-8F37-D7170E6B30FE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "A3D80783-523A-455E-B1AD-0961086F79E6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "D5EF09DB-023A-40CB-9C94-020172383EEC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-oct-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "89BE2958-0BEE-4CFD-A0BA-494DE62E7F32"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-oct-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "5C5B44E9-BA5B-4CFB-8452-B52B6CC833F5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-oct-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "57CE2207-ADF3-42F9-83D7-E7C530BDAACF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-sep-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "B0329C50-B904-480D-8EBB-F2757049FC81"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-sep-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "E1553CEA-FCF4-4A9C-85FE-F7DB7A500443"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr_sep-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "EE6DDF76-7C22-4AE7-A84E-431807413952"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:-:*:*:*:*:*:*",
"matchCriteriaId": "A123EDB1-3048-44B0-8D4D-39A2B24B5F6B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-apr-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "BDE4D65E-8F9B-4810-AED6-95564A97D741"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-apr-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "70825981-F895-4BFD-9B6E-92BFF0D67023"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-apr-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "A5E68B7B-BA08-4E8C-B60A-B3836C6986BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-aug-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "0AF1EDA0-2712-4C3C-8D8A-89E154BB63DF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-aug-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "88DC0A82-CAF3-4E88-8A4D-8AF79D0C226D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-aug-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "6239D93F-CA0E-4120-96A1-FB63276EAEE8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-dec-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "CD382E2D-0B51-4908-989A-88E083FC85BF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-dec-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "299284DA-85AB-4162-B858-E67E5C6C14F7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-dec-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "38B7AB56-AB65-4557-A91C-40CA2FD12351"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-feb-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "61D507C0-086B-4139-A560-126964DFA579"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-feb-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "D98F307E-3B01-4C17-86E5-1C6299919417"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-feb-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "952CA843-7CF0-4424-BDA4-3F2A93E077B6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jan-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "57B125ED-D939-4CBC-9E96-BBCF02402A69"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jan-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "7D7DA96D-9C25-4DDA-A6BF-D998AC346B89"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jan-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "07AC19C6-D245-4C3A-90CC-A931A901EA0A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jul-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "DF85AA7B-E1C7-4946-92B4-E4D545CAACDF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jul-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "34114DDC-DCDA-4306-8D23-2E628873171F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jul-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "B6871BC1-19F4-4F0C-88D8-4000590D8D5A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jun-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "9FA72654-2389-4709-BC70-59EC4349A826"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jun-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "85E4E8C1-749F-4A1C-8333-6BAFBF8B64D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jun-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "E346DCBD-7DEB-464F-B917-8624BE87D646"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-mar-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "79C89A24-B07F-43D2-AE83-8F4F03D6C114"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-mar-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "5F73D594-178F-4FC8-9F40-0E545E2647B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-mar-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "5697984D-08BA-412F-9BDF-26B658B0ADBC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-may-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "E4187BA1-226E-4976-A642-2F6DAE85538E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-may-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "3F3EF3F1-4E54-46E3-A308-69656A29FBD2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-may-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "73F22C26-52FC-42A7-B263-0CC7770A8C6A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-nov-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "BFB2B338-5E04-4136-939F-749A3B163656"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-nov-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "D2B24866-2B3A-4A1A-8B75-EF7A7541797A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-nov-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "3D30C02C-91FB-4D29-AF49-7903158E8FEB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-oct-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "EBB29F18-A929-432B-B20C-365401E6CA12"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-oct-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "2B6D9064-844B-4D3F-AAE4-D170DF45EF8D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-oct-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "C908A5B3-C47B-4DA1-A62F-F8FD77FF960D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-sep-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "4C17A088-2CA1-4818-940F-2FEFA881D598"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-sep-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "C581B7EE-CD08-4D6E-8858-EA8FA631F84C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-sep-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "1DD187E2-2655-407D-87F9-135A9D45F783"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:-:*:*:*:*:*:*",
"matchCriteriaId": "3093F6FE-C562-4F62-97B7-CA0D2DDF9BBE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-apr-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "9CBFF102-91A9-4BCC-BB43-912896BFCCEA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-apr-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "DAB2A0D7-8F4F-4128-AE09-D2658D793BF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-apr-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "6A89AE5B-4D1A-4ADA-B572-38B1FC4ED54C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-aug-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "401980A7-E64A-4773-83EB-C93B50AE0F73"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-aug-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "CC6E2FC7-2BAF-4C7B-9E0F-D9F844041A35"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-aug-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "6E12AB0B-728A-4478-B237-78CBAA2A44C5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-dec-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "0501033A-0D51-41E8-91A9-E72B6EE3F78D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-dec-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "2A901EFE-90BA-474C-88D2-8A3E7D99C0E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-dec-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "DF7B3213-520A-49F0-A183-C73A37A56854"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-feb-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "30F706F3-34F6-4D43-AE5E-C202C700A333"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-feb-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "FD8B9CD3-063E-481E-BE7C-1628ADA71849"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-feb-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "12C17130-A0C0-49E1-8525-9D65F0275270"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jan-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "4FAA7790-A323-4ECA-834E-F19E59C571F5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jan-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "9CE09EF7-B024-4D79-9400-C8223CDFBB86"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jan-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "C339A665-413D-443F-AD04-F71C161235D0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jul-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "213AC4D5-3B95-4120-B72D-A9327BADE2BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jul-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "3DD61EDA-98ED-4309-B54F-0CF8B7D07DC7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jul-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "F7DCB465-A0F7-496E-BE45-0B5FA1508D93"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jun-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "6D65C03E-7BC3-491A-8621-A8C93FBA0A69"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jun-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "4ECB0B7A-590C-460C-878B-9A78CB37D259"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jun-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "D66CF415-6C4A-4AF3-B660-B2E9CF484B51"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-mar-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "31B5B670-ACDE-4A64-97C5-358D79C65080"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-mar-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "EAFE015F-8130-4F10-A553-420F0BB2A132"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-mar-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "141E541B-8FA5-4829-A413-4F1DC19E9AE1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-may-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "77CE3494-F7C0-497B-8491-107D31C9A91F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-may-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "ACEA385E-3931-4438-A2A9-0357651F9B48"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-may-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "A57CB118-46CC-4CE8-ACC3-A806CD2C25A9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-nov-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "84F3023F-E65C-4871-A65A-738EFF64D365"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-nov-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "6DD1F78D-EA98-4825-A0EA-703196DDE5E4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-nov-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "BDDB3FBE-99EC-4763-961B-2C436D864A1A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-oct-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "1B02110E-71FB-495F-86CA-F2A4E55C0E42"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-oct-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "931CC6D7-A42D-4482-B901-B539DFF89C3E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-oct-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "F7EB9C6E-CF84-4E4D-94D8-39233F8EC4DD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-sep-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "852A1BEC-438F-4D1E-B361-87BD57D50157"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-sep-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "84ED2366-D4BA-4094-94AC-AD6E7AEBB6FF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-sep-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "ABFE99DC-4495-4D4F-80D4-C29A1D22A9C5"
}
]
}
]
}
],
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=11",
"source": "mobile.security@samsung.com"
"source": "mobile.security@samsung.com",
"tags": [
"Vendor Advisory"
]
}
]
}

238
CVE-2024/CVE-2024-346xx/CVE-2024-34679.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-34679",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2024-11-06T03:15:04.317",
"lastModified": "2024-11-06T18:17:17.287",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-11-12T16:09:28.760",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
},
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
@ -39,10 +59,222 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:-:*:*:*:*:*:*",
"matchCriteriaId": "3093F6FE-C562-4F62-97B7-CA0D2DDF9BBE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-apr-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "9CBFF102-91A9-4BCC-BB43-912896BFCCEA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-apr-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "DAB2A0D7-8F4F-4128-AE09-D2658D793BF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-apr-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "6A89AE5B-4D1A-4ADA-B572-38B1FC4ED54C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-aug-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "401980A7-E64A-4773-83EB-C93B50AE0F73"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-aug-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "CC6E2FC7-2BAF-4C7B-9E0F-D9F844041A35"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-aug-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "6E12AB0B-728A-4478-B237-78CBAA2A44C5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-dec-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "0501033A-0D51-41E8-91A9-E72B6EE3F78D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-dec-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "2A901EFE-90BA-474C-88D2-8A3E7D99C0E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-dec-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "DF7B3213-520A-49F0-A183-C73A37A56854"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-feb-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "30F706F3-34F6-4D43-AE5E-C202C700A333"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-feb-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "FD8B9CD3-063E-481E-BE7C-1628ADA71849"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-feb-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "12C17130-A0C0-49E1-8525-9D65F0275270"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jan-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "4FAA7790-A323-4ECA-834E-F19E59C571F5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jan-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "9CE09EF7-B024-4D79-9400-C8223CDFBB86"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jan-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "C339A665-413D-443F-AD04-F71C161235D0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jul-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "213AC4D5-3B95-4120-B72D-A9327BADE2BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jul-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "3DD61EDA-98ED-4309-B54F-0CF8B7D07DC7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jul-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "F7DCB465-A0F7-496E-BE45-0B5FA1508D93"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jun-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "6D65C03E-7BC3-491A-8621-A8C93FBA0A69"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jun-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "4ECB0B7A-590C-460C-878B-9A78CB37D259"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jun-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "D66CF415-6C4A-4AF3-B660-B2E9CF484B51"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-mar-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "31B5B670-ACDE-4A64-97C5-358D79C65080"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-mar-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "EAFE015F-8130-4F10-A553-420F0BB2A132"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-mar-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "141E541B-8FA5-4829-A413-4F1DC19E9AE1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-may-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "77CE3494-F7C0-497B-8491-107D31C9A91F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-may-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "ACEA385E-3931-4438-A2A9-0357651F9B48"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-may-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "A57CB118-46CC-4CE8-ACC3-A806CD2C25A9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-nov-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "84F3023F-E65C-4871-A65A-738EFF64D365"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-nov-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "6DD1F78D-EA98-4825-A0EA-703196DDE5E4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-nov-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "BDDB3FBE-99EC-4763-961B-2C436D864A1A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-oct-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "1B02110E-71FB-495F-86CA-F2A4E55C0E42"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-oct-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "931CC6D7-A42D-4482-B901-B539DFF89C3E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-oct-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "F7EB9C6E-CF84-4E4D-94D8-39233F8EC4DD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-sep-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "852A1BEC-438F-4D1E-B361-87BD57D50157"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-sep-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "84ED2366-D4BA-4094-94AC-AD6E7AEBB6FF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-sep-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "ABFE99DC-4495-4D4F-80D4-C29A1D22A9C5"
}
]
}
]
}
],
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=11",
"source": "mobile.security@samsung.com"
"source": "mobile.security@samsung.com",
"tags": [
"Vendor Advisory"
]
}
]
}

