diff --git a/CVE-2022/CVE-2022-205xx/CVE-2022-20571.json b/CVE-2022/CVE-2022-205xx/CVE-2022-20571.json index dfeed4156ef..b737a0dfdaa 100644 --- a/CVE-2022/CVE-2022-205xx/CVE-2022-20571.json +++ b/CVE-2022/CVE-2022-205xx/CVE-2022-20571.json @@ -2,7 +2,7 @@ "id": "CVE-2022-20571", "sourceIdentifier": "security@android.com", "published": "2022-12-16T16:15:19.673", - "lastModified": "2024-11-21T06:43:04.530", + "lastModified": "2025-04-18T15:15:45.633", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 0.8, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 6.7, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.9 } ] }, @@ -49,6 +69,16 @@ "value": "CWE-416" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] } ], "configurations": [ diff --git a/CVE-2022/CVE-2022-205xx/CVE-2022-20572.json b/CVE-2022/CVE-2022-205xx/CVE-2022-20572.json index 0cf63e82832..d5a7b2004b2 100644 --- a/CVE-2022/CVE-2022-205xx/CVE-2022-20572.json +++ b/CVE-2022/CVE-2022-205xx/CVE-2022-20572.json @@ -2,7 +2,7 @@ "id": "CVE-2022-20572", "sourceIdentifier": "security@android.com", "published": "2022-12-16T16:15:19.720", - "lastModified": "2024-11-21T06:43:04.657", + "lastModified": "2025-04-18T15:15:46.617", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 0.8, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 6.7, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.9 } ] }, @@ -49,6 +69,16 @@ "value": "CWE-862" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] } ], "configurations": [ diff --git a/CVE-2022/CVE-2022-205xx/CVE-2022-20574.json b/CVE-2022/CVE-2022-205xx/CVE-2022-20574.json index 8651c3d72fa..48732c8f767 100644 --- a/CVE-2022/CVE-2022-205xx/CVE-2022-20574.json +++ b/CVE-2022/CVE-2022-205xx/CVE-2022-20574.json @@ -2,7 +2,7 @@ "id": "CVE-2022-20574", "sourceIdentifier": "security@android.com", "published": "2022-12-16T16:15:19.770", - "lastModified": "2024-11-21T06:43:04.773", + "lastModified": "2025-04-18T15:15:46.777", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 3.6 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 } ] }, @@ -49,6 +69,16 @@ "value": "CWE-125" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] } ], "configurations": [ diff --git a/CVE-2022/CVE-2022-205xx/CVE-2022-20575.json b/CVE-2022/CVE-2022-205xx/CVE-2022-20575.json index 52795864b94..c63c9d2ad12 100644 --- a/CVE-2022/CVE-2022-205xx/CVE-2022-20575.json +++ b/CVE-2022/CVE-2022-205xx/CVE-2022-20575.json @@ -2,7 +2,7 @@ "id": "CVE-2022-20575", "sourceIdentifier": "security@android.com", "published": "2022-12-16T16:15:19.820", - "lastModified": "2024-11-21T06:43:04.897", + "lastModified": "2025-04-18T15:15:46.933", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 3.6 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 } ] }, @@ -49,6 +69,16 @@ "value": "CWE-125" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] } ], "configurations": [ diff --git a/CVE-2022/CVE-2022-205xx/CVE-2022-20576.json b/CVE-2022/CVE-2022-205xx/CVE-2022-20576.json index 912aff5856c..79bd1fc4904 100644 --- a/CVE-2022/CVE-2022-205xx/CVE-2022-20576.json +++ b/CVE-2022/CVE-2022-205xx/CVE-2022-20576.json @@ -2,7 +2,7 @@ "id": "CVE-2022-20576", "sourceIdentifier": "security@android.com", "published": "2022-12-16T16:15:19.873", - "lastModified": "2024-11-21T06:43:05.007", + "lastModified": "2025-04-18T15:15:47.090", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 0.8, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 6.7, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.9 } ] }, @@ -49,6 +69,16 @@ "value": "CWE-787" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] } ], "configurations": [ diff --git a/CVE-2022/CVE-2022-205xx/CVE-2022-20577.json b/CVE-2022/CVE-2022-205xx/CVE-2022-20577.json index 40940fd18cb..0ba51eb4fd6 100644 --- a/CVE-2022/CVE-2022-205xx/CVE-2022-20577.json +++ b/CVE-2022/CVE-2022-205xx/CVE-2022-20577.json @@ -2,7 +2,7 @@ "id": "CVE-2022-20577", "sourceIdentifier": "security@android.com", "published": "2022-12-16T16:15:19.923", - "lastModified": "2024-11-21T06:43:05.117", + "lastModified": "2025-04-18T15:15:47.247", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 0.8, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 6.7, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.9 } ] }, @@ -49,6 +69,16 @@ "value": "CWE-787" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] } ], "configurations": [ diff --git a/CVE-2022/CVE-2022-205xx/CVE-2022-20578.json b/CVE-2022/CVE-2022-205xx/CVE-2022-20578.json index 043912c4c7e..051a18fc65a 100644 --- a/CVE-2022/CVE-2022-205xx/CVE-2022-20578.json +++ b/CVE-2022/CVE-2022-205xx/CVE-2022-20578.json @@ -2,7 +2,7 @@ "id": "CVE-2022-20578", "sourceIdentifier": "security@android.com", "published": "2022-12-16T16:15:19.973", - "lastModified": "2024-11-21T06:43:05.237", + "lastModified": "2025-04-18T15:15:47.403", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 0.8, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 6.7, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.9 } ] }, @@ -49,6 +69,16 @@ "value": "CWE-787" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] } ], "configurations": [ diff --git a/CVE-2022/CVE-2022-205xx/CVE-2022-20579.json b/CVE-2022/CVE-2022-205xx/CVE-2022-20579.json index 5f0eebd2643..718649d9333 100644 --- a/CVE-2022/CVE-2022-205xx/CVE-2022-20579.json +++ b/CVE-2022/CVE-2022-205xx/CVE-2022-20579.json @@ -2,7 +2,7 @@ "id": "CVE-2022-20579", "sourceIdentifier": "security@android.com", "published": "2022-12-16T16:15:20.023", - "lastModified": "2024-11-21T06:43:05.357", + "lastModified": "2025-04-18T15:15:47.563", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 0.8, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 6.7, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.9 } ] }, @@ -49,6 +69,16 @@ "value": "CWE-787" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] } ], "configurations": [ diff --git a/CVE-2022/CVE-2022-205xx/CVE-2022-20580.json b/CVE-2022/CVE-2022-205xx/CVE-2022-20580.json index 383f5a27923..8ba5a9ada22 100644 --- a/CVE-2022/CVE-2022-205xx/CVE-2022-20580.json +++ b/CVE-2022/CVE-2022-205xx/CVE-2022-20580.json @@ -2,7 +2,7 @@ "id": "CVE-2022-20580", "sourceIdentifier": "security@android.com", "published": "2022-12-16T16:15:20.073", - "lastModified": "2024-11-21T06:43:05.480", + "lastModified": "2025-04-18T15:15:47.717", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 0.8, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 6.7, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.9 } ] }, @@ -49,6 +69,16 @@ "value": "CWE-787" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] } ], "configurations": [ diff --git a/CVE-2022/CVE-2022-205xx/CVE-2022-20581.json b/CVE-2022/CVE-2022-205xx/CVE-2022-20581.json index 008432152c8..66853d69d12 100644 --- a/CVE-2022/CVE-2022-205xx/CVE-2022-20581.json +++ b/CVE-2022/CVE-2022-205xx/CVE-2022-20581.json @@ -2,7 +2,7 @@ "id": "CVE-2022-20581", "sourceIdentifier": "security@android.com", "published": "2022-12-16T16:15:20.123", - "lastModified": "2024-11-21T06:43:05.620", + "lastModified": "2025-04-18T15:15:47.873", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 0.8, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 6.7, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.9 } ] }, @@ -49,6 +69,16 @@ "value": "CWE-416" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] } ], "configurations": [ diff --git a/CVE-2022/CVE-2022-205xx/CVE-2022-20582.json b/CVE-2022/CVE-2022-205xx/CVE-2022-20582.json index 40dc70d9421..20249d8c02e 100644 --- a/CVE-2022/CVE-2022-205xx/CVE-2022-20582.json +++ b/CVE-2022/CVE-2022-205xx/CVE-2022-20582.json @@ -2,7 +2,7 @@ "id": "CVE-2022-20582", "sourceIdentifier": "security@android.com", "published": "2022-12-16T16:15:20.170", - "lastModified": "2024-11-21T06:43:05.753", + "lastModified": "2025-04-18T15:15:48.030", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 } ] }, @@ -49,6 +69,16 @@ "value": "CWE-787" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] } ], "configurations": [ diff --git a/CVE-2022/CVE-2022-205xx/CVE-2022-20583.json b/CVE-2022/CVE-2022-205xx/CVE-2022-20583.json index 17f351b83d3..0a77d0a602a 100644 --- a/CVE-2022/CVE-2022-205xx/CVE-2022-20583.json +++ b/CVE-2022/CVE-2022-205xx/CVE-2022-20583.json @@ -2,7 +2,7 @@ "id": "CVE-2022-20583", "sourceIdentifier": "security@android.com", "published": "2022-12-16T16:15:20.220", - "lastModified": "2024-11-21T06:43:05.887", + "lastModified": "2025-04-18T15:15:48.187", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 0.8, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 6.7, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.9 } ] }, @@ -49,6 +69,16 @@ "value": "CWE-787" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] } ], "configurations": [ diff --git a/CVE-2022/CVE-2022-205xx/CVE-2022-20584.json b/CVE-2022/CVE-2022-205xx/CVE-2022-20584.json index 6e0f41678f3..1f8a7ae0075 100644 --- a/CVE-2022/CVE-2022-205xx/CVE-2022-20584.json +++ b/CVE-2022/CVE-2022-205xx/CVE-2022-20584.json @@ -2,7 +2,7 @@ "id": "CVE-2022-20584", "sourceIdentifier": "security@android.com", "published": "2022-12-16T16:15:20.267", - "lastModified": "2024-11-21T06:43:06.020", + "lastModified": "2025-04-18T15:15:48.343", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 } ] }, @@ -49,6 +69,16 @@ "value": "CWE-20" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ] } ], "configurations": [ diff --git a/CVE-2022/CVE-2022-205xx/CVE-2022-20585.json b/CVE-2022/CVE-2022-205xx/CVE-2022-20585.json index 694d961e615..e534742c045 100644 --- a/CVE-2022/CVE-2022-205xx/CVE-2022-20585.json +++ b/CVE-2022/CVE-2022-205xx/CVE-2022-20585.json @@ -2,7 +2,7 @@ "id": "CVE-2022-20585", "sourceIdentifier": "security@android.com", "published": "2022-12-16T16:15:20.313", - "lastModified": "2024-11-21T06:43:06.157", + "lastModified": "2025-04-18T15:15:48.503", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 } ] }, @@ -49,6 +69,16 @@ "value": "CWE-20" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ] } ], "configurations": [ diff --git a/CVE-2022/CVE-2022-205xx/CVE-2022-20586.json b/CVE-2022/CVE-2022-205xx/CVE-2022-20586.json index 84b58cd01d9..66b4ffa3d5b 100644 --- a/CVE-2022/CVE-2022-205xx/CVE-2022-20586.json +++ b/CVE-2022/CVE-2022-205xx/CVE-2022-20586.json @@ -2,7 +2,7 @@ "id": "CVE-2022-20586", "sourceIdentifier": "security@android.com", "published": "2022-12-16T16:15:20.363", - "lastModified": "2024-11-21T06:43:06.287", + "lastModified": "2025-04-18T15:15:48.660", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 } ] }, @@ -49,6 +69,16 @@ "value": "CWE-20" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ] } ], "configurations": [ diff --git a/CVE-2022/CVE-2022-205xx/CVE-2022-20587.json b/CVE-2022/CVE-2022-205xx/CVE-2022-20587.json index e42e133e96e..6253fe5341e 100644 --- a/CVE-2022/CVE-2022-205xx/CVE-2022-20587.json +++ b/CVE-2022/CVE-2022-205xx/CVE-2022-20587.json @@ -2,7 +2,7 @@ "id": "CVE-2022-20587", "sourceIdentifier": "security@android.com", "published": "2022-12-16T16:15:20.410", - "lastModified": "2024-11-21T06:43:06.420", + "lastModified": "2025-04-18T15:15:48.820", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 } ] }, @@ -49,6 +69,16 @@ "value": "CWE-20" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ] } ], "configurations": [ diff --git a/CVE-2022/CVE-2022-205xx/CVE-2022-20588.json b/CVE-2022/CVE-2022-205xx/CVE-2022-20588.json index b0b8b4705ca..ba961982a7a 100644 --- a/CVE-2022/CVE-2022-205xx/CVE-2022-20588.json +++ b/CVE-2022/CVE-2022-205xx/CVE-2022-20588.json @@ -2,7 +2,7 @@ "id": "CVE-2022-20588", "sourceIdentifier": "security@android.com", "published": "2022-12-16T16:15:20.460", - "lastModified": "2024-11-21T06:43:06.543", + "lastModified": "2025-04-18T15:15:49.003", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 0.8, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 6.7, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.9 } ] }, @@ -49,6 +69,16 @@ "value": "CWE-754" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-754" + } + ] } ], "configurations": [ diff --git a/CVE-2022/CVE-2022-205xx/CVE-2022-20589.json b/CVE-2022/CVE-2022-205xx/CVE-2022-20589.json index 6e3e562010f..035379b4107 100644 --- a/CVE-2022/CVE-2022-205xx/CVE-2022-20589.json +++ b/CVE-2022/CVE-2022-205xx/CVE-2022-20589.json @@ -2,7 +2,7 @@ "id": "CVE-2022-20589", "sourceIdentifier": "security@android.com", "published": "2022-12-16T16:15:20.507", - "lastModified": "2024-11-21T06:43:06.660", + "lastModified": "2025-04-18T15:15:49.200", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 0.8, "impactScore": 3.6 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 4.4, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 0.8, + "impactScore": 3.6 } ] }, @@ -49,6 +69,16 @@ "value": "CWE-20" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ] } ], "configurations": [ diff --git a/CVE-2022/CVE-2022-205xx/CVE-2022-20590.json b/CVE-2022/CVE-2022-205xx/CVE-2022-20590.json index e67025e69e7..4a936b61850 100644 --- a/CVE-2022/CVE-2022-205xx/CVE-2022-20590.json +++ b/CVE-2022/CVE-2022-205xx/CVE-2022-20590.json @@ -2,7 +2,7 @@ "id": "CVE-2022-20590", "sourceIdentifier": "security@android.com", "published": "2022-12-16T16:15:20.557", - "lastModified": "2024-11-21T06:43:06.790", + "lastModified": "2025-04-18T15:15:49.360", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 3.6 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 } ] }, @@ -49,6 +69,16 @@ "value": "CWE-20" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ] } ], "configurations": [ diff --git a/CVE-2022/CVE-2022-205xx/CVE-2022-20591.json b/CVE-2022/CVE-2022-205xx/CVE-2022-20591.json index 717b4e031d3..fd917b544cd 100644 --- a/CVE-2022/CVE-2022-205xx/CVE-2022-20591.json +++ b/CVE-2022/CVE-2022-205xx/CVE-2022-20591.json @@ -2,7 +2,7 @@ "id": "CVE-2022-20591", "sourceIdentifier": "security@android.com", "published": "2022-12-16T16:15:20.607", - "lastModified": "2024-11-21T06:43:06.907", + "lastModified": "2025-04-18T15:15:49.520", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 3.6 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 } ] }, @@ -49,6 +69,16 @@ "value": "NVD-CWE-noinfo" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-200" + } + ] } ], "configurations": [ diff --git a/CVE-2022/CVE-2022-205xx/CVE-2022-20592.json b/CVE-2022/CVE-2022-205xx/CVE-2022-20592.json index 51d196df762..96a74688c98 100644 --- a/CVE-2022/CVE-2022-205xx/CVE-2022-20592.json +++ b/CVE-2022/CVE-2022-205xx/CVE-2022-20592.json @@ -2,7 +2,7 @@ "id": "CVE-2022-20592", "sourceIdentifier": "security@android.com", "published": "2022-12-16T16:15:20.657", - "lastModified": "2024-11-21T06:43:07.020", + "lastModified": "2025-04-18T15:15:49.683", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 3.6 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 } ] }, @@ -49,6 +69,16 @@ "value": "CWE-20" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ] } ], "configurations": [ diff --git a/CVE-2022/CVE-2022-205xx/CVE-2022-20593.json b/CVE-2022/CVE-2022-205xx/CVE-2022-20593.json index 27ee2b60b48..b69dfb15e53 100644 --- a/CVE-2022/CVE-2022-205xx/CVE-2022-20593.json +++ b/CVE-2022/CVE-2022-205xx/CVE-2022-20593.json @@ -2,7 +2,7 @@ "id": "CVE-2022-20593", "sourceIdentifier": "security@android.com", "published": "2022-12-16T16:15:20.703", - "lastModified": "2024-11-21T06:43:07.140", + "lastModified": "2025-04-18T15:15:49.840", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 0.8, "impactScore": 3.6 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 4.4, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 0.8, + "impactScore": 3.6 } ] }, @@ -49,6 +69,16 @@ "value": "CWE-125" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] } ], "configurations": [ diff --git a/CVE-2022/CVE-2022-206xx/CVE-2022-20601.json b/CVE-2022/CVE-2022-206xx/CVE-2022-20601.json index 6004847eaa4..a5d21162c2b 100644 --- a/CVE-2022/CVE-2022-206xx/CVE-2022-20601.json +++ b/CVE-2022/CVE-2022-206xx/CVE-2022-20601.json @@ -2,7 +2,7 @@ "id": "CVE-2022-20601", "sourceIdentifier": "security@android.com", "published": "2022-12-16T16:15:21.080", - "lastModified": "2024-11-21T06:43:08.137", + "lastModified": "2025-04-18T14:15:16.130", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 3.6 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 } ] }, @@ -49,6 +69,16 @@ "value": "NVD-CWE-noinfo" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-119" + } + ] } ], "configurations": [ diff --git a/CVE-2022/CVE-2022-206xx/CVE-2022-20602.json b/CVE-2022/CVE-2022-206xx/CVE-2022-20602.json index 4a1e38e57ed..c3f6a6132cb 100644 --- a/CVE-2022/CVE-2022-206xx/CVE-2022-20602.json +++ b/CVE-2022/CVE-2022-206xx/CVE-2022-20602.json @@ -2,7 +2,7 @@ "id": "CVE-2022-20602", "sourceIdentifier": "security@android.com", "published": "2022-12-16T16:15:21.127", - "lastModified": "2024-11-21T06:43:08.253", + "lastModified": "2025-04-18T14:15:16.307", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 3.6 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 } ] }, @@ -49,6 +69,16 @@ "value": "NVD-CWE-noinfo" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-119" + } + ] } ], "configurations": [ diff --git a/CVE-2022/CVE-2022-206xx/CVE-2022-20603.json b/CVE-2022/CVE-2022-206xx/CVE-2022-20603.json index 2b13c38fbac..9d2fb2e9e8f 100644 --- a/CVE-2022/CVE-2022-206xx/CVE-2022-20603.json +++ b/CVE-2022/CVE-2022-206xx/CVE-2022-20603.json @@ -2,7 +2,7 @@ "id": "CVE-2022-20603", "sourceIdentifier": "security@android.com", "published": "2022-12-16T16:15:21.177", - "lastModified": "2024-11-21T06:43:08.373", + "lastModified": "2025-04-18T14:15:16.460", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 1.2, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.2, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 } ] }, @@ -49,6 +69,16 @@ "value": "CWE-787" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] } ], "configurations": [ diff --git a/CVE-2022/CVE-2022-206xx/CVE-2022-20604.json b/CVE-2022/CVE-2022-206xx/CVE-2022-20604.json index f36de38955e..bbcc891e65d 100644 --- a/CVE-2022/CVE-2022-206xx/CVE-2022-20604.json +++ b/CVE-2022/CVE-2022-206xx/CVE-2022-20604.json @@ -2,7 +2,7 @@ "id": "CVE-2022-20604", "sourceIdentifier": "security@android.com", "published": "2022-12-16T16:15:21.227", - "lastModified": "2024-11-21T06:43:08.497", + "lastModified": "2025-04-18T14:15:16.620", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 3.6 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 } ] }, @@ -49,6 +69,16 @@ "value": "CWE-125" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] } ], "configurations": [ diff --git a/CVE-2022/CVE-2022-206xx/CVE-2022-20605.json b/CVE-2022/CVE-2022-206xx/CVE-2022-20605.json index 9716425de76..bf6228b9f80 100644 --- a/CVE-2022/CVE-2022-206xx/CVE-2022-20605.json +++ b/CVE-2022/CVE-2022-206xx/CVE-2022-20605.json @@ -2,7 +2,7 @@ "id": "CVE-2022-20605", "sourceIdentifier": "security@android.com", "published": "2022-12-16T16:15:21.273", - "lastModified": "2024-11-21T06:43:08.620", + "lastModified": "2025-04-18T14:15:16.777", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 3.6 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 } ] }, @@ -49,6 +69,16 @@ "value": "CWE-125" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] } ], "configurations": [ diff --git a/CVE-2022/CVE-2022-206xx/CVE-2022-20606.json b/CVE-2022/CVE-2022-206xx/CVE-2022-20606.json index 208af06a911..7b0a0f03058 100644 --- a/CVE-2022/CVE-2022-206xx/CVE-2022-20606.json +++ b/CVE-2022/CVE-2022-206xx/CVE-2022-20606.json @@ -2,7 +2,7 @@ "id": "CVE-2022-20606", "sourceIdentifier": "security@android.com", "published": "2022-12-16T16:15:21.320", - "lastModified": "2024-11-21T06:43:08.737", + "lastModified": "2025-04-18T14:15:16.937", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 1.2, "impactScore": 3.6 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 4.