608
CVE-2024/CVE-2024-346xx/CVE-2024-34680.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-34680",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2024-11-06T03:15:04.477",
"lastModified": "2024-11-06T18:17:17.287",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-11-12T16:04:08.997",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
@ -39,10 +59,592 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:-:*:*:*:*:*:*",
"matchCriteriaId": "D757450C-270E-4FB2-A50C-7F769FED558A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "EC4A2EBA-038B-44D5-84F3-FF326CD1C62D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "40EB3FC1-D79A-40C7-9E2B-573E20780982"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "F1525232-54F0-467F-9575-2445F73F43B5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "0ABFBBDB-E935-4C54-865A-0E607497DA87"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "7B738B6B-78CE-4618-B70D-6BC9ED453105"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "2E61388E-2542-4198-8BC6-ABB20930F01A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "3899E3E7-1284-4223-A258-DA691F5D62FE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "ECD961EA-6881-4A14-83DE-C6972F6F681C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "18940389-1FBD-48B2-BCF0-1D709C2C3045"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "011CC4F5-6701-41E9-BC7D-CFE6EFF682AC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "13E145E2-CE11-4EE5-9085-B4960FE4F52F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "B3556856-6F56-465C-8254-BB3CD8252FF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "A3BBC8B6-1D2B-47C9-93EE-3D3DC43062F1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "02600CDD-6862-4146-88E8-A2E73B7ED534"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "2DB353A1-BE96-4FB5-9F4D-0119DC51F24E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "35F40D59-034B-44FB-8DCD-D469B50DE7E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "CC84021B-9846-40FB-834B-7C5BECEFFEAC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "06092D16-EBD5-489C-81D2-F6E0F922AE7D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "BC3F8572-578B-4D19-9453-1D03DA55EF70"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "EEABF42E-578E-4689-B80D-B305467AA72D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "E070DA79-8F09-4877-BFBA-3F23564DD8C8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "9137C66C-4966-4C90-ABE9-7E22F7E29BA7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "E261C9D8-1E74-44B8-9F11-F5769CF8B7FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "D80C2C7A-6F48-48B8-ACAD-720FC797F836"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "18CD523B-530E-4187-8BFF-729CDAC69282"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "4C28D3CD-DD34-4334-B03F-794B31A4BF48"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "EE03013A-AAB3-4426-BB22-E1487D3B3F6C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "5A81C86D-F1FE-4166-8F37-D7170E6B30FE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "A3D80783-523A-455E-B1AD-0961086F79E6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "D5EF09DB-023A-40CB-9C94-020172383EEC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-oct-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "89BE2958-0BEE-4CFD-A0BA-494DE62E7F32"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-oct-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "5C5B44E9-BA5B-4CFB-8452-B52B6CC833F5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-oct-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "57CE2207-ADF3-42F9-83D7-E7C530BDAACF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-sep-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "B0329C50-B904-480D-8EBB-F2757049FC81"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-sep-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "E1553CEA-FCF4-4A9C-85FE-F7DB7A500443"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr_sep-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "EE6DDF76-7C22-4AE7-A84E-431807413952"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:-:*:*:*:*:*:*",
"matchCriteriaId": "A123EDB1-3048-44B0-8D4D-39A2B24B5F6B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-apr-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "BDE4D65E-8F9B-4810-AED6-95564A97D741"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-apr-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "70825981-F895-4BFD-9B6E-92BFF0D67023"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-apr-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "A5E68B7B-BA08-4E8C-B60A-B3836C6986BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-aug-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "0AF1EDA0-2712-4C3C-8D8A-89E154BB63DF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-aug-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "88DC0A82-CAF3-4E88-8A4D-8AF79D0C226D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-aug-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "6239D93F-CA0E-4120-96A1-FB63276EAEE8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-dec-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "CD382E2D-0B51-4908-989A-88E083FC85BF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-dec-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "299284DA-85AB-4162-B858-E67E5C6C14F7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-dec-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "38B7AB56-AB65-4557-A91C-40CA2FD12351"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-feb-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "61D507C0-086B-4139-A560-126964DFA579"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-feb-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "D98F307E-3B01-4C17-86E5-1C6299919417"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-feb-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "952CA843-7CF0-4424-BDA4-3F2A93E077B6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jan-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "57B125ED-D939-4CBC-9E96-BBCF02402A69"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jan-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "7D7DA96D-9C25-4DDA-A6BF-D998AC346B89"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jan-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "07AC19C6-D245-4C3A-90CC-A931A901EA0A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jul-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "DF85AA7B-E1C7-4946-92B4-E4D545CAACDF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jul-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "34114DDC-DCDA-4306-8D23-2E628873171F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jul-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "B6871BC1-19F4-4F0C-88D8-4000590D8D5A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jun-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "9FA72654-2389-4709-BC70-59EC4349A826"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jun-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "85E4E8C1-749F-4A1C-8333-6BAFBF8B64D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jun-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "E346DCBD-7DEB-464F-B917-8624BE87D646"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-mar-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "79C89A24-B07F-43D2-AE83-8F4F03D6C114"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-mar-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "5F73D594-178F-4FC8-9F40-0E545E2647B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-mar-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "5697984D-08BA-412F-9BDF-26B658B0ADBC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-may-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "E4187BA1-226E-4976-A642-2F6DAE85538E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-may-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "3F3EF3F1-4E54-46E3-A308-69656A29FBD2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-may-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "73F22C26-52FC-42A7-B263-0CC7770A8C6A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-nov-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "BFB2B338-5E04-4136-939F-749A3B163656"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-nov-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "D2B24866-2B3A-4A1A-8B75-EF7A7541797A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-nov-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "3D30C02C-91FB-4D29-AF49-7903158E8FEB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-oct-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "EBB29F18-A929-432B-B20C-365401E6CA12"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-oct-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "2B6D9064-844B-4D3F-AAE4-D170DF45EF8D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-oct-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "C908A5B3-C47B-4DA1-A62F-F8FD77FF960D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-sep-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "4C17A088-2CA1-4818-940F-2FEFA881D598"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-sep-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "C581B7EE-CD08-4D6E-8858-EA8FA631F84C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-sep-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "1DD187E2-2655-407D-87F9-135A9D45F783"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:-:*:*:*:*:*:*",
"matchCriteriaId": "3093F6FE-C562-4F62-97B7-CA0D2DDF9BBE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-apr-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "9CBFF102-91A9-4BCC-BB43-912896BFCCEA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-apr-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "DAB2A0D7-8F4F-4128-AE09-D2658D793BF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-apr-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "6A89AE5B-4D1A-4ADA-B572-38B1FC4ED54C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-aug-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "401980A7-E64A-4773-83EB-C93B50AE0F73"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-aug-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "CC6E2FC7-2BAF-4C7B-9E0F-D9F844041A35"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-aug-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "6E12AB0B-728A-4478-B237-78CBAA2A44C5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-dec-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "0501033A-0D51-41E8-91A9-E72B6EE3F78D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-dec-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "2A901EFE-90BA-474C-88D2-8A3E7D99C0E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-dec-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "DF7B3213-520A-49F0-A183-C73A37A56854"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-feb-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "30F706F3-34F6-4D43-AE5E-C202C700A333"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-feb-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "FD8B9CD3-063E-481E-BE7C-1628ADA71849"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-feb-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "12C17130-A0C0-49E1-8525-9D65F0275270"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jan-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "4FAA7790-A323-4ECA-834E-F19E59C571F5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jan-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "9CE09EF7-B024-4D79-9400-C8223CDFBB86"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jan-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "C339A665-413D-443F-AD04-F71C161235D0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jul-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "213AC4D5-3B95-4120-B72D-A9327BADE2BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jul-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "3DD61EDA-98ED-4309-B54F-0CF8B7D07DC7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jul-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "F7DCB465-A0F7-496E-BE45-0B5FA1508D93"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jun-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "6D65C03E-7BC3-491A-8621-A8C93FBA0A69"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jun-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "4ECB0B7A-590C-460C-878B-9A78CB37D259"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jun-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "D66CF415-6C4A-4AF3-B660-B2E9CF484B51"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-mar-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "31B5B670-ACDE-4A64-97C5-358D79C65080"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-mar-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "EAFE015F-8130-4F10-A553-420F0BB2A132"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-mar-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "141E541B-8FA5-4829-A413-4F1DC19E9AE1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-may-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "77CE3494-F7C0-497B-8491-107D31C9A91F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-may-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "ACEA385E-3931-4438-A2A9-0357651F9B48"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-may-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "A57CB118-46CC-4CE8-ACC3-A806CD2C25A9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-nov-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "84F3023F-E65C-4871-A65A-738EFF64D365"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-nov-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "6DD1F78D-EA98-4825-A0EA-703196DDE5E4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-nov-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "BDDB3FBE-99EC-4763-961B-2C436D864A1A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-oct-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "1B02110E-71FB-495F-86CA-F2A4E55C0E42"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-oct-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "931CC6D7-A42D-4482-B901-B539DFF89C3E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-oct-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "F7EB9C6E-CF84-4E4D-94D8-39233F8EC4DD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-sep-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "852A1BEC-438F-4D1E-B361-87BD57D50157"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-sep-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "84ED2366-D4BA-4094-94AC-AD6E7AEBB6FF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-sep-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "ABFE99DC-4495-4D4F-80D4-C29A1D22A9C5"
}
]
}
]
}
],
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=11",
"source": "mobile.security@samsung.com"
"source": "mobile.security@samsung.com",
"tags": [
"Vendor Advisory"
]
}
]
}

39
CVE-2024/CVE-2024-354xx/CVE-2024-35419.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-35419",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-08T22:15:15.913",
"lastModified": "2024-11-12T13:56:54.483",
"lastModified": "2024-11-12T16:35:09.570",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Se descubri\u00f3 que el commit 385e1 de wac conten\u00eda un desbordamiento de pila a trav\u00e9s de la funci\u00f3n load_module en /wac-asan/wa.c. Esta vulnerabilidad permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) a trav\u00e9s de un archivo wasm manipulado a medida."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"references": [
{
"url": "https://gist.github.com/haruki3hhh/8b9e1922083abef33a9024017eb2b9fe",

39
CVE-2024/CVE-2024-354xx/CVE-2024-35421.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-35421",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-08T22:15:16.090",
"lastModified": "2024-11-12T13:56:54.483",
"lastModified": "2024-11-12T16:35:10.447",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Se descubri\u00f3 que vmir e8117 conten\u00eda una violaci\u00f3n de segmentaci\u00f3n a trav\u00e9s de la funci\u00f3n wasm_parse_block en /src/vmir_wasm_parser.c."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-754"
}
]
}
],
"references": [
{
"url": "https://gist.github.com/haruki3hhh/318c4e35531f9e3b01df51016ac5c12b",

14
CVE-2024/CVE-2024-354xx/CVE-2024-35422.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-35422",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-08T22:15:16.180",
"lastModified": "2024-11-12T13:56:54.483",
"lastModified": "2024-11-12T16:35:14.203",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -16,6 +16,18 @@
}
],
"metrics": {},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"references": [
{
"url": "https://gist.github.com/haruki3hhh/21f9ad538db2a98e651cfe34ba4176f3",

39
CVE-2024/CVE-2024-354xx/CVE-2024-35423.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-35423",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-08T22:15:16.257",
"lastModified": "2024-11-12T13:56:54.483",
"lastModified": "2024-11-12T16:35:15.027",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Se descubri\u00f3 que vmir e8117 conten\u00eda un desbordamiento de b\u00fafer de mont\u00f3n a trav\u00e9s de la funci\u00f3n wasm_parse_section_functions en /src/vmir_wasm_parser.c."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://gist.github.com/haruki3hhh/32fd20583f2008e6b68caaaaf4ecf237",

39
CVE-2024/CVE-2024-354xx/CVE-2024-35424.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-35424",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-08T22:15:16.343",
"lastModified": "2024-11-12T13:56:54.483",
"lastModified": "2024-11-12T16:35:15.950",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Se descubri\u00f3 que vmir e8117 conten\u00eda una violaci\u00f3n de segmentaci\u00f3n a trav\u00e9s de la funci\u00f3n import_function en /src/vmir_wasm_parser.c."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-754"
}
]
}
],
"references": [
{
"url": "https://gist.github.com/haruki3hhh/58fa3df36ca7d0c972c7481cf80ffd80",

14
CVE-2024/CVE-2024-354xx/CVE-2024-35425.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-35425",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-08T22:15:16.430",
"lastModified": "2024-11-12T13:56:54.483",
"lastModified": "2024-11-12T16:35:16.757",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -16,6 +16,18 @@
}
],
"metrics": {},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-754"
}
]
}
],
"references": [
{
"url": "https://gist.github.com/haruki3hhh/c64ff6431c71be1b08e15d4ff480ce6b",

27
CVE-2024/CVE-2024-354xx/CVE-2024-35426.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-35426",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-08T23:15:03.580",
"lastModified": "2024-11-12T13:56:54.483",
"lastModified": "2024-11-12T15:35:05.420",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "Se descubri\u00f3 que vmir e8117 contiene un desbordamiento de pila a trav\u00e9s de la funci\u00f3n init_local_vars en /src/vmir_wasm_parser.c."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://gist.github.com/haruki3hhh/9d2a5a139a8b72517009953d0ba7338c",

39
CVE-2024/CVE-2024-354xx/CVE-2024-35427.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-35427",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-08T23:15:03.680",
"lastModified": "2024-11-12T13:56:54.483",
"lastModified": "2024-11-12T15:35:05.710",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Se descubri\u00f3 que vmir e8117 conten\u00eda una violaci\u00f3n de segmentaci\u00f3n a trav\u00e9s de la funci\u00f3n export_function en /src/vmir_wasm_parser.c."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-754"
}
]
}
],
"references": [
{
"url": "https://gist.github.com/haruki3hhh/1edba199c52039791bbcb33a5196c1c3",

100
CVE-2024/CVE-2024-373xx/CVE-2024-37365.json Normal file
View File

@ -0,0 +1,100 @@
{
"id": "CVE-2024-37365",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2024-11-12T15:15:08.923",
"lastModified": "2024-11-12T15:48:59.103",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the affected\nproduct. The vulnerability allows users to save projects within the public\ndirectory allowing anyone with local access to modify and/or delete files. Additionally,\na malicious user could potentially leverage this vulnerability to escalate\ntheir privileges by changing the macro to execute arbitrary code."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "PASSIVE",
"vulnerableSystemConfidentiality": "HIGH",
"vulnerableSystemIntegrity": "HIGH",
"vulnerableSystemAvailability": "HIGH",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 7.0,
"baseSeverity": "HIGH"
}
}
],
"cvssMetricV31": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1709.html",
"source": "PSIRT@rockwellautomation.com"
}
]
}

14
CVE-2024/CVE-2024-37xx/CVE-2024-3727.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-3727",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-05-14T15:42:07.060",
"lastModified": "2024-10-31T05:15:05.160",
"lastModified": "2024-11-12T15:15:09.300",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -128,6 +128,18 @@
"url": "https://access.redhat.com/errata/RHSA-2024:8425",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:9097",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:9098",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:9102",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2024-3727",
"source": "secalert@redhat.com"

33
CVE-2024/CVE-2024-392xx/CVE-2024-39281.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-39281",
"sourceIdentifier": "secteam@freebsd.org",
"published": "2024-11-12T15:15:09.203",
"lastModified": "2024-11-12T15:48:59.103",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The command ctl_persistent_reserve_out allows the caller to specify an arbitrary size which will be passed to the kernel's memory allocator."
}
],
"metrics": {},
"weaknesses": [
{
"source": "secteam@freebsd.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://security.freebsd.org/advisories/FreeBSD-SA-24:18.ctl.asc",
"source": "secteam@freebsd.org"
}
]
}

56
CVE-2024/CVE-2024-424xx/CVE-2024-42442.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-42442",
"sourceIdentifier": "biossecurity@ami.com",
"published": "2024-11-12T15:15:09.780",
"lastModified": "2024-11-12T15:48:59.103",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "APTIOV contains a vulnerability in the BIOS where a user or attacker may cause an improper restriction of operations within the bounds of a memory buffer over the network. A successful exploitation of this vulnerability may lead to code execution outside of the intended System Management Mode."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "biossecurity@ami.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "biossecurity@ami.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
],
"references": [
{
"url": "https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/2024/AMI-SA-2024004.pdf",
"source": "biossecurity@ami.com"
}
]
}

64
CVE-2024/CVE-2024-434xx/CVE-2024-43415.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-43415",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-11-12T16:15:21.800",
"lastModified": "2024-11-12T16:15:21.800",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper neutralization of special elements used in an SQL command in the papertrail/version- model of the decidim_awesome-module <= v0.11.1 (> 0.9.0) allows an authenticated admin user to manipulate sql queries to disclose information, read and write \ufb01les or execute commands."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW",
"baseScore": 9.0,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/decidim-ice/decidim-module-decidim_awesome/commit/84374037d34a3ac80dc18406834169c65869f11b",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/decidim-ice/decidim-module-decidim_awesome/security/advisories/GHSA-cxwf-qc32-375f",
"source": "security-advisories@github.com"
},
{
"url": "https://pentest.ait.ac.at/security-advisory/decidim-awesome-sql-injection-in-adminaccountability",
"source": "security-advisories@github.com"
}
]
}

14
CVE-2024/CVE-2024-434xx/CVE-2024-43427.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-43427",
"sourceIdentifier": "patrick@puiterwijk.org",
"published": "2024-11-11T13:15:03.530",
"lastModified": "2024-11-12T13:55:21.227",
"lastModified": "2024-11-12T15:35:06.950",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-922"
}
]
}
],
"references": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304255",

14
CVE-2024/CVE-2024-434xx/CVE-2024-43430.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-43430",
"sourceIdentifier": "patrick@puiterwijk.org",
"published": "2024-11-11T13:15:04.053",
"lastModified": "2024-11-12T13:55:21.227",
"lastModified": "2024-11-12T15:35:07.837",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
}
],
"references": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304258",

14
CVE-2024/CVE-2024-434xx/CVE-2024-43432.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-43432",
"sourceIdentifier": "patrick@puiterwijk.org",
"published": "2024-11-11T13:15:04.233",
"lastModified": "2024-11-12T13:55:21.227",
"lastModified": "2024-11-12T16:35:17.560",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-319"
}
]
}
],
"references": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304260",

14
CVE-2024/CVE-2024-434xx/CVE-2024-43433.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-43433",
"sourceIdentifier": "patrick@puiterwijk.org",
"published": "2024-11-11T13:15:04.410",
"lastModified": "2024-11-12T13:55:21.227",
"lastModified": "2024-11-12T15:35:08.567",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"references": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304261",

14
CVE-2024/CVE-2024-434xx/CVE-2024-43435.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-43435",
"sourceIdentifier": "patrick@puiterwijk.org",
"published": "2024-11-11T13:15:04.580",
"lastModified": "2024-11-12T13:55:21.227",
"lastModified": "2024-11-12T15:35:09.300",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-754"
}
]
}
],
"references": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304263",

14
CVE-2024/CVE-2024-434xx/CVE-2024-43439.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-43439",
"sourceIdentifier": "patrick@puiterwijk.org",
"published": "2024-11-11T16:15:14.770",
"lastModified": "2024-11-12T13:55:21.227",
"lastModified": "2024-11-12T15:35:10.043",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304268",

33
CVE-2024/CVE-2024-452xx/CVE-2024-45289.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-45289",
"sourceIdentifier": "secteam@freebsd.org",
"published": "2024-11-12T15:15:10.070",
"lastModified": "2024-11-12T15:48:59.103",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The fetch(3) library uses environment variables for passing certain information, including the revocation file pathname. The environment variable name used by fetch(1) to pass the filename to the library was incorrect, in effect ignoring the option.\n\nFetch would still connect to a host presenting a certificate included in the revocation file passed to the --crl option."
}
],
"metrics": {},
"weaknesses": [
{
"source": "secteam@freebsd.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-665"
}
]
}
],
"references": [
{
"url": "https://security.freebsd.org/advisories/FreeBSD-SA-24:18.ctl.asc",
"source": "secteam@freebsd.org"
}
]
}

14
CVE-2024/CVE-2024-468xx/CVE-2024-46891.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-46891",
"sourceIdentifier": "productcert@siemens.com",
"published": "2024-11-12T13:15:09.693",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-11-12T15:35:11.240",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -89,6 +89,16 @@
"value": "CWE-400"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [

14
CVE-2024/CVE-2024-468xx/CVE-2024-46894.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-46894",
"sourceIdentifier": "productcert@siemens.com",
"published": "2024-11-12T13:15:10.193",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-11-12T15:35:12.310",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -89,6 +89,16 @@
"value": "CWE-200"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
}
],
"references": [

39
CVE-2024/CVE-2024-469xx/CVE-2024-46962.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-46962",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-11T21:15:06.437",
"lastModified": "2024-11-12T13:55:21.227",
"lastModified": "2024-11-12T16:35:18.293",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "La aplicaci\u00f3n SYQ com.downloader.video.fast (tambi\u00e9n conocida como Master Video Downloader) hasta la versi\u00f3n 2.0 para Android permite a un atacante ejecutar c\u00f3digo JavaScript arbitrario a trav\u00e9s del componente com.downloader.video.fast.SpeedMainAct."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "https://github.com/actuator/com.downloader.video.fast/blob/main/CVE-2024-46962",

39
CVE-2024/CVE-2024-469xx/CVE-2024-46963.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-46963",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-11T21:15:06.493",
"lastModified": "2024-11-12T13:55:21.227",
"lastModified": "2024-11-12T16:35:19.117",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "La aplicaci\u00f3n com.superfast.video.downloader (tambi\u00e9n conocida como Super Unlimited Video Downloader - All in One) hasta la versi\u00f3n 5.1.9 para Android permite a un atacante ejecutar c\u00f3digo JavaScript arbitrario a trav\u00e9s del componente com.bluesky.browser.ui.BrowserMainActivity."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "https://github.com/actuator/com.superfast.video.downloader/blob/main/CVE-2024-46963",

39
CVE-2024/CVE-2024-469xx/CVE-2024-46964.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-46964",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-11T21:15:06.560",
"lastModified": "2024-11-12T13:55:21.227",
"lastModified": "2024-11-12T16:35:19.933",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "La aplicaci\u00f3n com.video.downloader.all (tambi\u00e9n conocida como All Video Downloader) hasta la versi\u00f3n 11.28 para Android permite a un atacante ejecutar c\u00f3digo JavaScript arbitrario a trav\u00e9s del componente com.video.downloader.all.StartActivity."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "https://github.com/actuator/com.video.downloader.all/blob/main/CVE-2024-46964",

39
CVE-2024/CVE-2024-469xx/CVE-2024-46966.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-46966",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-11T21:15:06.620",
"lastModified": "2024-11-12T13:55:21.227",
"lastModified": "2024-11-12T16:35:20.790",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "La aplicaci\u00f3n Ikhgur mn.ikhgur.khotoch (tambi\u00e9n conocida como Video Downloader Pro &amp; Browser) hasta la versi\u00f3n 1.0.42 para Android permite a un atacante ejecutar c\u00f3digo JavaScript arbitrario a trav\u00e9s del componente mn.ikhgur.khotoch.MainActivity."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "https://github.com/actuator/mn.ikhgur.khotoch/blob/main/CVE-2024-46966",

60
CVE-2024/CVE-2024-475xx/CVE-2024-47535.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-47535",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-11-12T16:15:22.237",
"lastModified": "2024-11-12T16:15:22.237",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. An unsafe reading of environment file could potentially cause a denial of service in Netty. When loaded on an Windows application, Netty attempts to load a file that does not exist. If an attacker creates such a large file, the Netty application crashes. This vulnerability is fixed in 4.1.115."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"references": [
{
"url": "https://github.com/netty/netty/commit/fbf7a704a82e7449b48bd0bbb679f5661c6d61a3",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/netty/netty/security/advisories/GHSA-xq3w-v528-46rv",
"source": "security-advisories@github.com"
}
]
}

14
CVE-2024/CVE-2024-475xx/CVE-2024-47593.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-47593",
"sourceIdentifier": "cna@sap.com",
"published": "2024-11-12T01:15:05.480",
"lastModified": "2024-11-12T13:55:21.227",
"lastModified": "2024-11-12T15:35:13.233",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
}
],
"references": [
{
"url": "https://me.sap.com/notes/3508947",

56
CVE-2024/CVE-2024-479xx/CVE-2024-47905.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-47905",
"sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"published": "2024-11-12T16:15:22.473",
"lastModified": "2024-11-12T16:15:22.473",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to cause a denial of service."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-121"
}
]
}
],
"references": [
{
"url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs",
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75"
}
]
}

60
CVE-2024/CVE-2024-479xx/CVE-2024-47906.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-47906",
"sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"published": "2024-11-12T16:15:22.670",
"lastModified": "2024-11-12T16:15:22.670",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Excessive binary privileges in Ivanti Connect Secure which affects versions 22.4R2 through 22.7R2.2 inclusive within the R2 release line and Ivanti Policy Secure before version 22.7R1.2 allow a local authenticated attacker to escalate privileges."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-267"
},
{
"lang": "en",
"value": "CWE-426"
}
]
}
],
"references": [
{
"url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs",
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75"
}
]
}

56
CVE-2024/CVE-2024-479xx/CVE-2024-47907.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-47907",
"sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"published": "2024-11-12T16:15:22.887",
"lastModified": "2024-11-12T16:15:22.887",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A stack-based buffer overflow in IPsec of Ivanti Connect Secure before version 22.7R2.3 allows a remote unauthenticated attacker to cause a denial of service."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-121"
}
]
}
],
"references": [
{
"url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs",
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75"
}
]
}

56
CVE-2024/CVE-2024-479xx/CVE-2024-47909.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-47909",
"sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"published": "2024-11-12T16:15:23.080",
"lastModified": "2024-11-12T16:15:23.080",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to cause a denial of service."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-121"
}
]
}
],
"references": [
{
"url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs",
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75"
}
]
}