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.2, + "impactScore": 3.6 } ] }, @@ -49,6 +69,16 @@ "value": "CWE-125" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] } ], "configurations": [ diff --git a/CVE-2022/CVE-2022-206xx/CVE-2022-20607.json b/CVE-2022/CVE-2022-206xx/CVE-2022-20607.json index dff07bc547d..859a9117d36 100644 --- a/CVE-2022/CVE-2022-206xx/CVE-2022-20607.json +++ b/CVE-2022/CVE-2022-206xx/CVE-2022-20607.json @@ -2,7 +2,7 @@ "id": "CVE-2022-20607", "sourceIdentifier": "security@android.com", "published": "2022-12-16T16:15:21.367", - "lastModified": "2024-11-21T06:43:08.853", + "lastModified": "2025-04-18T14:15:17.093", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 } ] }, @@ -49,6 +69,16 @@ "value": "CWE-787" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] } ], "configurations": [ diff --git a/CVE-2022/CVE-2022-206xx/CVE-2022-20608.json b/CVE-2022/CVE-2022-206xx/CVE-2022-20608.json index 20286a4c4ae..43ee2af82bb 100644 --- a/CVE-2022/CVE-2022-206xx/CVE-2022-20608.json +++ b/CVE-2022/CVE-2022-206xx/CVE-2022-20608.json @@ -2,7 +2,7 @@ "id": "CVE-2022-20608", "sourceIdentifier": "security@android.com", "published": "2022-12-16T16:15:21.410", - "lastModified": "2024-11-21T06:43:08.970", + "lastModified": "2025-04-18T14:15:17.250", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 3.6 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 } ] }, @@ -49,6 +69,16 @@ "value": "CWE-125" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] } ], "configurations": [ diff --git a/CVE-2022/CVE-2022-206xx/CVE-2022-20609.json b/CVE-2022/CVE-2022-206xx/CVE-2022-20609.json index 41a6c320f51..0cc5ccbb96a 100644 --- a/CVE-2022/CVE-2022-206xx/CVE-2022-20609.json +++ b/CVE-2022/CVE-2022-206xx/CVE-2022-20609.json @@ -2,7 +2,7 @@ "id": "CVE-2022-20609", "sourceIdentifier": "security@android.com", "published": "2022-12-16T16:15:21.457", - "lastModified": "2024-11-21T06:43:09.087", + "lastModified": "2025-04-18T14:15:17.413", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 3.6 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 } ] }, @@ -49,6 +69,16 @@ "value": "CWE-125" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] } ], "configurations": [ diff --git a/CVE-2022/CVE-2022-206xx/CVE-2022-20610.json b/CVE-2022/CVE-2022-206xx/CVE-2022-20610.json index cc4d569d59c..1f8bdca3452 100644 --- a/CVE-2022/CVE-2022-206xx/CVE-2022-20610.json +++ b/CVE-2022/CVE-2022-206xx/CVE-2022-20610.json @@ -2,7 +2,7 @@ "id": "CVE-2022-20610", "sourceIdentifier": "security@android.com", "published": "2022-12-16T16:15:21.507", - "lastModified": "2024-11-21T06:43:09.203", + "lastModified": "2025-04-18T14:15:17.573", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 } ] }, @@ -49,6 +69,16 @@ "value": "CWE-125" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] } ], "configurations": [ diff --git a/CVE-2022/CVE-2022-256xx/CVE-2022-25626.json b/CVE-2022/CVE-2022-256xx/CVE-2022-25626.json index 6dd6e4619eb..bdc64216bb2 100644 --- a/CVE-2022/CVE-2022-256xx/CVE-2022-25626.json +++ b/CVE-2022/CVE-2022-256xx/CVE-2022-25626.json @@ -2,7 +2,7 @@ "id": "CVE-2022-25626", "sourceIdentifier": "secure@symantec.com", "published": "2022-12-16T16:15:21.553", - "lastModified": "2024-11-21T06:52:28.130", + "lastModified": "2025-04-18T14:15:17.737", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 1.4 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 } ] }, @@ -49,6 +69,16 @@ "value": "NVD-CWE-noinfo" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-425" + } + ] } ], "configurations": [ diff --git a/CVE-2022/CVE-2022-256xx/CVE-2022-25627.json b/CVE-2022/CVE-2022-256xx/CVE-2022-25627.json index 7e709c57154..7fdad9e02cb 100644 --- a/CVE-2022/CVE-2022-256xx/CVE-2022-25627.json +++ b/CVE-2022/CVE-2022-256xx/CVE-2022-25627.json @@ -2,7 +2,7 @@ "id": "CVE-2022-25627", "sourceIdentifier": "secure@symantec.com", "published": "2022-12-16T16:15:21.603", - "lastModified": "2024-11-21T06:52:28.230", + "lastModified": "2025-04-18T14:15:17.930", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 0.8, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 6.7, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.9 } ] }, @@ -49,6 +69,16 @@ "value": "NVD-CWE-noinfo" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-284" + } + ] } ], "configurations": [ diff --git a/CVE-2022/CVE-2022-256xx/CVE-2022-25628.json b/CVE-2022/CVE-2022-256xx/CVE-2022-25628.json index e703e096f75..a3f62b893a2 100644 --- a/CVE-2022/CVE-2022-256xx/CVE-2022-25628.json +++ b/CVE-2022/CVE-2022-256xx/CVE-2022-25628.json @@ -2,7 +2,7 @@ "id": "CVE-2022-25628", "sourceIdentifier": "secure@symantec.com", "published": "2022-12-16T16:15:21.650", - "lastModified": "2024-11-21T06:52:28.330", + "lastModified": "2025-04-18T14:15:18.087", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 } ] }, @@ -49,6 +69,16 @@ "value": "CWE-611" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-611" + } + ] } ], "configurations": [ diff --git a/CVE-2022/CVE-2022-317xx/CVE-2022-31707.json b/CVE-2022/CVE-2022-317xx/CVE-2022-31707.json index abef886499a..c045cb3292a 100644 --- a/CVE-2022/CVE-2022-317xx/CVE-2022-31707.json +++ b/CVE-2022/CVE-2022-317xx/CVE-2022-31707.json @@ -2,7 +2,7 @@ "id": "CVE-2022-31707", "sourceIdentifier": "security@vmware.com", "published": "2022-12-16T16:15:21.863", - "lastModified": "2024-11-21T07:05:10.900", + "lastModified": "2025-04-18T14:15:18.253", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 1.2, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.2, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 } ] }, @@ -49,6 +69,16 @@ "value": "NVD-CWE-noinfo" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-269" + } + ] } ], "configurations": [ diff --git a/CVE-2022/CVE-2022-317xx/CVE-2022-31708.json b/CVE-2022/CVE-2022-317xx/CVE-2022-31708.json index ec3c4b5f546..894c17ce2c1 100644 --- a/CVE-2022/CVE-2022-317xx/CVE-2022-31708.json +++ b/CVE-2022/CVE-2022-317xx/CVE-2022-31708.json @@ -2,7 +2,7 @@ "id": "CVE-2022-31708", "sourceIdentifier": "security@vmware.com", "published": "2022-12-16T16:15:21.910", - "lastModified": "2024-11-21T07:05:11.047", + "lastModified": "2025-04-18T14:15:18.420", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 1.2, "impactScore": 3.6 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 4.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.2, + "impactScore": 3.6 } ] }, @@ -49,6 +69,16 @@ "value": "NVD-CWE-Other" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-284" + } + ] } ], "configurations": [ diff --git a/CVE-2022/CVE-2022-362xx/CVE-2022-36223.json b/CVE-2022/CVE-2022-362xx/CVE-2022-36223.json index fa7efa928d4..36c94b4f5d9 100644 --- a/CVE-2022/CVE-2022-362xx/CVE-2022-36223.json +++ b/CVE-2022/CVE-2022-362xx/CVE-2022-36223.json @@ -2,7 +2,7 @@ "id": "CVE-2022-36223", "sourceIdentifier": "cve@mitre.org", "published": "2022-12-16T14:15:09.097", - "lastModified": "2024-11-21T07:12:37.070", + "lastModified": "2025-04-18T14:15:18.570", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 2.7 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 } ] }, @@ -49,6 +69,16 @@ "value": "CWE-79" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] } ], "configurations": [ @@ -76,6 +106,10 @@ { "url": "https://medium.com/%40cupc4k3/administrator-account-takeover-in-emby-media-server-616fc2a6704f", "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://medium.com/stolabs/cve-2022-36223-administrator-account-takeover-in-emby-media-server-616fc2a6704f", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-378xx/CVE-2022-37832.json b/CVE-2022/CVE-2022-378xx/CVE-2022-37832.json index 295bf3c4914..76227054b80 100644 --- a/CVE-2022/CVE-2022-378xx/CVE-2022-37832.json +++ b/CVE-2022/CVE-2022-378xx/CVE-2022-37832.json @@ -2,7 +2,7 @@ "id": "CVE-2022-37832", "sourceIdentifier": "cve@mitre.org", "published": "2022-12-16T22:15:09.037", - "lastModified": "2024-11-21T07:15:15.547", + "lastModified": "2025-04-18T14:15:18.760", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 } ] }, @@ -49,6 +69,16 @@ "value": "CWE-798" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-798" + } + ] } ], "configurations": [ diff --git a/CVE-2022/CVE-2022-387xx/CVE-2022-38756.json b/CVE-2022/CVE-2022-387xx/CVE-2022-38756.json index 8fca9fdeba7..f1ac259da77 100644 --- a/CVE-2022/CVE-2022-387xx/CVE-2022-38756.json +++ b/CVE-2022/CVE-2022-387xx/CVE-2022-38756.json @@ -2,7 +2,7 @@ "id": "CVE-2022-38756", "sourceIdentifier": "security@opentext.com", "published": "2022-12-16T23:15:09.703", - "lastModified": "2024-11-21T07:17:02.000", + "lastModified": "2025-04-18T14:15:18.953", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -69,6 +69,16 @@ "value": "CWE-532" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-532" + } + ] } ], "configurations": [ @@ -113,6 +123,14 @@ { "url": "https://portal.microfocus.com/s/article/KM000012374?language=en_US", "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://packetstorm.news/files/id/170768", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" + }, + { + "url": "https://seclists.org/fulldisclosure/2023/Jan/28", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-425xx/CVE-2022-42501.json b/CVE-2022/CVE-2022-425xx/CVE-2022-42501.json index 4583e6a5024..5361b4aa7c7 100644 --- a/CVE-2022/CVE-2022-425xx/CVE-2022-42501.json +++ b/CVE-2022/CVE-2022-425xx/CVE-2022-42501.json @@ -2,7 +2,7 @@ "id": "CVE-2022-42501", "sourceIdentifier": "security@android.com", "published": "2022-12-16T16:15:22.560", - "lastModified": "2024-11-21T07:25:05.220", + "lastModified": "2025-04-18T14:15:19.123", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 0.8, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 6.7, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.9 } ] }, @@ -49,6 +69,16 @@ "value": "CWE-787" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] } ], "configurations": [ diff --git a/CVE-2022/CVE-2022-425xx/CVE-2022-42502.json b/CVE-2022/CVE-2022-425xx/CVE-2022-42502.json index 8f6b07567fb..9a7ea479f86 100644 --- a/CVE-2022/CVE-2022-425xx/CVE-2022-42502.json +++ b/CVE-2022/CVE-2022-425xx/CVE-2022-42502.json @@ -2,7 +2,7 @@ "id": "CVE-2022-42502", "sourceIdentifier": "security@android.com", "published": "2022-12-16T16:15:22.607", - "lastModified": "2024-11-21T07:25:05.373", + "lastModified": "2025-04-18T14:15:19.273", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 0.8, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 6.7, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.9 } ] }, @@ -49,6 +69,16 @@ "value": "CWE-787" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] } ], "configurations": [ diff --git a/CVE-2022/CVE-2022-425xx/CVE-2022-42503.json b/CVE-2022/CVE-2022-425xx/CVE-2022-42503.json index c1c0480ee97..d547c494ff4 100644 --- a/CVE-2022/CVE-2022-425xx/CVE-2022-42503.json +++ b/CVE-2022/CVE-2022-425xx/CVE-2022-42503.json @@ -2,7 +2,7 @@ "id": "CVE-2022-42503", "sourceIdentifier": "security@android.com", "published": "2022-12-16T16:15:22.657", - "lastModified": "2024-11-21T07:25:05.497", + "lastModified": "2025-04-18T14:15:19.430", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 0.8, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 6.7, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.9 } ] }, @@ -49,6 +69,16 @@ "value": "CWE-787" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] } ], "configurations": [ diff --git a/CVE-2022/CVE-2022-425xx/CVE-2022-42504.json b/CVE-2022/CVE-2022-425xx/CVE-2022-42504.json index 4c9c43609e6..ef5343275c5 100644 --- a/CVE-2022/CVE-2022-425xx/CVE-2022-42504.json +++ b/CVE-2022/CVE-2022-425xx/CVE-2022-42504.json @@ -2,7 +2,7 @@ "id": "CVE-2022-42504", "sourceIdentifier": "security@android.com", "published": "2022-12-16T16:15:22.703", - "lastModified": "2024-11-21T07:25:05.623", + "lastModified": "2025-04-18T14:15:19.590", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 0.8, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 6.7, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.9 } ] }, @@ -49,6 +69,16 @@ "value": "CWE-787" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] } ], "configurations": [ diff --git a/CVE-2022/CVE-2022-425xx/CVE-2022-42509.json b/CVE-2022/CVE-2022-425xx/CVE-2022-42509.json index 6ac82365766..a8dd8311124 100644 --- a/CVE-2022/CVE-2022-425xx/CVE-2022-42509.json +++ b/CVE-2022/CVE-2022-425xx/CVE-2022-42509.json @@ -2,7 +2,7 @@ "id": "CVE-2022-42509", "sourceIdentifier": "security@android.com", "published": "2022-12-16T16:15:22.933", - "lastModified": "2024-11-21T07:25:06.267", + "lastModified": "2025-04-18T14:15:19.750", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 0.8, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 6.7, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.9 } ] }, @@ -49,6 +69,16 @@ "value": "CWE-787" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] } ], "configurations": [ diff --git a/CVE-2022/CVE-2022-425xx/CVE-2022-42510.json b/CVE-2022/CVE-2022-425xx/CVE-2022-42510.json index 87c8c68e2a4..9a2461e9b1e 100644 --- a/CVE-2022/CVE-2022-425xx/CVE-2022-42510.json +++ b/CVE-2022/CVE-2022-425xx/CVE-2022-42510.json @@ -2,7 +2,7 @@ "id": "CVE-2022-42510", "sourceIdentifier": "security@android.com", "published": "2022-12-16T16:15:22.983", - "lastModified": "2024-11-21T07:25:06.393", + "lastModified": "2025-04-18T14:15:19.913", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 0.8, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 6.7, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.9 } ] }, @@ -49,6 +69,16 @@ "value": "CWE-125" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] } ], "configurations": [ diff --git a/CVE-2022/CVE-2022-425xx/CVE-2022-42511.json b/CVE-2022/CVE-2022-425xx/CVE-2022-42511.json index e86edc4486d..faf5ab19b03 100644 --- a/CVE-2022/CVE-2022-425xx/CVE-2022-42511.json +++ b/CVE-2022/CVE-2022-425xx/CVE-2022-42511.json @@ -2,7 +2,7 @@ "id": "CVE-2022-42511", "sourceIdentifier": "security@android.com", "published": "2022-12-16T16:15:23.033", - "lastModified": "2024-11-21T07:25:06.517", + "lastModified": "2025-04-18T14:15:20.070", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 0.8, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 6.7, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.9 } ] }, @@ -49,6 +69,16 @@ "value": "CWE-787" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] } ], "configurations": [ diff --git a/CVE-2022/CVE-2022-425xx/CVE-2022-42512.json b/CVE-2022/CVE-2022-425xx/CVE-2022-42512.json index f7d7f91a9da..377cb5d7d3b 100644 --- a/CVE-2022/CVE-2022-425xx/CVE-2022-42512.json +++ b/CVE-2022/CVE-2022-425xx/CVE-2022-42512.json @@ -2,7 +2,7 @@ "id": "CVE-2022-42512", "sourceIdentifier": "security@android.com", "published": "2022-12-16T16:15:23.080", - "lastModified": "2024-11-21T07:25:06.640", + "lastModified": "2025-04-18T13:15:56.257", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 0.8, "impactScore": 3.6 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 4.4, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 0.8, + "impactScore": 3.6 } ] }, @@ -49,6 +69,16 @@ "value": "CWE-125" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] } ], "configurations": [ diff --git a/CVE-2022/CVE-2022-425xx/CVE-2022-42513.json b/CVE-2022/CVE-2022-425xx/CVE-2022-42513.json index 79e3adc2bb7..78edccf4790 100644 --- a/CVE-2022/CVE-2022-425xx/CVE-2022-42513.json +++ b/CVE-2022/CVE-2022-425xx/CVE-2022-42513.json @@ -2,7 +2,7 @@ "id": "CVE-2022-42513", "sourceIdentifier": "security@android.com", "published": "2022-12-16T16:15:23.127", - "lastModified": "2024-11-21T07:25:06.763", + "lastModified": "2025-04-18T13:15:57.143", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 0.8, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 6.7, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.9 } ] }, diff --git a/CVE-2023/CVE-2023-469xx/CVE-2023-46950.json b/CVE-2023/CVE-2023-469xx/CVE-2023-46950.json index 3d55641c3fb..dfce0f37539 100644 --- a/CVE-2023/CVE-2023-469xx/CVE-2023-46950.json +++ b/CVE-2023/CVE-2023-469xx/CVE-2023-46950.json @@ -2,8 +2,8 @@ "id": "CVE-2023-46950", "sourceIdentifier": "cve@mitre.org", "published": "2024-03-01T14:15:53.030", - "lastModified": "2024-11-21T08:29:32.167", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T14:30:56.840", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,34 +51,74 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:contribsys:sidekiq:6.5.8:*:*:*:*:*:*:*", + "matchCriteriaId": "025B9EF1-D72F-49B3-9BE0-D1C7276E3F51" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/mhenrixon/sidekiq-unique-jobs/pull/829", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking" + ] }, { "url": "https://github.com/mhenrixon/sidekiq-unique-jobs/releases/tag/v8.0.7", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes" + ] }, { "url": "https://github.com/mhenrixon/sidekiq-unique-jobs/security/advisories/GHSA-cmh9-rx85-xj38", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Vendor Advisory" + ] }, { "url": "https://www.mgm-sp.com/cve/sidekiq-unique-jobs-reflected-xss-cve-2023-46950-cve-2023-46951", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://github.com/mhenrixon/sidekiq-unique-jobs/security/advisories/GHSA-cmh9-rx85-xj38", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Vendor Advisory" + ] }, { "url": "https://link.org", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Permissions Required" + ] }, { "url": "https://www.link.com", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Not Applicable" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-469xx/CVE-2023-46951.json b/CVE-2023/CVE-2023-469xx/CVE-2023-46951.json index 64939784ca8..45e9ba401d6 100644 --- a/CVE-2023/CVE-2023-469xx/CVE-2023-46951.json +++ b/CVE-2023/CVE-2023-469xx/CVE-2023-46951.json @@ -2,8 +2,8 @@ "id": "CVE-2023-46951", "sourceIdentifier": "cve@mitre.org", "published": "2024-03-01T14:15:53.087", - "lastModified": "2024-11-21T08:29:32.400", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T14:29:50.863", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,42 +51,88 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:contribsys:sidekiq:6.5.8:*:*:*:*:*:*:*", + "matchCriteriaId": "025B9EF1-D72F-49B3-9BE0-D1C7276E3F51" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/mhenrixon/sidekiq-unique-jobs/pull/829", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking" + ] }, { "url": "https://github.com/mhenrixon/sidekiq-unique-jobs/releases/tag/v8.0.7", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes" + ] }, { "url": "https://github.com/mhenrixon/sidekiq-unique-jobs/security/advisories/GHSA-cmh9-rx85-xj38", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Vendor Advisory" + ] }, { "url": "https://link.org", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Permissions Required" + ] }, { "url": "https://www.link.com", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Not Applicable" + ] }, { "url": "https://www.mgm-sp.com/cve/sidekiq-unique-jobs-reflected-xss-cve-2023-46950-cve-2023-46951", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://github.com/mhenrixon/sidekiq-unique-jobs/security/advisories/GHSA-cmh9-rx85-xj38", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Vendor Advisory" + ] }, { "url": "https://link.org", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Permissions Required" + ] }, { "url": "https://www.link.com", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Not Applicable" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-495xx/CVE-2023-49543.json b/CVE-2023/CVE-2023-495xx/CVE-2023-49543.json index d97d321274c..de4ed551006 100644 --- a/CVE-2023/CVE-2023-495xx/CVE-2023-49543.json +++ b/CVE-2023/CVE-2023-495xx/CVE-2023-49543.json @@ -2,8 +2,8 @@ "id": "CVE-2023-49543", "sourceIdentifier": "cve@mitre.org", "published": "2024-03-01T22:15:47.640", - "lastModified": "2024-11-21T08:33:30.863", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T14:21:05.953", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,30 +51,67 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:book_store_management_system_project:book_store_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "7E1BB334-C4F4-456D-B55F-61A06A11757D" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/geraldoalcantara/CVE-2023-49543", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://owasp.org/Top10/A01_2021-Broken_Access_Control/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] }, { "url": "https://www.sourcecodester.com/php/15748/book-store-management-system-project-using-php-codeigniter-3-free-source-code.