423
CVE-2024/CVE-2024-494xx/CVE-2024-49401.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-49401",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2024-11-06T03:15:04.973",
"lastModified": "2024-11-06T18:17:17.287",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-11-12T16:10:18.870",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
},
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
@ -39,10 +59,407 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:-:*:*:*:*:*:*",
"matchCriteriaId": "A123EDB1-3048-44B0-8D4D-39A2B24B5F6B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-apr-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "BDE4D65E-8F9B-4810-AED6-95564A97D741"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-apr-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "70825981-F895-4BFD-9B6E-92BFF0D67023"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-apr-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "A5E68B7B-BA08-4E8C-B60A-B3836C6986BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-aug-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "0AF1EDA0-2712-4C3C-8D8A-89E154BB63DF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-aug-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "88DC0A82-CAF3-4E88-8A4D-8AF79D0C226D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-aug-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "6239D93F-CA0E-4120-96A1-FB63276EAEE8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-dec-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "CD382E2D-0B51-4908-989A-88E083FC85BF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-dec-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "299284DA-85AB-4162-B858-E67E5C6C14F7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-dec-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "38B7AB56-AB65-4557-A91C-40CA2FD12351"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-feb-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "61D507C0-086B-4139-A560-126964DFA579"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-feb-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "D98F307E-3B01-4C17-86E5-1C6299919417"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-feb-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "952CA843-7CF0-4424-BDA4-3F2A93E077B6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jan-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "57B125ED-D939-4CBC-9E96-BBCF02402A69"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jan-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "7D7DA96D-9C25-4DDA-A6BF-D998AC346B89"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jan-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "07AC19C6-D245-4C3A-90CC-A931A901EA0A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jul-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "DF85AA7B-E1C7-4946-92B4-E4D545CAACDF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jul-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "34114DDC-DCDA-4306-8D23-2E628873171F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jul-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "B6871BC1-19F4-4F0C-88D8-4000590D8D5A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jun-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "9FA72654-2389-4709-BC70-59EC4349A826"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jun-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "85E4E8C1-749F-4A1C-8333-6BAFBF8B64D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jun-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "E346DCBD-7DEB-464F-B917-8624BE87D646"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-mar-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "79C89A24-B07F-43D2-AE83-8F4F03D6C114"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-mar-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "5F73D594-178F-4FC8-9F40-0E545E2647B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-mar-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "5697984D-08BA-412F-9BDF-26B658B0ADBC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-may-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "E4187BA1-226E-4976-A642-2F6DAE85538E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-may-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "3F3EF3F1-4E54-46E3-A308-69656A29FBD2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-may-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "73F22C26-52FC-42A7-B263-0CC7770A8C6A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-nov-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "BFB2B338-5E04-4136-939F-749A3B163656"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-nov-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "D2B24866-2B3A-4A1A-8B75-EF7A7541797A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-nov-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "3D30C02C-91FB-4D29-AF49-7903158E8FEB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-oct-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "EBB29F18-A929-432B-B20C-365401E6CA12"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-oct-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "2B6D9064-844B-4D3F-AAE4-D170DF45EF8D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-oct-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "C908A5B3-C47B-4DA1-A62F-F8FD77FF960D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-sep-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "4C17A088-2CA1-4818-940F-2FEFA881D598"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-sep-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "C581B7EE-CD08-4D6E-8858-EA8FA631F84C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-sep-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "1DD187E2-2655-407D-87F9-135A9D45F783"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:-:*:*:*:*:*:*",
"matchCriteriaId": "3093F6FE-C562-4F62-97B7-CA0D2DDF9BBE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-apr-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "9CBFF102-91A9-4BCC-BB43-912896BFCCEA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-apr-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "DAB2A0D7-8F4F-4128-AE09-D2658D793BF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-apr-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "6A89AE5B-4D1A-4ADA-B572-38B1FC4ED54C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-aug-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "401980A7-E64A-4773-83EB-C93B50AE0F73"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-aug-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "CC6E2FC7-2BAF-4C7B-9E0F-D9F844041A35"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-aug-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "6E12AB0B-728A-4478-B237-78CBAA2A44C5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-dec-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "0501033A-0D51-41E8-91A9-E72B6EE3F78D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-dec-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "2A901EFE-90BA-474C-88D2-8A3E7D99C0E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-dec-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "DF7B3213-520A-49F0-A183-C73A37A56854"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-feb-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "30F706F3-34F6-4D43-AE5E-C202C700A333"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-feb-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "FD8B9CD3-063E-481E-BE7C-1628ADA71849"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-feb-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "12C17130-A0C0-49E1-8525-9D65F0275270"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jan-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "4FAA7790-A323-4ECA-834E-F19E59C571F5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jan-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "9CE09EF7-B024-4D79-9400-C8223CDFBB86"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jan-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "C339A665-413D-443F-AD04-F71C161235D0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jul-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "213AC4D5-3B95-4120-B72D-A9327BADE2BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jul-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "3DD61EDA-98ED-4309-B54F-0CF8B7D07DC7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jul-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "F7DCB465-A0F7-496E-BE45-0B5FA1508D93"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jun-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "6D65C03E-7BC3-491A-8621-A8C93FBA0A69"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jun-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "4ECB0B7A-590C-460C-878B-9A78CB37D259"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jun-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "D66CF415-6C4A-4AF3-B660-B2E9CF484B51"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-mar-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "31B5B670-ACDE-4A64-97C5-358D79C65080"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-mar-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "EAFE015F-8130-4F10-A553-420F0BB2A132"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-mar-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "141E541B-8FA5-4829-A413-4F1DC19E9AE1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-may-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "77CE3494-F7C0-497B-8491-107D31C9A91F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-may-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "ACEA385E-3931-4438-A2A9-0357651F9B48"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-may-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "A57CB118-46CC-4CE8-ACC3-A806CD2C25A9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-nov-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "84F3023F-E65C-4871-A65A-738EFF64D365"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-nov-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "6DD1F78D-EA98-4825-A0EA-703196DDE5E4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-nov-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "BDDB3FBE-99EC-4763-961B-2C436D864A1A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-oct-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "1B02110E-71FB-495F-86CA-F2A4E55C0E42"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-oct-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "931CC6D7-A42D-4482-B901-B539DFF89C3E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-oct-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "F7EB9C6E-CF84-4E4D-94D8-39233F8EC4DD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-sep-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "852A1BEC-438F-4D1E-B361-87BD57D50157"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-sep-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "84ED2366-D4BA-4094-94AC-AD6E7AEBB6FF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-sep-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "ABFE99DC-4495-4D4F-80D4-C29A1D22A9C5"
}
]
}
]
}
],
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=11",
"source": "mobile.security@samsung.com"
"source": "mobile.security@samsung.com",
"tags": [
"Vendor Advisory"
]
}
]
}

238
CVE-2024/CVE-2024-494xx/CVE-2024-49402.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-49402",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2024-11-06T03:15:05.153",
"lastModified": "2024-11-06T18:17:17.287",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-11-12T15:09:10.890",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 3.6
},
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
@ -39,10 +59,222 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:-:*:*:*:*:*:*",
"matchCriteriaId": "3093F6FE-C562-4F62-97B7-CA0D2DDF9BBE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-apr-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "9CBFF102-91A9-4BCC-BB43-912896BFCCEA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-apr-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "DAB2A0D7-8F4F-4128-AE09-D2658D793BF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-apr-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "6A89AE5B-4D1A-4ADA-B572-38B1FC4ED54C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-aug-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "401980A7-E64A-4773-83EB-C93B50AE0F73"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-aug-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "CC6E2FC7-2BAF-4C7B-9E0F-D9F844041A35"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-aug-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "6E12AB0B-728A-4478-B237-78CBAA2A44C5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-dec-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "0501033A-0D51-41E8-91A9-E72B6EE3F78D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-dec-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "2A901EFE-90BA-474C-88D2-8A3E7D99C0E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-dec-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "DF7B3213-520A-49F0-A183-C73A37A56854"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-feb-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "30F706F3-34F6-4D43-AE5E-C202C700A333"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-feb-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "FD8B9CD3-063E-481E-BE7C-1628ADA71849"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-feb-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "12C17130-A0C0-49E1-8525-9D65F0275270"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jan-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "4FAA7790-A323-4ECA-834E-F19E59C571F5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jan-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "9CE09EF7-B024-4D79-9400-C8223CDFBB86"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jan-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "C339A665-413D-443F-AD04-F71C161235D0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jul-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "213AC4D5-3B95-4120-B72D-A9327BADE2BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jul-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "3DD61EDA-98ED-4309-B54F-0CF8B7D07DC7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jul-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "F7DCB465-A0F7-496E-BE45-0B5FA1508D93"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jun-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "6D65C03E-7BC3-491A-8621-A8C93FBA0A69"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jun-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "4ECB0B7A-590C-460C-878B-9A78CB37D259"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jun-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "D66CF415-6C4A-4AF3-B660-B2E9CF484B51"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-mar-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "31B5B670-ACDE-4A64-97C5-358D79C65080"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-mar-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "EAFE015F-8130-4F10-A553-420F0BB2A132"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-mar-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "141E541B-8FA5-4829-A413-4F1DC19E9AE1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-may-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "77CE3494-F7C0-497B-8491-107D31C9A91F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-may-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "ACEA385E-3931-4438-A2A9-0357651F9B48"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-may-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "A57CB118-46CC-4CE8-ACC3-A806CD2C25A9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-nov-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "84F3023F-E65C-4871-A65A-738EFF64D365"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-nov-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "6DD1F78D-EA98-4825-A0EA-703196DDE5E4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-nov-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "BDDB3FBE-99EC-4763-961B-2C436D864A1A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-oct-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "1B02110E-71FB-495F-86CA-F2A4E55C0E42"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-oct-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "931CC6D7-A42D-4482-B901-B539DFF89C3E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-oct-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "F7EB9C6E-CF84-4E4D-94D8-39233F8EC4DD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-sep-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "852A1BEC-438F-4D1E-B361-87BD57D50157"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-sep-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "84ED2366-D4BA-4094-94AC-AD6E7AEBB6FF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-sep-2024-r1:*:*:*:*:*:*",
"matchCriteriaId": "ABFE99DC-4495-4D4F-80D4-C29A1D22A9C5"
}
]
}
]
}
],
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=11",
"source": "mobile.security@samsung.com"
"source": "mobile.security@samsung.com",
"tags": [
"Vendor Advisory"
]
}
]
}

140
CVE-2024/CVE-2024-500xx/CVE-2024-50096.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-50096",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-05T17:15:06.870",
"lastModified": "2024-11-08T16:15:46.477",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-11-12T16:16:33.703",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,35 +15,155 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: nouveau/dmem: Se corrige la vulnerabilidad en migrants_to_ram tras un error de copia. La funci\u00f3n `nouveau_dmem_copy_one` garantiza que el comando de copia push se env\u00ede al firmware del dispositivo, pero no rastrea si se ejecut\u00f3 correctamente. En el caso de un error de copia (por ejemplo, fallo del firmware o hardware), el comando de copia push se enviar\u00e1 a trav\u00e9s del canal de firmware y `nouveau_dmem_copy_one` probablemente informar\u00e1 el \u00e9xito, lo que llevar\u00e1 a la funci\u00f3n `migrate_to_ram` a devolver una p\u00e1gina HIGH_USER sucia al usuario. Esto puede resultar en una vulnerabilidad de seguridad, ya que una p\u00e1gina HIGH_USER que puede contener datos confidenciales o da\u00f1ados podr\u00eda devolverse al usuario. Para evitar esta vulnerabilidad, asignamos una p\u00e1gina cero. Por lo tanto, en caso de un error, se devolver\u00e1 al usuario una p\u00e1gina no sucia (cero)."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.1",
"versionEndExcluding": "5.4.285",
"matchCriteriaId": "1182B577-D9D7-4DC8-AAA4-C3BCAC9E115C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.227",
"matchCriteriaId": "795A3EE6-0CAB-4409-A903-151C94ACECC0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.168",
"matchCriteriaId": "4D51C05D-455B-4D8D-89E7-A58E140B864C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.113",
"matchCriteriaId": "D01BD22E-ACD1-4618-9D01-6116570BE1EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.57",
"matchCriteriaId": "05D83DB8-7465-4F88-AFB2-980011992AC1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.11.4",
"matchCriteriaId": "AA84D336-CE9A-4535-B901-1AD77EC17C34"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*",
"matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/614bfb2050982d23d53d0d51c4079dba0437c883",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/697e3ddcf1f8b68bd531fc34eead27c000bdf3e1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/73f75d2b5aee5a735cf64b8ab4543d5c20dbbdd9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/835745a377a4519decd1a36d6b926e369b3033e2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8c3de9282dde21ce3c1bf1bde3166a4510547aa9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ab4d113b6718b076046018292f821d5aa4b844f8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/fd9bb7e996bab9b9049fffe3f3d3b50dee191d27",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

99
CVE-2024/CVE-2024-500xx/CVE-2024-50097.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-50097",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-05T17:15:06.937",
"lastModified": "2024-11-06T18:17:17.287",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-11-12T16:18:00.477",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,19 +15,106 @@
"value": " En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: fec: no guardar el estado de PTP si PTP no es compatible. Algunas plataformas (como i.MX25 e i.MX27) no son compatibles con PTP, por lo que en estas plataformas no se llama a fec_ptp_init() y los miembros relacionados en fep no se inicializan. Sin embargo, se llama a fec_ptp_save_state() de forma incondicional, lo que hace que el kernel entre en p\u00e1nico. Por lo tanto, agregue una condici\u00f3n para que no se llame a fec_ptp_save_state() si PTP no es compatible."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.6.55",
"versionEndExcluding": "6.6.57",
"matchCriteriaId": "4496023C-E162-4DAA-B411-543CFAF178F6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.11.4",
"matchCriteriaId": "AA84D336-CE9A-4535-B901-1AD77EC17C34"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.10.4",
"versionEndExcluding": "6.11",
"matchCriteriaId": "6D416D9F-373E-4412-A172-24D9BF64DAE0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*",
"matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/3192e8d4a1ef9fc9bd7a59cdce51543367e5edd6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6be063071a457767ee229db13f019c2ec03bfe44",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7745e14f4c036ce94a5eb05d06e49b0d84b306f9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

109
CVE-2024/CVE-2024-500xx/CVE-2024-50098.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-50098",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-05T18:15:13.620",
"lastModified": "2024-11-06T18:17:17.287",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-11-12T16:25:48.717",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,23 +15,118 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: scsi: ufs: core: Establecer SDEV_OFFLINE cuando se apaga UFS. Hay un historial de interbloqueo si se realiza el reinicio al comienzo del arranque. SDEV_QUIESCE se estableci\u00f3 para todos los scsi_devices de LU por el apagado de UFS, y en ese momento el controlador de audio estaba esperando a blk_mq_submit_bio() sosteniendo un mutex_lock mientras le\u00eda el binario fw. Despu\u00e9s de eso, ocurri\u00f3 un problema de interbloqueo mientras el apagado del controlador de audio estaba esperando mutex_unlock de blk_mq_submit_bio(). Para resolver esto, establezca SDEV_OFFLINE para todas las LU excepto WLUN, de modo que cualquier E/S que se caiga despu\u00e9s de un apagado de UFS devuelva un error. [ 31.907781]I[0: swapper/0: 0] 1 130705007 1651079834 11289729804 0 D( 2) 3 ffffff882e208000 * init [apagado_dispositivo] [ 31.907793]I[0: swapper/0: 0] Mutex: 0xffffff8849a2b8b0: owner[0xffffff882e28cb00 kworker/6:0 :49] [ 31.907806]I[0: swapper/0: 0] Rastreo de llamadas: [ 31.907810]I[0: swapper/0: 0] __switch_to+0x174/0x338 [ 31.907819]I[0: intercambiador/0: 0] __schedule+0x5ec/0x9cc [ 31.907826]I[0: intercambiador/0: 0] schedule+0x7c/0xe8 [ 31.907834]I[0: intercambiador/0: 0] schedule_preempt_disabled+0x24/0x40 [ 31.907842]I[0: intercambiador/0: 0] __mutex_lock+0x408/0xdac [ 31.907849]I[0: intercambiador/0: 0] __mutex_lock_slowpath+0x14/0x24 [ 31.907858]I[0: intercambiador/0: 0] mutex_lock+0x40/0xec [ 31.907866]I[0: intercambiador/0: 0] device_shutdown+0x108/0x280 [ 31.907875]I[0: intercambiador/0: 0] kernel_restart+0x4c/0x11c [ 31.907883]I[0: intercambiador/0: 0] __arm64_sys_reboot+0x15c/0x280 [ 31.907890]I[0: intercambiador/0: 0] invoke_syscall+0x70/0x158 [ 31.907899]I[0: intercambiador/0: 0] el0_svc_common+0xb4/0xf4 [ 31.907909]I[0: intercambiador/0: 0] do_el0_svc+0x2c/0xb0 [ 31.907918]I[0: intercambiador/0: 0] el0_svc+0x34/0xe0 [ 31.907928]I[0: intercambiador/0: 0] el0t_64_sync_handler+0x68/0xb4 [ 31.907937]I[0: intercambiador/0: 0] el0t_64_sync+0x1a0/0x1a4 [ 31.908774]I[0: intercambiador/0: 0] 49 0 11960702 11236868007 0 D( 2) 6 ffffff882e28cb00 * kworker/6:0 [__bio_queue_enter] [ 31.908783]I[0: swapper/0: 0] Rastreo de llamadas: [ 31.908788]I[0: swapper/0: 0] __switch_to+0x174/0x338 [ 31.908796]I[0: swapper/0: 0] __schedule+0x5ec/0x9cc [ 31.908803]I[0: swapper/0: 0] schedule+0x7c/0xe8 [ 31.908811]I[0: swapper/0: 0] __bio_queue_enter+0xb8/0x178 [ 31.908818]I[0: swapper/0: 0] blk_mq_submit_bio+0x194/0x67c [ 31.908827]I[0: intercambiador/0: 0] __submit_bio+0xb8/0x19c"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.14",
"versionEndExcluding": "6.1.114",
"matchCriteriaId": "5EEBC9DD-FA37-4761-9C9C-770A7C51EEC6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.58",
"matchCriteriaId": "6B9489BC-825E-4EEE-8D93-F93C801988C8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.11.5",
"matchCriteriaId": "6E62D61A-F704-44DB-A311-17B7534DA7BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*",
"matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*",
"matchCriteriaId": "3C95E234-D335-4B6C-96BF-E2CEBD8654ED"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/19a198b67767d952c8f3d0cf24eb3100522a8223",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7774d23622416dbbbdb21bf342b3f0d92cf1dc0f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7bd9af254275fad7071d85f04616560deb598d7d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7de759fceacff5660abf9590d11114215a9d5f3c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

157
CVE-2024/CVE-2024-500xx/CVE-2024-50099.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-50099",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-05T18:15:13.690",
"lastModified": "2024-11-08T16:15:46.590",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-11-12T16:28:30.633",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,39 +15,174 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: arm64: sondas: Eliminar el soporte roto de uprobe LDR (literal). Las funciones simulation_ldr_literal() y simulation_ldrsw_literal() no son seguras para usar con uprobes. Ambas funciones se escribieron originalmente para usar con kprobes y acceder a la memoria con accesos C simples. Cuando se agreg\u00f3 uprobes, se reutilizaron sin modificar a pesar de que no pueden acceder de manera segura a la memoria del usuario. Hay tres problemas clave: 1) Los accesos C simples no tienen entradas extable correspondientes y, por lo tanto, si encuentran un fallo, el kernel los tratar\u00e1 como accesos no intencionales a la memoria del usuario, lo que resultar\u00e1 en un BUG() que matar\u00e1 el hilo del kernel y probablemente conducir\u00e1 a m\u00e1s problemas (por ejemplo, bloqueo o panic()). 2) Los accesos C simples est\u00e1n sujetos a HW PAN y SW PAN, y por lo tanto, cuando cualquiera de ellos est\u00e1 en uso, cualquier intento de simular un acceso a la memoria del usuario fallar\u00e1. Por lo tanto, ni simulation_ldr_literal() ni simulation_ldrsw_literal() pueden hacer nada \u00fatil al simular una instrucci\u00f3n de usuario en cualquier sistema con HW PAN o SW PAN. 3) Los accesos C simples son privilegiados, ya que se ejecutan en el contexto del n\u00facleo y, en la pr\u00e1ctica, pueden acceder a un peque\u00f1o rango de direcciones virtuales del n\u00facleo. Las instrucciones que simulan tienen un rango de +/-1 MiB y, dado que las instrucciones simuladas deben ser instrucciones de usuario en el rango de direcciones TTBR0, estas pueden direccionar el \u00faltimo MiB del rango de direcciones de TTBR1 envolviendo hacia abajo desde una direcci\u00f3n en el primer MiB del rango de direcciones TTBR0. En los n\u00facleos contempor\u00e1neos, los \u00faltimos 8 MiB del rango de direcciones TTBR1 est\u00e1n reservados y los accesos a estos siempre fallar\u00e1n, lo que significa que esto no es peor que (1). Hist\u00f3ricamente, era te\u00f3ricamente posible que el mapa lineal o vmemmap se derramara en los \u00faltimos 8 MiB del rango de direcciones TTBR1, pero en la pr\u00e1ctica esto es extremadamente improbable que ocurra ya que esto requerir\u00eda: * Tener suficiente memoria f\u00edsica para llenar todo el mapa lineal hasta el \u00faltimo 1 MiB del rango de direcciones TTBR1. * Tener mala suerte con la aleatorizaci\u00f3n KASLR del mapa lineal de modo que la regi\u00f3n poblada se superponga con el \u00faltimo 1 MiB del rango de direcciones TTBR. ... y en cualquier caso, si nos desbord\u00e1ramos en la p\u00e1gina final, habr\u00eda problemas m\u00e1s grandes ya que la p\u00e1gina final tendr\u00eda alias con punteros de error. Pr\u00e1cticamente hablando, (1) y (2) son los grandes problemas. Dado que no ha habido informes de problemas desde que se introdujo el c\u00f3digo roto, parece que nadie conf\u00eda en sondear estas instrucciones con uprobes. Evite estos problemas al no permitir uprobes en LDR (literal) y LDRSW (literal), y al limitar el uso de simulation_ldr_literal() y simulation_ldrsw_literal() a kprobes. Los intentos de colocar uprobes en LDR (literal) y LDRSW (literal) ser\u00e1n rechazados ya que arm_probe_decode_insn() devolver\u00e1 INSN_REJECTED. En el futuro, podemos considerar la introducci\u00f3n de compatibilidad con uprobes funcionales para estas instrucciones, pero esto requerir\u00e1 un trabajo m\u00e1s significativo."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.10",
"versionEndExcluding": "4.19.323",
"matchCriteriaId": "56700326-E491-4B17-B143-B939C5EC1DBE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.285",
"matchCriteriaId": "B5A89369-320F-47FC-8695-56F61F87E4C0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.228",
"matchCriteriaId": "9062315F-AB89-4ABE-8C13-B75927689F66"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.169",
"matchCriteriaId": "18BEDAD6-86F8-457C-952F-C35698B3D07F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.114",
"matchCriteriaId": "10FD2B3E-C7D9-4A9C-BD64-41877EDF88EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.58",
"matchCriteriaId": "6B9489BC-825E-4EEE-8D93-F93C801988C8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.11.5",
"matchCriteriaId": "6E62D61A-F704-44DB-A311-17B7534DA7BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*",
"matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*",
"matchCriteriaId": "3C95E234-D335-4B6C-96BF-E2CEBD8654ED"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/20cde998315a3d2df08e26079a3ea7501abce6db",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3728b4eb27910ffedd173018279a970705f2e03a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9f1e7735474e7457a4d919a517900e46868ae5f6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/acc450aa07099d071b18174c22a1119c57da8227",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ad4bc35a6d22e9ff9b67d0d0c38bce654232f195",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ae743deca78d9e4b7f4f60ad2f95e20e8ea057f9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/bae792617a7e911477f67a3aff850ad4ddf51572",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/cc86f2e9876c8b5300238cec6bf0bd8c842078ee",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