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] }, { "url": "https://github.com/geraldoalcantara/CVE-2023-49543", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://owasp.org/Top10/A01_2021-Broken_Access_Control/", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Product" + ] }, { "url": "https://www.sourcecodester.com/php/15748/book-store-management-system-project-using-php-codeigniter-3-free-source-code.html", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-114xx/CVE-2024-11421.json b/CVE-2024/CVE-2024-114xx/CVE-2024-11421.json new file mode 100644 index 00000000000..d9b8334d7a5 --- /dev/null +++ b/CVE-2024/CVE-2024-114xx/CVE-2024-11421.json @@ -0,0 +1,16 @@ +{ + "id": "CVE-2024-11421", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-04-18T14:15:20.243", + "lastModified": "2025-04-18T14:15:20.243", + "vulnStatus": "Rejected", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: The developer has disputed this as a vulnerability. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage." + } + ], + "metrics": {}, + "references": [] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-139xx/CVE-2024-13925.json b/CVE-2024/CVE-2024-139xx/CVE-2024-13925.json index dfdeaf60443..38b9c8eb223 100644 --- a/CVE-2024/CVE-2024-139xx/CVE-2024-13925.json +++ b/CVE-2024/CVE-2024-139xx/CVE-2024-13925.json @@ -2,7 +2,7 @@ "id": "CVE-2024-13925", "sourceIdentifier": "contact@wpscan.com", "published": "2025-04-17T06:15:43.590", - "lastModified": "2025-04-17T20:21:48.243", + "lastModified": "2025-04-18T14:15:20.327", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -11,7 +11,30 @@ "value": "The Klarna Checkout for WooCommerce WordPress plugin before 2.13.5 exposes an unauthenticated WooCommerce Ajax endpoint that allows an attacker to flood the log files with data at the maximum size allowed for a POST parameter per request. This can result in rapid consumption of disk space, potentially filling the entire disk." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, "references": [ { "url": "https://wpscan.com/vulnerability/6aebb52f-d74a-4043-86c4-c24579f24ef4/", diff --git a/CVE-2024/CVE-2024-16xx/CVE-2024-1685.json b/CVE-2024/CVE-2024-16xx/CVE-2024-1685.json index d1a4134177f..3303176b346 100644 --- a/CVE-2024/CVE-2024-16xx/CVE-2024-1685.json +++ b/CVE-2024/CVE-2024-16xx/CVE-2024-1685.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1685", "sourceIdentifier": "security@wordfence.com", "published": "2024-03-16T06:15:10.180", - "lastModified": "2024-11-21T08:51:05.037", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T15:19:05.460", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,25 +36,89 @@ }, "exploitabilityScore": 2.8, "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-502" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:sygnoos:social_media_share_buttons:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "2.1.0", + "matchCriteriaId": "18E20A4C-BD1B-4703-A00F-633B42C9472F" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/social-media-builder/trunk/classes/SgmbButton.php#L32", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Broken Link", + "Product" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9c17d18a-090f-4b35-a257-cfc0a16d5459?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://plugins.trac.wordpress.org/browser/social-media-builder/trunk/classes/SgmbButton.php#L32", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Broken Link", + "Product" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9c17d18a-090f-4b35-a257-cfc0a16d5459?source=cve", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-17xx/CVE-2024-1733.json b/CVE-2024/CVE-2024-17xx/CVE-2024-1733.json index bf64cad9093..59c888479ec 100644 --- a/CVE-2024/CVE-2024-17xx/CVE-2024-1733.json +++ b/CVE-2024/CVE-2024-17xx/CVE-2024-1733.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1733", "sourceIdentifier": "security@wordfence.com", "published": "2024-03-16T06:15:13.010", - "lastModified": "2024-11-21T08:51:11.377", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T15:32:56.347", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -39,22 +39,63 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:charlestsmith:word_replacer_pro:1.0:*:*:*:*:wordpress:*:*", + "matchCriteriaId": "46B7E236-314E-4322-A06C-4B43C9409A94" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/word-replacer-ultra/trunk/inc/word-replacer-ultra-ajax.php#L16", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1da53718-c2a2-45d0-ad43-daff3c68342d?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://plugins.trac.wordpress.org/browser/word-replacer-ultra/trunk/inc/word-replacer-ultra-ajax.php#L16", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Product" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1da53718-c2a2-45d0-ad43-daff3c68342d?source=cve", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-245xx/CVE-2024-24511.json b/CVE-2024/CVE-2024-245xx/CVE-2024-24511.json index 6603a42f983..7116eac38e4 100644 --- a/CVE-2024/CVE-2024-245xx/CVE-2024-24511.json +++ b/CVE-2024/CVE-2024-245xx/CVE-2024-24511.json @@ -2,8 +2,8 @@ "id": "CVE-2024-24511", "sourceIdentifier": "cve@mitre.org", "published": "2024-03-01T23:15:08.260", - "lastModified": "2024-11-21T08:59:21.877", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T14:03:24.763", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,22 +51,53 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pkp.sfu:open_journal_systems:3.3:*:*:*:*:*:*:*", + "matchCriteriaId": "F550875A-9367-4C6D-A8B3-39D6E065A182" + } + ] + } + ] + } + ], "references": [ { "url": "https://drive.google.com/file/d/1IhU9tNhc6enKL1Dgq9--R05biJBjodKv/view?usp=sharing", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "https://github.com/machisri/CVEs-and-Vulnerabilities/blob/main/CVE-2024-24511%20-%3E%20Stored%20XSS%20in%20input%20Title%20of%20the%20Component", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://drive.google.com/file/d/1IhU9tNhc6enKL1Dgq9--R05biJBjodKv/view?usp=sharing", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Broken Link" + ] }, { "url": "https://github.com/machisri/CVEs-and-Vulnerabilities/blob/main/CVE-2024-24511%20-%3E%20Stored%20XSS%20in%20input%20Title%20of%20the%20Component", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-245xx/CVE-2024-24512.json b/CVE-2024/CVE-2024-245xx/CVE-2024-24512.json index d8c26934b5b..f0bbcd4f463 100644 --- a/CVE-2024/CVE-2024-245xx/CVE-2024-24512.json +++ b/CVE-2024/CVE-2024-245xx/CVE-2024-24512.json @@ -2,8 +2,8 @@ "id": "CVE-2024-24512", "sourceIdentifier": "cve@mitre.org", "published": "2024-03-01T23:15:08.313", - "lastModified": "2024-11-21T08:59:22.127", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T14:00:48.600", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,22 +51,53 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pkp.sfu:open_journal_systems:3.3:*:*:*:*:*:*:*", + "matchCriteriaId": "F550875A-9367-4C6D-A8B3-39D6E065A182" + } + ] + } + ] + } + ], "references": [ { "url": "https://drive.google.com/file/d/1jRsltje5PRkgigcY5qLWB3GhF0e9j6aF/view?usp=sharing", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "https://github.com/machisri/CVEs-and-Vulnerabilities/blob/main/CVE-2024-24512%20-%3E%20Stored%20XSS%20in%20input%20SubTitle%20of%20the%20Component", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://drive.google.com/file/d/1jRsltje5PRkgigcY5qLWB3GhF0e9j6aF/view?usp=sharing", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Broken Link" + ] }, { "url": "https://github.com/machisri/CVEs-and-Vulnerabilities/blob/main/CVE-2024-24512%20-%3E%20Stored%20XSS%20in%20input%20SubTitle%20of%20the%20Component", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-260xx/CVE-2024-26014.json b/CVE-2024/CVE-2024-260xx/CVE-2024-26014.json new file mode 100644 index 00000000000..025e2517b22 --- /dev/null +++ b/CVE-2024/CVE-2024-260xx/CVE-2024-26014.json @@ -0,0 +1,16 @@ +{ + "id": "CVE-2024-26014", + "sourceIdentifier": "psirt@fortinet.com", + "published": "2025-04-18T08:15:12.803", + "lastModified": "2025-04-18T08:15:12.803", + "vulnStatus": "Rejected", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Rejected reason: Not used" + } + ], + "metrics": {}, + "references": [] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-275xx/CVE-2024-27525.json b/CVE-2024/CVE-2024-275xx/CVE-2024-27525.json index 498e59fb5a3..bed8350e57b 100644 --- a/CVE-2024/CVE-2024-275xx/CVE-2024-27525.json +++ b/CVE-2024/CVE-2024-275xx/CVE-2024-27525.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27525", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-01T15:15:18.003", - "lastModified": "2024-11-04T20:35:05.800", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T13:21:04.433", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,14 +51,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:chamilo:chamilo_lms:1.11.26:-:*:*:*:*:*:*", + "matchCriteriaId": "F6EF3CB4-D8FF-4BFF-9AE5-EBDBEFCEE00A" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/chamilo/chamilo-lms/commit/a63e03ef961e7bf2dab56f4ede6f87edef40ba0c", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] }, { "url": "https://www.less-secure.com/2024/10/chamilo-lms-cve-2024-27524-cve-2024.