90
CVE-2024/CVE-2024-501xx/CVE-2024-50102.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-50102",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-05T18:15:13.877",
"lastModified": "2024-11-06T18:17:17.287",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-11-12T15:08:00.563",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,15 +15,95 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: x86: se soluciona el problema de especulaci\u00f3n no can\u00f3nica de enmascaramiento de direcciones de usuario Resulta que AMD tiene un problema de \"Meltdown Lite(tm)\" con los accesos no can\u00f3nicos en el espacio del kernel. Y entonces, usar solo el bit alto para decidir si un acceso est\u00e1 en el espacio del usuario o en el espacio del kernel termina con la buena y vieja \"filtraci\u00f3n de datos especulativos\" si tienes el gadget correcto usando el resultado: CVE-2020-12965 \"Ejecuci\u00f3n transitoria de accesos no can\u00f3nicos\" Ahora, el kernel rodea el acceso con un par STAC/CLAC, y esas instrucciones terminan serializando la ejecuci\u00f3n en arquitecturas Zen m\u00e1s antiguas, lo que cierra la ventana de especulaci\u00f3n. Pero eso era cierto solo hasta Zen 5, que renombra el bit AC [1]. Eso mejora mucho el rendimiento de STAC/CLAC, pero tambi\u00e9n significa que la ventana de especulaci\u00f3n ahora est\u00e1 abierta. Tenga en cuenta que esto no solo afecta al nuevo enmascaramiento de direcci\u00f3n, sino tambi\u00e9n a la comprobaci\u00f3n regular valid_user_address() utilizada por access_ok() y a la versi\u00f3n asm de la comprobaci\u00f3n del bit de signo en los ayudantes get_user(). No afecta a las variantes put_user() o clear_user(), ya que no hay ning\u00fan resultado especulativo que se pueda utilizar en un gadget para esas operaciones."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-203"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.4",
"versionEndExcluding": "6.11.6",
"matchCriteriaId": "DFE3B17B-8A2D-4BE4-AECF-C6853F85CDDC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*",
"matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*",
"matchCriteriaId": "3C95E234-D335-4B6C-96BF-E2CEBD8654ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:*",
"matchCriteriaId": "E0F717D8-3014-4F84-8086-0124B2111379"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/291313693677a345d4f50aae3c68e28b469f601e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/86e6b1547b3d013bc392adf775b89318441403c2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

92
CVE-2024/CVE-2024-501xx/CVE-2024-50104.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-50104",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-05T18:15:13.993",
"lastModified": "2024-11-06T18:17:17.287",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-11-12T15:05:45.587",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -12,18 +12,98 @@
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ASoC: qcom: sdm845: agregar asignaci\u00f3n de flujo de tiempo de ejecuci\u00f3n de Soundwire faltante Durante la migraci\u00f3n de la asignaci\u00f3n de flujo de tiempo de ejecuci\u00f3n de Soundwire desde el controlador Qualcomm Soundwire a los controladores de tarjeta de sonido del SoC, se olvid\u00f3 la tarjeta de sonido sdm845. En este punto, cualquier intento de reproducci\u00f3n o inicio del demonio de audio, por ejemplo en sdm845-db845c (placa Qualcomm RB3), dar\u00e1 como resultado una desreferenciaci\u00f3n del puntero de flujo NULL: No se puede manejar la desreferencia del puntero NULL del n\u00facleo en la direcci\u00f3n virtual 0000000000000020 Informaci\u00f3n de aborto de memoria: ESR = 0x0000000096000004 EC = 0x25: DABT (EL actual), IL = 32 bits SET = 0, FnV = 0 EA = 0, S1PTW = 0 FSC = 0x04: error de traducci\u00f3n de nivel 0 Informaci\u00f3n de aborto de datos: ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000 CM = 0, WnR = 0, TnD = 0, TagAccess = 0 GCS = 0, Superposici\u00f3n = 0, DirtyBit = 0, Xs = 0 usuario pgtable: p\u00e1ginas de 4k, VA de 48 bits, pgdp=0000000101ecf000 [0000000000000020] pgd=0000000000000000, p4d=0000000000000000 Error interno: Oops: 0000000096000004 [#1] PREEMPT M\u00f3dulos SMP vinculados en: ... CPU: 5 UID: 0 PID: 1198 Comm: aplay No contaminado 6.12.0-rc2-qcomlt-arm64-00059-g9d78f315a362-dirty #18 Nombre del hardware: Thundercomm Dragonboard 845c (DT) pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : sdw_stream_add_slave+0x44/0x380 [bus_soundwire] lr : sdw_stream_add_slave+0x44/0x380 [bus_soundwire] sp : ffff80008a2035c0 x29: ffff80008a2035c0 x28: ffff80008a203978 x27: 000000000000000 x26: 00000000000000c0 x25: 0000000000000000 x24: ffff1676025f4800 x23: ffff167600ff1cb8 x22: ffff167600ff1c98 x21: 0000000000000003 x20: ffff167607316000 x19: ffff167604e64e80 x18: 0000000000000000 x17: 0000000000000000 x16: ffffcec265074160 x15: 0000000000000000 x14: 0000000000000000 x13: 0000000000000000 x12: 0000000000000000 x11: 00000000000000000 x10: 0000000000000000 x9 : 0000000000000000 x8 : 0000000000000000 x7 : 0000000000000000 x6 : ffff167600ff1cec x5 : ffffcec22cfa2010 x4 : 0000000000000000 x3 : 0000000000000003 x2 : ffff167613f836c0 x1 : 0000000000000000 x0 : ffff16761feb60b8 Rastreo de llamadas: sdw_stream_add_slave+0x44/0x380 [bus de cable de sonido] wsa881x_hw_params+0x68/0x80 [snd_soc_wsa881x] snd_soc_dai_hw_params+0x3c/0xa4 __soc_pcm_hw_params+0x230/0x660 dpcm_be_dai_hw_params+0x1d0/0x3f8 dpcm_fe_dai_hw_params+0x98/0x268 snd_pcm_hw_params+0x124/0x460 snd_pcm_common_ioctl+0x998/0x16e8 snd_pcm_ioctl+0x34/0x58 __arm64_sys_ioctl+0xac/0xf8 invocar_syscall+0x48/0x104 el0_svc_common.constprop.0+0x40/0xe0 do_el0_svc+0x1c/0x28 el0_svc+0x34/0xe0 el0t_64_sync_handler+0x120/0x12c el0t_64_sync+0x190/0x194 C\u00f3digo: aa0403fb f9418400 9100e000 9400102f (f8420f22) ---[ fin de seguimiento 000000000000000 ]--- 0000000000006108 : 6108: d503233f paciasp 610c: a9b97bfd stp x29, x30, [sp, #-112]! 6110: 910003fd movimiento x29, movimiento r\u00e1pido 6114: a90153f3 movimiento r\u00e1pido x19, x20, [movimiento r\u00e1pido, n.\u00b0 16] 6118: a9025bf5 movimiento r\u00e1pido x21, x22, [movimiento r\u00e1pido, n.\u00b0 32] 611c: aa0103f6 movimiento x22, x1 6120: 2a0303f5 movimiento r\u00e1pido w21, w3 6124: a90363f7 movimiento r\u00e1pido x23, x24, [movimiento r\u00e1pido, n.\u00b0 48] 6128: aa0003f8 movimiento r\u00e1pido x24, x0 612c: aa0203f7 movimiento r\u00e1pido x23, x2 6130: a9046bf9 movimiento r\u00e1pido x25, x26, [movimiento r\u00e1pido, n.\u00b0 64] 6134: aa0403f9 mov x25, x4 &lt;-- x4 copiado a x25 6138: a90573fb stp x27, x28, [sp, #80] 613c: aa0403fb mov x27, x4 6140: f9418400 ldr x0, [x0, #776] 6144: 9100e000 agrega x0, x0, #0x38 6148: 94000000 bl 0 614c: f8420f22 ldr x2, [x25, #32]! &lt;-- desplazamiento 0x44 ^^^ Esto es 0x6108 + desplazamiento 0x44 desde el comienzo de sdw_stream_add_slave() donde ocurre la interrupci\u00f3n de datos. Se llama a wsa881x_hw_params() con stream = NULL y se pasa m\u00e1s adelante en el registro x4 (quinto argumento ---truncado---"
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ASoC: qcom: sdm845: agregar asignaci\u00f3n de flujo de tiempo de ejecuci\u00f3n de Soundwire faltante Durante la migraci\u00f3n de la asignaci\u00f3n de flujo de tiempo de ejecuci\u00f3n de Soundwire desde el controlador Qualcomm Soundwire a los controladores de tarjeta de sonido del SoC, se olvid\u00f3 la tarjeta de sonido sdm845. En este punto, cualquier intento de reproducci\u00f3n o inicio del daemon de audio, por ejemplo en sdm845-db845c (placa Qualcomm RB3), dar\u00e1 como resultado una desreferenciaci\u00f3n del puntero de flujo NULL: No se puede manejar la desreferencia del puntero NULL del n\u00facleo en la direcci\u00f3n virtual 0000000000000020 Informaci\u00f3n de aborto de memoria: ESR = 0x0000000096000004 EC = 0x25: DABT (EL actual), IL = 32 bits SET = 0, FnV = 0 EA = 0, S1PTW = 0 FSC = 0x04: error de traducci\u00f3n de nivel 0 Informaci\u00f3n de aborto de datos: ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000 CM = 0, WnR = 0, TnD = 0, TagAccess = 0 GCS = 0, Superposici\u00f3n = 0, DirtyBit = 0, Xs = 0 usuario pgtable: p\u00e1ginas de 4k, VA de 48 bits, pgdp=0000000101ecf000 [0000000000000020] pgd=0000000000000000, p4d=0000000000000000 Error interno: Oops: 0000000096000004 [#1] PREEMPT M\u00f3dulos SMP vinculados en: ... CPU: 5 UID: 0 PID: 1198 Comm: aplay No contaminado 6.12.0-rc2-qcomlt-arm64-00059-g9d78f315a362-dirty #18 Nombre del hardware: Thundercomm Dragonboard 845c (DT) pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : sdw_stream_add_slave+0x44/0x380 [bus_soundwire] lr : sdw_stream_add_slave+0x44/0x380 [bus_soundwire] sp : ffff80008a2035c0 x29: ffff80008a2035c0 x28: ffff80008a203978 x27: 000000000000000 x26: 00000000000000c0 x25: 0000000000000000 x24: ffff1676025f4800 x23: ffff167600ff1cb8 x22: ffff167600ff1c98 x21: 0000000000000003 x20: ffff167607316000 x19: ffff167604e64e80 x18: 0000000000000000 x17: 0000000000000000 x16: ffffcec265074160 x15: 0000000000000000 x14: 0000000000000000 x13: 0000000000000000 x12: 0000000000000000 x11: 00000000000000000 x10: 0000000000000000 x9 : 0000000000000000 x8 : 0000000000000000 x7 : 0000000000000000 x6 : ffff167600ff1cec x5 : ffffcec22cfa2010 x4 : 0000000000000000 x3 : 0000000000000003 x2 : ffff167613f836c0 x1 : 0000000000000000 x0 : ffff16761feb60b8 Rastreo de llamadas: sdw_stream_add_slave+0x44/0x380 [bus de cable de sonido] wsa881x_hw_params+0x68/0x80 [snd_soc_wsa881x] snd_soc_dai_hw_params+0x3c/0xa4 __soc_pcm_hw_params+0x230/0x660 dpcm_be_dai_hw_params+0x1d0/0x3f8 dpcm_fe_dai_hw_params+0x98/0x268 snd_pcm_hw_params+0x124/0x460 snd_pcm_common_ioctl+0x998/0x16e8 snd_pcm_ioctl+0x34/0x58 __arm64_sys_ioctl+0xac/0xf8 invocar_syscall+0x48/0x104 el0_svc_common.constprop.0+0x40/0xe0 do_el0_svc+0x1c/0x28 el0_svc+0x34/0xe0 el0t_64_sync_handler+0x120/0x12c el0t_64_sync+0x190/0x194 C\u00f3digo: aa0403fb f9418400 9100e000 9400102f (f8420f22) ---[ fin de seguimiento 000000000000000 ]--- 0000000000006108 : 6108: d503233f paciasp 610c: a9b97bfd stp x29, x30, [sp, #-112]! 6110: 910003fd movimiento x29, movimiento r\u00e1pido 6114: a90153f3 movimiento r\u00e1pido x19, x20, [movimiento r\u00e1pido, n.\u00b0 16] 6118: a9025bf5 movimiento r\u00e1pido x21, x22, [movimiento r\u00e1pido, n.\u00b0 32] 611c: aa0103f6 movimiento x22, x1 6120: 2a0303f5 movimiento r\u00e1pido w21, w3 6124: a90363f7 movimiento r\u00e1pido x23, x24, [movimiento r\u00e1pido, n.\u00b0 48] 6128: aa0003f8 movimiento r\u00e1pido x24, x0 612c: aa0203f7 movimiento r\u00e1pido x23, x2 6130: a9046bf9 movimiento r\u00e1pido x25, x26, [movimiento r\u00e1pido, n.\u00b0 64] 6134: aa0403f9 mov x25, x4 &lt;-- x4 copiado a x25 6138: a90573fb stp x27, x28, [sp, #80] 613c: aa0403fb mov x27, x4 6140: f9418400 ldr x0, [x0, #776] 6144: 9100e000 agrega x0, x0, #0x38 6148: 94000000 bl 0 614c: f8420f22 ldr x2, [x25, #32]! &lt;-- desplazamiento 0x44 ^^^ Esto es 0x6108 + desplazamiento 0x44 desde el comienzo de sdw_stream_add_slave() donde ocurre la interrupci\u00f3n de datos. Se llama a wsa881x_hw_params() con stream = NULL y se pasa m\u00e1s adelante en el registro x4 (quinto argumento ---truncado---"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.8",
"versionEndExcluding": "6.11.6",
"matchCriteriaId": "2CAA29A6-36B4-4C90-A862-A816F65153DB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*",
"matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*",
"matchCriteriaId": "3C95E234-D335-4B6C-96BF-E2CEBD8654ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:*",
"matchCriteriaId": "E0F717D8-3014-4F84-8086-0124B2111379"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/d0e806b0cc6260b59c65e606034a63145169c04c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/fc34d36879f87e5a3813fb66655b8bdb90c7b0d8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

90
CVE-2024/CVE-2024-501xx/CVE-2024-50105.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-50105",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-05T18:15:14.063",
"lastModified": "2024-11-06T18:17:17.287",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-11-12T15:06:14.500",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,15 +15,95 @@
"value": " En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ASoC: qcom: sc7280: Fix missing Soundwire runtime stream alloc Commit 15c7fab0e047 (\"ASoC: qcom: Move Soundwire runtime stream alloc to soundcards\") movi\u00f3 la asignaci\u00f3n de tiempo de ejecuci\u00f3n de flujo Soundwire del controlador Qualcomm Soundwire al controlador de tarjeta de sonido de cada m\u00e1quina individual, excepto que olvid\u00f3 actualizar la tarjeta SC7280. Al igual que para otras tarjetas de sonido Qualcomm que usan Soundwire, el controlador de la tarjeta debe asignar y liberar el tiempo de ejecuci\u00f3n. De lo contrario, la reproducci\u00f3n de sonido dar\u00e1 como resultado una desreferencia de puntero NULL u otro efecto de accesos a memoria no inicializados (lo que se confirm\u00f3 en SDM845 que ten\u00eda un problema similar)."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.8",
"versionEndExcluding": "6.11.6",
"matchCriteriaId": "2CAA29A6-36B4-4C90-A862-A816F65153DB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*",
"matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*",
"matchCriteriaId": "3C95E234-D335-4B6C-96BF-E2CEBD8654ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:*",
"matchCriteriaId": "E0F717D8-3014-4F84-8086-0124B2111379"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/176a41ebec42a921277cd34e8c0c2e776a9dd6c4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/db7e59e6a39a4d3d54ca8197c796557e6d480b0d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

90
CVE-2024/CVE-2024-501xx/CVE-2024-50106.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-50106",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-05T18:15:14.120",
"lastModified": "2024-11-06T18:17:17.287",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-11-12T15:07:39.707",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,15 +15,95 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: nfsd: arregla la ejecuci\u00f3n entre laundromat y free_stateid. Hay una ejecuci\u00f3n entre el manejo de laundromat de delegaciones revocadas y un cliente que env\u00eda la operaci\u00f3n free_stateid. El hilo de laundromat encuentra que la delegaci\u00f3n ha expirado y necesita ser revocada, por lo que marca el stid de delegaci\u00f3n revocado y lo pone en una lista de reaper, pero luego desbloquea el bloqueo de estado y la revocaci\u00f3n de delegaci\u00f3n real ocurre sin el bloqueo. Una vez que el stid est\u00e1 marcado como revocado, un hilo de procesamiento de free_stateid en ejecuci\u00f3n hace lo siguiente: (1) llama a list_del_init() que lo elimina de la lista de reaper y (2) libera la estructura del stid de delegaci\u00f3n. El hilo de laundromat termina sin llamar a la funci\u00f3n revoke_delegation() para esta delegaci\u00f3n en particular, pero eso significa que no liberar\u00e1 la concesi\u00f3n de bloqueo que existe en el archivo. Ahora, una nueva apertura para este archivo llega y termina encontrando que la lista de arrendamientos no est\u00e1 vac\u00eda y llama a nfsd_breaker_owns_lease() que termina intentando desreferenciar un stateid de delegaci\u00f3n liberado. Lo que genera la siguiente advertencia de KASAN de use-after-free: kernel: == ... 2069.0.0.0.0 08/03/2024 n\u00facleo: Seguimiento de llamadas: n\u00facleo: dump_backtrace+0x98/0x120 n\u00facleo: show_stack+0x1c/0x30 n\u00facleo: dump_stack_lvl+0x80/0xe8 n\u00facleo: print_address_description.constprop.0+0x84/0x390 n\u00facleo: print_report+0xa4/0x268 n\u00facleo: kasan_report+0xb4/0xf8 n\u00facleo: __asan_report_load8_noabort+0x1c/0x28 n\u00facleo: nfsd_breaker_owns_lease+0x140/0x160 [nfsd] n\u00facleo: nfsd_file_do_acquire+0xb3c/0x11d0 [nfsd] n\u00facleo: nfsd_file_acquire_opened+0x84/0x110 [nfsd] n\u00facleo: nfs4_get_vfs_file+0x634/0x958 [nfsd] n\u00facleo: nfsd4_process_open2+0xa40/0x1a40 [nfsd] n\u00facleo: nfsd4_open+0xa08/0xe80 [nfsd] n\u00facleo: nfsd4_proc_compound+0xb8c/0x2130 [nfsd] n\u00facleo: nfsd_dispatch+0x22c/0x718 [nfsd] n\u00facleo: svc_process_common+0x8e8/0x1960 [sunrpc] n\u00facleo: svc_process+0x3d4/0x7e0 [sunrpc] n\u00facleo: svc_handle_xprt+0x828/0xe10 [sunrpc] kernel: svc_recv+0x2cc/0x6a8 [sunrpc] kernel: nfsd+0x270/0x400 [nfsd] kernel: kthread+0x288/0x310 kernel: ret_from_fork+0x10/0x20 Este parche propone una soluci\u00f3n basada en agregar 2 nuevos valores de stid adicionales sc_status que ayudan a coordinar entre la lavander\u00eda y otras operaciones (nfsd4_free_stateid() y nfsd4_delegreturn()). Primero, para asegurarse de que una vez que el stid est\u00e9 marcado como revocado, no sea eliminado por nfsd4_free_stateid(), la lavander\u00eda tome una referencia en el stateid. Luego, al coordinar si el stid se ha colocado en la lista cl_revoked o si estamos procesando FREE_STATEID y debemos asegurarnos de eliminarlo de la lista, cada uno verifica ese estado y act\u00faa en consecuencia. Si laundromat ha agregado a la lista cl_revoke antes de la llegada de FREE_STATEID, entonces nfsd4_free_stateid() sabe eliminarlo de la lista. Si nfsd4_free_stateid() encuentra que las operaciones llegaron antes de que laundromat lo haya colocado en la lista cl_revoke, marca el estado como liberado y luego laundromat ya no lo agregar\u00e1 a la lista. Adem\u00e1s, para nfsd4_delegreturn() cuando buscamos el stid especificado, necesitamos acceder a los stid que est\u00e1n marcados como eliminados o liberables, significa que laundromat ha comenzado a procesarlo pero no ha terminado y este delegreturn debe devolver nfserr_deleg_revoked y no nfserr_bad_stateid. Este \u00faltimo no activar\u00e1 un FREE_STATEID y la falta del mismo dejar\u00e1 este stid en la lista cl_revoked indefinidamente."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.17",
"versionEndExcluding": "6.11.6",
"matchCriteriaId": "570099BE-0B19-4950-8FD5-4E24B814E579"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*",
"matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*",
"matchCriteriaId": "3C95E234-D335-4B6C-96BF-E2CEBD8654ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:*",
"matchCriteriaId": "E0F717D8-3014-4F84-8086-0124B2111379"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/8dd91e8d31febf4d9cca3ae1bb4771d33ae7ee5a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/967faa26f313a62e7bebc55d5b8122eaee43b929",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

56
CVE-2024/CVE-2024-503xx/CVE-2024-50317.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-50317",
"sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"published": "2024-11-12T16:15:23.347",
"lastModified": "2024-11-12T16:15:23.347",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A null pointer dereference in Ivanti Avalanche before 6.4.6 allows a remote unauthenticated attacker to cause a denial of service."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"references": [
{
"url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Avalanche-Multiple-CVEs-Q4-2024-Release",
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75"
}
]
}

56
CVE-2024/CVE-2024-503xx/CVE-2024-50318.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-50318",
"sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"published": "2024-11-12T16:15:23.537",
"lastModified": "2024-11-12T16:15:23.537",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A null pointer dereference in Ivanti Avalanche before 6.4.6 allows a remote unauthenticated attacker to cause a denial of service."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"references": [
{
"url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Avalanche-Multiple-CVEs-Q4-2024-Release",
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75"
}
]
}

56
CVE-2024/CVE-2024-503xx/CVE-2024-50319.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-50319",
"sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"published": "2024-11-12T16:15:23.713",
"lastModified": "2024-11-12T16:15:23.713",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An infinite loop in Ivanti Avalanche before 6.4.6 allows a remote unauthenticated attacker to cause a denial of service."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-835"
}
]
}
],
"references": [
{
"url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Avalanche-Multiple-CVEs-Q4-2024-Release",
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75"
}
]
}

56
CVE-2024/CVE-2024-503xx/CVE-2024-50320.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-50320",
"sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"published": "2024-11-12T16:15:23.910",
"lastModified": "2024-11-12T16:15:23.910",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An infinite loop in Ivanti Avalanche before 6.4.6 allows a remote unauthenticated attacker to cause a denial of service."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-835"
}
]
}
],
"references": [
{
"url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Avalanche-Multiple-CVEs-Q4-2024-Release",
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75"
}
]
}

56
CVE-2024/CVE-2024-503xx/CVE-2024-50321.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-50321",
"sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"published": "2024-11-12T16:15:24.100",
"lastModified": "2024-11-12T16:15:24.100",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An infinite loop in Ivanti Avalanche before 6.4.6 allows a remote unauthenticated attacker to cause a denial of service."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-835"
}
]
}
],
"references": [
{
"url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Avalanche-Multiple-CVEs-Q4-2024-Release",
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75"
}
]
}

56
CVE-2024/CVE-2024-503xx/CVE-2024-50322.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-50322",
"sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"published": "2024-11-12T16:15:24.280",
"lastModified": "2024-11-12T16:15:24.280",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update\u00a0allows a local unauthenticated attacker to achieve code execution. User interaction is required."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://https://forums.ivanti.com/s/article/Security-Advisory-EPM-November-2024-for-EPM-2024-and-EPM-2022",
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75"
}
]
}

56
CVE-2024/CVE-2024-503xx/CVE-2024-50323.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-50323",
"sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"published": "2024-11-12T16:15:24.473",
"lastModified": "2024-11-12T16:15:24.473",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update\u00a0allows a local unauthenticated attacker to achieve code execution. User interaction is required."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://forums.ivanti.com/s/article/Security-Advisory-EPM-November-2024-for-EPM-2024-and-EPM-2022",
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75"
}
]
}

56
CVE-2024/CVE-2024-503xx/CVE-2024-50324.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-50324",
"sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"published": "2024-11-12T16:15:24.653",
"lastModified": "2024-11-12T16:15:24.653",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update\u00a0allows a remote authenticated attacker with admin privileges to achieve remote code execution."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://forums.ivanti.com/s/article/Security-Advisory-EPM-November-2024-for-EPM-2024-and-EPM-2022",
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75"
}
]
}

56
CVE-2024/CVE-2024-503xx/CVE-2024-50326.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-50326",
"sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"published": "2024-11-12T16:15:24.840",
"lastModified": "2024-11-12T16:15:24.840",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update\u00a0allows a remote authenticated attacker with admin privileges to achieve remote code execution."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://forums.ivanti.com/s/article/Security-Advisory-EPM-November-2024-for-EPM-2024-and-EPM-2022",
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75"
}
]
}

56
CVE-2024/CVE-2024-503xx/CVE-2024-50327.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-50327",
"sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"published": "2024-11-12T16:15:25.023",
"lastModified": "2024-11-12T16:15:25.023",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update\u00a0allows a remote authenticated attacker with admin privileges to achieve remote code execution."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://forums.ivanti.com/s/article/Security-Advisory-EPM-November-2024-for-EPM-2024-and-EPM-2022",
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75"
}
]
}