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-291xx/CVE-2024-29157.json b/CVE-2024/CVE-2024-291xx/CVE-2024-29157.json index 3e2a1b429e6..b53246c286d 100644 --- a/CVE-2024/CVE-2024-291xx/CVE-2024-29157.json +++ b/CVE-2024/CVE-2024-291xx/CVE-2024-29157.json @@ -2,8 +2,8 @@ "id": "CVE-2024-29157", "sourceIdentifier": "cve@mitre.org", "published": "2024-05-14T15:15:31.520", - "lastModified": "2024-11-21T09:07:40.563", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T12:23:04.440", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,14 +51,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:hdfgroup:hdf5:*:*:*:*:*:*:*:*", + "versionEndIncluding": "1.14.3", + "matchCriteriaId": "53420B35-24B5-4D49-BD11-A243854D445B" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking" + ] }, { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Issue Tracking" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-291xx/CVE-2024-29158.json b/CVE-2024/CVE-2024-291xx/CVE-2024-29158.json index 5c7caae0515..fe2be4acf08 100644 --- a/CVE-2024/CVE-2024-291xx/CVE-2024-29158.json +++ b/CVE-2024/CVE-2024-291xx/CVE-2024-29158.json @@ -2,8 +2,8 @@ "id": "CVE-2024-29158", "sourceIdentifier": "cve@mitre.org", "published": "2024-05-14T15:15:31.730", - "lastModified": "2024-11-21T09:07:40.790", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T14:28:33.197", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,14 +51,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:hdfgroup:hdf5:*:*:*:*:*:*:*:*", + "versionEndIncluding": "1.14.3", + "matchCriteriaId": "53420B35-24B5-4D49-BD11-A243854D445B" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] }, { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-291xx/CVE-2024-29159.json b/CVE-2024/CVE-2024-291xx/CVE-2024-29159.json index 1260efed315..6aae31fbe42 100644 --- a/CVE-2024/CVE-2024-291xx/CVE-2024-29159.json +++ b/CVE-2024/CVE-2024-291xx/CVE-2024-29159.json @@ -2,8 +2,8 @@ "id": "CVE-2024-29159", "sourceIdentifier": "cve@mitre.org", "published": "2024-05-14T15:15:32.000", - "lastModified": "2024-11-21T09:07:41.017", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T14:29:09.610", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,14 +51,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:hdfgroup:hdf5:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.14.4", + "matchCriteriaId": "6110F965-9503-40E6-B681-CE1064B09C49" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] }, { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-291xx/CVE-2024-29160.json b/CVE-2024/CVE-2024-291xx/CVE-2024-29160.json index 6a316d8d059..7f427b1a37e 100644 --- a/CVE-2024/CVE-2024-291xx/CVE-2024-29160.json +++ b/CVE-2024/CVE-2024-291xx/CVE-2024-29160.json @@ -2,8 +2,8 @@ "id": "CVE-2024-29160", "sourceIdentifier": "cve@mitre.org", "published": "2024-05-14T15:15:32.213", - "lastModified": "2024-11-21T09:07:41.243", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T14:30:35.120", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,14 +51,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:hdfgroup:hdf5:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.14.4", + "matchCriteriaId": "6110F965-9503-40E6-B681-CE1064B09C49" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] }, { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-291xx/CVE-2024-29161.json b/CVE-2024/CVE-2024-291xx/CVE-2024-29161.json index a766a8c3a19..a7df14c95ff 100644 --- a/CVE-2024/CVE-2024-291xx/CVE-2024-29161.json +++ b/CVE-2024/CVE-2024-291xx/CVE-2024-29161.json @@ -2,8 +2,8 @@ "id": "CVE-2024-29161", "sourceIdentifier": "cve@mitre.org", "published": "2024-05-14T15:15:32.390", - "lastModified": "2024-11-21T09:07:41.483", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T14:30:53.167", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,14 +51,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:hdfgroup:hdf5:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.14.4", + "matchCriteriaId": "6110F965-9503-40E6-B681-CE1064B09C49" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] }, { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-291xx/CVE-2024-29162.json b/CVE-2024/CVE-2024-291xx/CVE-2024-29162.json index e0e69f38194..52f158cd368 100644 --- a/CVE-2024/CVE-2024-291xx/CVE-2024-29162.json +++ b/CVE-2024/CVE-2024-291xx/CVE-2024-29162.json @@ -2,8 +2,8 @@ "id": "CVE-2024-29162", "sourceIdentifier": "cve@mitre.org", "published": "2024-05-14T15:15:32.590", - "lastModified": "2024-11-21T09:07:41.700", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T14:27:23.400", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,14 +51,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:hdfgroup:hdf5:*:*:*:*:*:*:*:*", + "versionEndIncluding": "1.14.3", + "matchCriteriaId": "53420B35-24B5-4D49-BD11-A243854D445B" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] }, { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-291xx/CVE-2024-29163.json b/CVE-2024/CVE-2024-291xx/CVE-2024-29163.json index 689d29c704e..9a671b1a0e3 100644 --- a/CVE-2024/CVE-2024-291xx/CVE-2024-29163.json +++ b/CVE-2024/CVE-2024-291xx/CVE-2024-29163.json @@ -2,8 +2,8 @@ "id": "CVE-2024-29163", "sourceIdentifier": "cve@mitre.org", "published": "2024-05-14T15:15:32.803", - "lastModified": "2024-11-21T09:07:41.917", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T14:27:15.743", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,14 +51,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:hdfgroup:hdf5:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.14.4", + "matchCriteriaId": "6110F965-9503-40E6-B681-CE1064B09C49" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] }, { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-291xx/CVE-2024-29164.json b/CVE-2024/CVE-2024-291xx/CVE-2024-29164.json index f83be649a41..1d968e62c42 100644 --- a/CVE-2024/CVE-2024-291xx/CVE-2024-29164.json +++ b/CVE-2024/CVE-2024-291xx/CVE-2024-29164.json @@ -2,8 +2,8 @@ "id": "CVE-2024-29164", "sourceIdentifier": "cve@mitre.org", "published": "2024-05-14T15:15:33.100", - "lastModified": "2024-11-21T09:07:42.130", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T14:26:23.240", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,14 +51,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:hdfgroup:hdf5:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.14.4", + "matchCriteriaId": "6110F965-9503-40E6-B681-CE1064B09C49" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking" + ] }, { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Issue Tracking" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-291xx/CVE-2024-29165.json b/CVE-2024/CVE-2024-291xx/CVE-2024-29165.json index 0470121ffdd..c2a9fcaf54c 100644 --- a/CVE-2024/CVE-2024-291xx/CVE-2024-29165.json +++ b/CVE-2024/CVE-2024-291xx/CVE-2024-29165.json @@ -2,8 +2,8 @@ "id": "CVE-2024-29165", "sourceIdentifier": "cve@mitre.org", "published": "2024-05-14T15:15:33.297", - "lastModified": "2024-11-21T09:07:42.350", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T14:32:30.070", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,14 +51,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:hdfgroup:hdf5:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.14.4", + "matchCriteriaId": "6110F965-9503-40E6-B681-CE1064B09C49" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] }, { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-291xx/CVE-2024-29166.json b/CVE-2024/CVE-2024-291xx/CVE-2024-29166.json index ff602077e6c..f259c68bb36 100644 --- a/CVE-2024/CVE-2024-291xx/CVE-2024-29166.json +++ b/CVE-2024/CVE-2024-291xx/CVE-2024-29166.json @@ -2,8 +2,8 @@ "id": "CVE-2024-29166", "sourceIdentifier": "cve@mitre.org", "published": "2024-05-14T15:15:33.513", - "lastModified": "2024-11-25T18:15:10.983", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T14:34:27.630", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,14 +51,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:hdfgroup:hdf5:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.14.4", + "matchCriteriaId": "6110F965-9503-40E6-B681-CE1064B09C49" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] }, { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-306xx/CVE-2024-30616.json b/CVE-2024/CVE-2024-306xx/CVE-2024-30616.json index 0f946411fe2..d6376a12c1d 100644 --- a/CVE-2024/CVE-2024-306xx/CVE-2024-30616.json +++ b/CVE-2024/CVE-2024-306xx/CVE-2024-30616.json @@ -2,8 +2,8 @@ "id": "CVE-2024-30616", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-04T19:15:06.193", - "lastModified": "2024-11-05T19:36:11.770", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T13:39:57.523", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,14 +51,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:chamilo:chamilo_lms:1.11.26:-:*:*:*:*:*:*", + "matchCriteriaId": "F6EF3CB4-D8FF-4BFF-9AE5-EBDBEFCEE00A" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/bahadoumi/Vulnerability-Research/tree/main/CVE-2024-30616", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://github.com/chamilo/chamilo-lms/commit/a1a1e4df70dc65ae4fc7857135f4d3ee185548e7", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-306xx/CVE-2024-30617.json b/CVE-2024/CVE-2024-306xx/CVE-2024-30617.json index e09f521ef7c..ef08c7a3637 100644 --- a/CVE-2024/CVE-2024-306xx/CVE-2024-30617.json +++ b/CVE-2024/CVE-2024-306xx/CVE-2024-30617.json @@ -2,8 +2,8 @@ "id": "CVE-2024-30617", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-04T19:15:06.277", - "lastModified": "2024-11-05T19:36:12.623", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T13:55:07.440", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,14 +51,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:chamilo:chamilo_lms:1.11.26:-:*:*:*:*:*:*", + "matchCriteriaId": "F6EF3CB4-D8FF-4BFF-9AE5-EBDBEFCEE00A" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/bahadoumi/Vulnerability-Research/tree/main/CVE-2024-30617", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://github.com/chamilo/chamilo-lms/commit/7a0e10cccc92eadae9403925f995b0a8d2d1305e", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-306xx/CVE-2024-30618.json b/CVE-2024/CVE-2024-306xx/CVE-2024-30618.json index 181a1a8e215..fcfd47d4ff5 100644 --- a/CVE-2024/CVE-2024-306xx/CVE-2024-30618.json +++ b/CVE-2024/CVE-2024-306xx/CVE-2024-30618.json @@ -2,8 +2,8 @@ "id": "CVE-2024-30618", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-04T19:15:06.360", - "lastModified": "2024-11-05T18:35:07.490", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T13:54:12.313", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,14 +51,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:chamilo:chamilo_lms:1.11.26:-:*:*:*:*:*:*", + "matchCriteriaId": "F6EF3CB4-D8FF-4BFF-9AE5-EBDBEFCEE00A" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/bahadoumi/Vulnerability-Research/tree/main/CVE-2024-30618", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://github.com/chamilo/chamilo-lms/commit/3b98682199049ebfb170ace16ada9a7c8e9a6622", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-306xx/CVE-2024-30619.json b/CVE-2024/CVE-2024-306xx/CVE-2024-30619.json index 72feaf0e08c..24940b934ae 100644 --- a/CVE-2024/CVE-2024-306xx/CVE-2024-30619.json +++ b/CVE-2024/CVE-2024-306xx/CVE-2024-30619.json @@ -2,8 +2,8 @@ "id": "CVE-2024-30619", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-04T19:15:06.440", - "lastModified": "2024-11-05T18:35:08.357", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T13:52:46.940", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -39,14 +39,49 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:chamilo:chamilo_lms:1.11.26:-:*:*:*:*:*:*", + "matchCriteriaId": "F6EF3CB4-D8FF-4BFF-9AE5-EBDBEFCEE00A" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/bahadoumi/Vulnerability-Research/tree/main/CVE-2024-30619", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://github.com/chamilo/chamilo-lms/commit/bef68ffe0552cd25b0ef760e582e1188f0f6bf4b", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-326xx/CVE-2024-32605.json b/CVE-2024/CVE-2024-326xx/CVE-2024-32605.json index 55d4a6c8a1d..807c15d1792 100644 --- a/CVE-2024/CVE-2024-326xx/CVE-2024-32605.json +++ b/CVE-2024/CVE-2024-326xx/CVE-2024-32605.json @@ -2,8 +2,8 @@ "id": "CVE-2024-32605", "sourceIdentifier": "cve@mitre.org", "published": "2024-05-14T15:36:45.230", - "lastModified": "2024-11-21T09:15:17.127", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T14:34:24.497", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,14 +51,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:hdfgroup:hdf5:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.14.4", + "matchCriteriaId": "6110F965-9503-40E6-B681-CE1064B09C49" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] }, { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-326xx/CVE-2024-32606.json b/CVE-2024/CVE-2024-326xx/CVE-2024-32606.json index 820eb0bba4a..2b7ea69f1e9 100644 --- a/CVE-2024/CVE-2024-326xx/CVE-2024-32606.json +++ b/CVE-2024/CVE-2024-326xx/CVE-2024-32606.json @@ -2,8 +2,8 @@ "id": "CVE-2024-32606", "sourceIdentifier": "cve@mitre.org", "published": "2024-05-14T15:36:45.400", - "lastModified": "2024-11-25T21:15:14.300", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T14:34:21.187", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,14 +51,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:hdfgroup:hdf5:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.14.4", + "matchCriteriaId": "6110F965-9503-40E6-B681-CE1064B09C49" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] }, { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-326xx/CVE-2024-32607.json b/CVE-2024/CVE-2024-326xx/CVE-2024-32607.json index 6838ecb9a15..8e14ab3790f 100644 --- a/CVE-2024/CVE-2024-326xx/CVE-2024-32607.json +++ b/CVE-2024/CVE-2024-326xx/CVE-2024-32607.json @@ -2,8 +2,8 @@ "id": "CVE-2024-32607", "sourceIdentifier": "cve@mitre.org", "published": "2024-05-14T15:36:45.547", - "lastModified": "2024-11-21T09:15:17.543", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T14:34:18.547", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,14 +51,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:hdfgroup:hdf5:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.14.4", + "matchCriteriaId": "6110F965-9503-40E6-B681-CE1064B09C49" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] }, { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-326xx/CVE-2024-32609.json b/CVE-2024/CVE-2024-326xx/CVE-2024-32609.json index cfbc11983da..a236e0c3913 100644 --- a/CVE-2024/CVE-2024-326xx/CVE-2024-32609.json +++ b/CVE-2024/CVE-2024-326xx/CVE-2024-32609.json @@ -2,8 +2,8 @@ "id": "CVE-2024-32609", "sourceIdentifier": "cve@mitre.org", "published": "2024-05-14T15:36:45.683", - "lastModified": "2024-11-21T09:15:17.877", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T14:34:16.163", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,14 +51,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:hdfgroup:hdf5:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.14.4", + "matchCriteriaId": "6110F965-9503-40E6-B681-CE1064B09C49" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] }, { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-326xx/CVE-2024-32610.json b/CVE-2024/CVE-2024-326xx/CVE-2024-32610.json index 0f123fef8f4..637f66d6524 100644 --- a/CVE-2024/CVE-2024-326xx/CVE-2024-32610.json +++ b/CVE-2024/CVE-2024-326xx/CVE-2024-32610.json @@ -2,8 +2,8 @@ "id": "CVE-2024-32610", "sourceIdentifier": "cve@mitre.org", "published": "2024-05-14T15:36:45.893", - "lastModified": "2024-12-03T16:15:21.880", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T14:34:13.157", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,14 +51,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:hdfgroup:hdf5:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.14.4", + "matchCriteriaId": "6110F965-9503-40E6-B681-CE1064B09C49" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] }, { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-326xx/CVE-2024-32611.json b/CVE-2024/CVE-2024-326xx/CVE-2024-32611.json index 0057707625d..fc1f9a9555b 100644 --- a/CVE-2024/CVE-2024-326xx/CVE-2024-32611.json +++ b/CVE-2024/CVE-2024-326xx/CVE-2024-32611.json @@ -2,8 +2,8 @@ "id": "CVE-2024-32611", "sourceIdentifier": "cve@mitre.org", "published": "2024-05-14T15:36:46.153", - "lastModified": "2024-11-21T09:15:18.237", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T14:34:09.710", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -40,6 +40,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-908" + } + ] + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", @@ -51,14 +61,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:hdfgroup:hdf5:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.14.4", + "matchCriteriaId": "6110F965-9503-40E6-B681-CE1064B09C49" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] }, { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-326xx/CVE-2024-32612.json b/CVE-2024/CVE-2024-326xx/CVE-2024-32612.json index 1835c313109..ac23befbbf1 100644 --- a/CVE-2024/CVE-2024-326xx/CVE-2024-32612.json +++ b/CVE-2024/CVE-2024-326xx/CVE-2024-32612.json @@ -2,8 +2,8 @@ "id": "CVE-2024-32612", "sourceIdentifier": "cve@mitre.org", "published": "2024-05-14T15:36:46.267", - "lastModified": "2024-11-21T09:15:18.473", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T14:34:07.413", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,14 +51,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:hdfgroup:hdf5:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.14.4", + "matchCriteriaId": "6110F965-9503-40E6-B681-CE1064B09C49" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] }, { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-326xx/CVE-2024-32613.json b/CVE-2024/CVE-2024-326xx/CVE-2024-32613.json index aa10106be89..38155598afb 100644 --- a/CVE-2024/CVE-2024-326xx/CVE-2024-32613.json +++ b/CVE-2024/CVE-2024-326xx/CVE-2024-32613.json @@ -2,8 +2,8 @@ "id": "CVE-2024-32613", "sourceIdentifier": "cve@mitre.org", "published": "2024-05-14T15:36:46.383", - "lastModified": "2024-11-21T09:15:18.703", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T14:34:04.750", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,14 +51,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:hdfgroup:hdf5:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.14.4", + "matchCriteriaId": "6110F965-9503-40E6-B681-CE1064B09C49" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] }, { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-326xx/CVE-2024-32614.json b/CVE-2024/CVE-2024-326xx/CVE-2024-32614.json index 718f1d0b63b..6c7448903ab 100644 --- a/CVE-2024/CVE-2024-326xx/CVE-2024-32614.json +++ b/CVE-2024/CVE-2024-326xx/CVE-2024-32614.json @@ -2,8 +2,8 @@ "id": "CVE-2024-32614", "sourceIdentifier": "cve@mitre.org", "published": "2024-05-14T15:36:46.507", - "lastModified": "2024-11-21T09:15:18.960", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T14:34:01.113", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,14 +51,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:hdfgroup:hdf5:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.14.4", + "matchCriteriaId": "6110F965-9503-40E6-B681-CE1064B09C49" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] }, { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-326xx/CVE-2024-32615.json b/CVE-2024/CVE-2024-326xx/CVE-2024-32615.json index 1015dc2e576..4d9363025a3 100644 --- a/CVE-2024/CVE-2024-326xx/CVE-2024-32615.json +++ b/CVE-2024/CVE-2024-326xx/CVE-2024-32615.json @@ -2,8 +2,8 @@ "id": "CVE-2024-32615", "sourceIdentifier": "cve@mitre.org", "published": "2024-05-14T15:36:46.620", - "lastModified": "2024-11-21T09:15:19.207", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T14:33:56.717", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,18 +51,47 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:hdfgroup:hdf5:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.14.4", + "matchCriteriaId": "6110F965-9503-40E6-B681-CE1064B09C49" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] }, { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] }, { "url": "https://github.com/HDFGroup/cve_hdf5/blob/main/CVE_list.md", - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-326xx/CVE-2024-32616.json