56
CVE-2024/CVE-2024-503xx/CVE-2024-50328.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-50328",
"sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"published": "2024-11-12T16:15:25.207",
"lastModified": "2024-11-12T16:15:25.207",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update\u00a0allows a remote authenticated attacker with admin privileges to achieve remote code execution."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://forums.ivanti.com/s/article/Security-Advisory-EPM-November-2024-for-EPM-2024-and-EPM-2022",
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75"
}
]
}

56
CVE-2024/CVE-2024-503xx/CVE-2024-50329.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-50329",
"sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"published": "2024-11-12T16:15:25.383",
"lastModified": "2024-11-12T16:15:25.383",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update\u00a0allows a remote unauthenticated attacker to achieve remote code execution. User interaction is required."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://forums.ivanti.com/s/article/Security-Advisory-EPM-November-2024-for-EPM-2024-and-EPM-2022",
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75"
}
]
}

56
CVE-2024/CVE-2024-503xx/CVE-2024-50330.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-50330",
"sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"published": "2024-11-12T16:15:25.573",
"lastModified": "2024-11-12T16:15:25.573",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update\u00a0allows a remote unauthenticated attacker to achieve remote code execution."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://forums.ivanti.com/s/article/Security-Advisory-EPM-November-2024-for-EPM-2024-and-EPM-2022",
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75"
}
]
}

56
CVE-2024/CVE-2024-503xx/CVE-2024-50331.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-50331",
"sourceIdentifier": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"published": "2024-11-12T16:15:25.773",
"lastModified": "2024-11-12T16:15:25.773",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read vulnerability in Ivanti Avalanche before 6.4.6 allows a remote unauthenticated attacker to leak sensitive information in memory."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Avalanche-Multiple-CVEs-Q4-2024-Release",
"source": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75"
}
]
}

64
CVE-2024/CVE-2024-503xx/CVE-2024-50386.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-50386",
"sourceIdentifier": "security@apache.org",
"published": "2024-11-12T15:15:10.397",
"lastModified": "2024-11-12T15:48:59.103",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Account users in Apache CloudStack by default are allowed to register templates to be downloaded directly to the primary storage for deploying instances. Due to missing validation checks for KVM-compatible templates in CloudStack 4.0.0 through 4.18.2.4 and 4.19.0.0 through 4.19.1.2, an attacker that can register templates, can use them to deploy malicious instances on KVM-based environments and exploit this to gain access to the host filesystems that could result in the compromise of resource integrity and confidentiality, data loss, denial of service, and availability of KVM-based infrastructure managed by CloudStack.\n\n\nUsers are recommended to upgrade to Apache CloudStack 4.18.2.5 or 4.19.1.3, or later, which addresses this issue. \n\nAdditionally, all user-registered KVM-compatible templates can be scanned and checked that they are flat files that should not be using any additional or unnecessary features. For example, operators can run the following command on their file-based primary storage(s) and inspect the output. An empty output for the disk being validated means it has no references to the host filesystems; on the other hand, if the output for the disk being validated is not empty, it might indicate a compromised disk. However, bear in mind that (i) volumes created from templates will have references for the templates at first and (ii) volumes can be consolidated while migrating, losing their references to the templates. Therefore, the command execution for the primary storages can show both false positives and false negatives.\n\n\nfor file in $(find /path/to/storage/ -type f -regex [a-f0-9\\-]*.*); do echo \"Retrieving file [$file] info. If the output is not empty, that might indicate a compromised disk; check it carefully.\"; qemu-img info -U $file | grep file: ; printf \"\\n\\n\"; done\nFor checking the whole template/volume features of each disk, operators can run the following command:\n\n\nfor file in $(find /path/to/storage/ -type f -regex [a-f0-9\\-]*.*); do echo \"Retrieving file [$file] info.\"; qemu-img info -U $file; printf \"\\n\\n\"; done"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@apache.org",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "security@apache.org",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://cloudstack.apache.org/blog/security-release-advisory-4.18.2.5-4.19.1.3",
"source": "security@apache.org"
},
{
"url": "https://lists.apache.org/thread/d0x83c2cyglzzdw8csbop7mj7h83z95y",
"source": "security@apache.org"
},
{
"url": "https://www.shapeblue.com/shapeblue-security-advisory-apache-cloudstack-security-releases-4-18-2-5-and-4-19-1-3/",
"source": "security@apache.org"
}
]
}

39
CVE-2024/CVE-2024-506xx/CVE-2024-50601.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-50601",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-11T23:15:05.763",
"lastModified": "2024-11-12T13:55:21.227",
"lastModified": "2024-11-12T16:35:22.810",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Las vulnerabilidades XSS persistentes y reflejado en la cookie themeMode y el par\u00e1metro URL _h de Axigen Mail Server hasta la versi\u00f3n 10.5.28 permiten a los atacantes ejecutar c\u00f3digo JavaScript arbitrario. Su explotaci\u00f3n podr\u00eda provocar el secuestro de sesiones, la fuga de datos y una mayor explotaci\u00f3n mediante un ataque de varias etapas. Se corrigi\u00f3 en las versiones 10.3.3.67, 10.4.42 y 10.5.29."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://www.axigen.com/knowledgebase/Axigen-WebMail-Persistent-and-Reflected-XSS-Vulnerabilities-CVE-2024-50601-_403.html",

33
CVE-2024/CVE-2024-515xx/CVE-2024-51562.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-51562",
"sourceIdentifier": "secteam@freebsd.org",
"published": "2024-11-12T15:15:10.820",
"lastModified": "2024-11-12T15:48:59.103",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The NVMe driver function nvme_opc_get_log_page is vulnerable to a buffer over-read from a guest-controlled value."
}
],
"metrics": {},
"weaknesses": [
{
"source": "secteam@freebsd.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://security.freebsd.org/advisories/FreeBSD-SA-24:17.bhyve.asc",
"source": "secteam@freebsd.org"
}
]
}

33
CVE-2024/CVE-2024-515xx/CVE-2024-51563.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-51563",
"sourceIdentifier": "secteam@freebsd.org",
"published": "2024-11-12T15:15:10.903",
"lastModified": "2024-11-12T15:48:59.103",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The virtio_vq_recordon function is subject to a time-of-check to time-of-use (TOCTOU) race condition."
}
],
"metrics": {},
"weaknesses": [
{
"source": "secteam@freebsd.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-367"
}
]
}
],
"references": [
{
"url": "https://security.freebsd.org/advisories/FreeBSD-SA-24:17.bhyve.asc",
"source": "secteam@freebsd.org"
}
]
}

33
CVE-2024/CVE-2024-515xx/CVE-2024-51564.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-51564",
"sourceIdentifier": "secteam@freebsd.org",
"published": "2024-11-12T15:15:10.993",
"lastModified": "2024-11-12T15:48:59.103",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A guest can trigger an infinite loop in the hda audio driver."
}
],
"metrics": {},
"weaknesses": [
{
"source": "secteam@freebsd.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1285"
}
]
}
],
"references": [
{
"url": "https://security.freebsd.org/advisories/FreeBSD-SA-24:17.bhyve.asc",
"source": "secteam@freebsd.org"
}
]
}

33
CVE-2024/CVE-2024-515xx/CVE-2024-51565.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-51565",
"sourceIdentifier": "secteam@freebsd.org",
"published": "2024-11-12T15:15:11.083",
"lastModified": "2024-11-12T15:48:59.103",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The hda driver is vulnerable to a buffer over-read from a guest-controlled value."
}
],
"metrics": {},
"weaknesses": [
{
"source": "secteam@freebsd.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://security.freebsd.org/advisories/FreeBSD-SA-24:17.bhyve.asc",
"source": "secteam@freebsd.org"
}
]
}

33
CVE-2024/CVE-2024-515xx/CVE-2024-51566.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-51566",
"sourceIdentifier": "secteam@freebsd.org",
"published": "2024-11-12T15:15:11.170",
"lastModified": "2024-11-12T15:48:59.103",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The NVMe driver queue processing is vulernable to guest-induced infinite loops."
}
],
"metrics": {},
"weaknesses": [
{
"source": "secteam@freebsd.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1285"
}
]
}
],
"references": [
{
"url": "https://security.freebsd.org/advisories/FreeBSD-SA-24:17.bhyve.asc",
"source": "secteam@freebsd.org"
}
]
}

60
CVE-2024/CVE-2024-522xx/CVE-2024-52296.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-52296",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-11-12T16:15:26.030",
"lastModified": "2024-11-12T16:15:26.030",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "libosdp is an implementation of IEC 60839-11-5 OSDP (Open Supervised Device Protocol) and provides a C library with support for C++, Rust and Python3. At ospd_common.c, on the osdp_reply_name function, any reply id between REPLY_ACK and REPLY_XRD is valid, but names array do not declare all of the range. On a case of an undefined reply id within the range, name will be null (name = names[reply_id - REPLY_ACK];). Null name will casue a crash on next line: if (name[0] == '\\0') as null[0] is invalid. As this logic is not limited to a secure connection, attacker may trigger this vulnerability without any prior knowledge. This issue is fixed in 2.4.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"references": [
{
"url": "https://github.com/goToMain/libosdp/commit/24409e98a260176765956ec766a04cb35984fab1",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/goToMain/libosdp/security/advisories/GHSA-7945-5mcv-f2pp",
"source": "security-advisories@github.com"
}
]
}

64
CVE-2024/CVE-2024-522xx/CVE-2024-52297.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-52297",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-11-12T16:15:26.230",
"lastModified": "2024-11-12T16:15:26.230",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Tolgee is an open-source localization platform. Tolgee 3.81.1 included the all configuration properties in the PublicConfiguratioDTO publicly exposed to users. This vulnerability is fixed in v3.81.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://github.com/tolgee/tolgee-platform/pull/2481/files#diff-d16735590f0f2db7cd782e2966fa18426b94b5e4030fa8b1f5e00cd55686fe7f",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/tolgee/tolgee-platform/pull/2689/files",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/tolgee/tolgee-platform/security/advisories/GHSA-3wr3-889v-pgcj",
"source": "security-advisories@github.com"
}
]
}

39
CVE-2024/CVE-2024-525xx/CVE-2024-52533.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-52533",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-11T23:15:05.967",
"lastModified": "2024-11-12T13:55:21.227",
"lastModified": "2024-11-12T16:35:24.297",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "gio/gsocks4aproxy.c en GNOME GLib anterior a 2.82.1 tiene un error de un byte y el consiguiente desbordamiento de b\u00fafer porque SOCKS4_CONN_MSG_LEN no es suficiente para un car\u00e1cter '\\0' final."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"references": [
{
"url": "https://gitlab.gnome.org/GNOME/glib/-/issues/3461",

6
CVE-2024/CVE-2024-61xx/CVE-2024-6126.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-6126",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-07-03T15:15:06.470",
"lastModified": "2024-07-05T12:55:51.367",
"lastModified": "2024-11-12T15:15:11.403",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -52,6 +52,10 @@
}
],
"references": [
{
"url": "https://access.redhat.com/errata/RHSA-2024:9325",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2024-6126",
"source": "secalert@redhat.com"

6
CVE-2024/CVE-2024-65xx/CVE-2024-6501.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-6501",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-07-09T20:15:12.470",
"lastModified": "2024-07-11T13:06:13.187",
"lastModified": "2024-11-12T15:15:11.530",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -52,6 +52,10 @@
}
],
"references": [
{
"url": "https://access.redhat.com/errata/RHSA-2024:9317",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2024-6501",
"source": "secalert@redhat.com"

39
CVE-2024/CVE-2024-66xx/CVE-2024-6604.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-6604",
"sourceIdentifier": "security@mozilla.org",
"published": "2024-07-09T15:15:12.597",
"lastModified": "2024-07-16T18:15:09.077",
"lastModified": "2024-11-12T16:35:25.143",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Errores de seguridad de la memoria presentes en Firefox 127, Firefox ESR 115.12 y Thunderbird 115.12. Algunos de estos errores mostraron evidencia de corrupci\u00f3n de memoria y suponemos que con suficiente esfuerzo algunos de ellos podr\u00edan haberse aprovechado para ejecutar c\u00f3digo arbitrario. Esta vulnerabilidad afecta a Firefox &lt; 128 y Firefox ESR &lt; 115.13."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"references": [
{
"url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1748105%2C1837550%2C1884266",

Some files were not shown because too many files have changed in this diff Show More