b/CVE-2024/CVE-2024-326xx/CVE-2024-32616.json index d1b52953003..5b3d0cd7b9f 100644 --- a/CVE-2024/CVE-2024-326xx/CVE-2024-32616.json +++ b/CVE-2024/CVE-2024-326xx/CVE-2024-32616.json @@ -2,8 +2,8 @@ "id": "CVE-2024-32616", "sourceIdentifier": "cve@mitre.org", "published": "2024-05-14T15:36:46.753", - "lastModified": "2024-11-21T09:15:19.470", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T14:33:53.630", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,14 +51,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:hdfgroup:hdf5:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.14.4", + "matchCriteriaId": "6110F965-9503-40E6-B681-CE1064B09C49" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] }, { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-326xx/CVE-2024-32617.json b/CVE-2024/CVE-2024-326xx/CVE-2024-32617.json index 7cb63a0cc93..ff89fd47012 100644 --- a/CVE-2024/CVE-2024-326xx/CVE-2024-32617.json +++ b/CVE-2024/CVE-2024-326xx/CVE-2024-32617.json @@ -2,8 +2,8 @@ "id": "CVE-2024-32617", "sourceIdentifier": "cve@mitre.org", "published": "2024-05-14T15:36:46.893", - "lastModified": "2024-11-21T09:15:19.697", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T14:33:50.773", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,14 +51,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:hdfgroup:hdf5:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.14.4", + "matchCriteriaId": "6110F965-9503-40E6-B681-CE1064B09C49" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] }, { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-326xx/CVE-2024-32618.json b/CVE-2024/CVE-2024-326xx/CVE-2024-32618.json index e4eee3360bf..351e1400125 100644 --- a/CVE-2024/CVE-2024-326xx/CVE-2024-32618.json +++ b/CVE-2024/CVE-2024-326xx/CVE-2024-32618.json @@ -2,8 +2,8 @@ "id": "CVE-2024-32618", "sourceIdentifier": "cve@mitre.org", "published": "2024-05-14T15:36:47.230", - "lastModified": "2024-11-21T09:15:19.923", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T14:33:47.647", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,14 +51,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:hdfgroup:hdf5:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.14.4", + "matchCriteriaId": "6110F965-9503-40E6-B681-CE1064B09C49" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] }, { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-326xx/CVE-2024-32619.json b/CVE-2024/CVE-2024-326xx/CVE-2024-32619.json index e710bd470fc..e2690251866 100644 --- a/CVE-2024/CVE-2024-326xx/CVE-2024-32619.json +++ b/CVE-2024/CVE-2024-326xx/CVE-2024-32619.json @@ -2,8 +2,8 @@ "id": "CVE-2024-32619", "sourceIdentifier": "cve@mitre.org", "published": "2024-05-14T15:36:47.453", - "lastModified": "2024-11-21T09:15:20.170", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T14:35:28.853", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,14 +51,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:hdfgroup:hdf5:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.14.4", + "matchCriteriaId": "6110F965-9503-40E6-B681-CE1064B09C49" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] }, { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-326xx/CVE-2024-32620.json b/CVE-2024/CVE-2024-326xx/CVE-2024-32620.json index 34726826868..b029516aa36 100644 --- a/CVE-2024/CVE-2024-326xx/CVE-2024-32620.json +++ b/CVE-2024/CVE-2024-326xx/CVE-2024-32620.json @@ -2,8 +2,8 @@ "id": "CVE-2024-32620", "sourceIdentifier": "cve@mitre.org", "published": "2024-05-14T15:36:47.570", - "lastModified": "2024-11-21T09:15:20.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T14:35:25.327", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,14 +51,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:hdfgroup:hdf5:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.14.4", + "matchCriteriaId": "6110F965-9503-40E6-B681-CE1064B09C49" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] }, { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-326xx/CVE-2024-32621.json b/CVE-2024/CVE-2024-326xx/CVE-2024-32621.json index 395e833d4a4..0a12cc1d633 100644 --- a/CVE-2024/CVE-2024-326xx/CVE-2024-32621.json +++ b/CVE-2024/CVE-2024-326xx/CVE-2024-32621.json @@ -2,8 +2,8 @@ "id": "CVE-2024-32621", "sourceIdentifier": "cve@mitre.org", "published": "2024-05-14T15:36:47.690", - "lastModified": "2024-11-21T09:15:20.637", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T14:35:22.260", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,14 +51,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:hdfgroup:hdf5:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.14.4", + "matchCriteriaId": "6110F965-9503-40E6-B681-CE1064B09C49" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] }, { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-326xx/CVE-2024-32622.json b/CVE-2024/CVE-2024-326xx/CVE-2024-32622.json index 7fa8ceeb5f7..60d12676bf9 100644 --- a/CVE-2024/CVE-2024-326xx/CVE-2024-32622.json +++ b/CVE-2024/CVE-2024-326xx/CVE-2024-32622.json @@ -2,8 +2,8 @@ "id": "CVE-2024-32622", "sourceIdentifier": "cve@mitre.org", "published": "2024-05-14T15:36:47.797", - "lastModified": "2024-11-21T09:15:20.887", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T14:35:19.817", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,14 +51,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:hdfgroup:hdf5:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.14.4", + "matchCriteriaId": "6110F965-9503-40E6-B681-CE1064B09C49" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] }, { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-326xx/CVE-2024-32623.json b/CVE-2024/CVE-2024-326xx/CVE-2024-32623.json index 11e94964383..042cdbca67a 100644 --- a/CVE-2024/CVE-2024-326xx/CVE-2024-32623.json +++ b/CVE-2024/CVE-2024-326xx/CVE-2024-32623.json @@ -2,8 +2,8 @@ "id": "CVE-2024-32623", "sourceIdentifier": "cve@mitre.org", "published": "2024-05-14T15:36:47.943", - "lastModified": "2024-11-21T09:15:21.130", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T14:35:17.307", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,14 +51,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:hdfgroup:hdf5:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.14.4", + "matchCriteriaId": "6110F965-9503-40E6-B681-CE1064B09C49" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] }, { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-326xx/CVE-2024-32624.json b/CVE-2024/CVE-2024-326xx/CVE-2024-32624.json index c30f09434db..9060fcdcd8f 100644 --- a/CVE-2024/CVE-2024-326xx/CVE-2024-32624.json +++ b/CVE-2024/CVE-2024-326xx/CVE-2024-32624.json @@ -2,8 +2,8 @@ "id": "CVE-2024-32624", "sourceIdentifier": "cve@mitre.org", "published": "2024-05-14T15:36:48.213", - "lastModified": "2024-11-21T09:15:21.333", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T14:35:14.760", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,14 +51,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:hdfgroup:hdf5:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.14.4", + "matchCriteriaId": "6110F965-9503-40E6-B681-CE1064B09C49" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] }, { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-338xx/CVE-2024-33856.json b/CVE-2024/CVE-2024-338xx/CVE-2024-33856.json index f624cfb3058..6a8ba121726 100644 --- a/CVE-2024/CVE-2024-338xx/CVE-2024-33856.json +++ b/CVE-2024/CVE-2024-338xx/CVE-2024-33856.json @@ -2,8 +2,8 @@ "id": "CVE-2024-33856", "sourceIdentifier": "cve@mitre.org", "published": "2024-05-07T16:15:08.010", - "lastModified": "2024-11-21T09:17:35.843", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T12:39:50.870", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,22 +51,52 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:logpoint:siem:*:*:*:*:*:*:*:*", + "versionEndExcluding": "7.4.0", + "matchCriteriaId": "38961EE7-E2D5-40AC-B736-C3CA4D5F4953" + } + ] + } + ] + } + ], "references": [ { "url": "https://servicedesk.logpoint.com/hc/en-us/articles/18533583876253-Username-enumeration-using-the-forget-password-endpoint", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://servicedesk.logpoint.com/hc/en-us/categories/200832975-Knowledge-Center", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] }, { "url": "https://servicedesk.logpoint.com/hc/en-us/articles/18533583876253-Username-enumeration-using-the-forget-password-endpoint", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://servicedesk.logpoint.com/hc/en-us/categories/200832975-Knowledge-Center", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-338xx/CVE-2024-33857.json b/CVE-2024/CVE-2024-338xx/CVE-2024-33857.json index 881e58fa386..e6e7493ec17 100644 --- a/CVE-2024/CVE-2024-338xx/CVE-2024-33857.json +++ b/CVE-2024/CVE-2024-338xx/CVE-2024-33857.json @@ -2,8 +2,8 @@ "id": "CVE-2024-33857", "sourceIdentifier": "cve@mitre.org", "published": "2024-05-07T16:15:08.080", - "lastModified": "2024-11-21T09:17:36.067", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T12:39:11.777", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,22 +51,52 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:logpoint:siem:*:*:*:*:*:*:*:*", + "versionEndExcluding": "7.4.0", + "matchCriteriaId": "38961EE7-E2D5-40AC-B736-C3CA4D5F4953" + } + ] + } + ] + } + ], "references": [ { "url": "https://servicedesk.logpoint.com/hc/en-us/articles/18533639896093-Server-Side-Request-Forgery-SSRF-on-Threat-Intelligence", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://servicedesk.logpoint.com/hc/en-us/categories/200832975-Knowledge-Center", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] }, { "url": "https://servicedesk.logpoint.com/hc/en-us/articles/18533639896093-Server-Side-Request-Forgery-SSRF-on-Threat-Intelligence", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://servicedesk.logpoint.com/hc/en-us/categories/200832975-Knowledge-Center", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-338xx/CVE-2024-33858.json b/CVE-2024/CVE-2024-338xx/CVE-2024-33858.json index 15eef9ba9ca..bce84610cab 100644 --- a/CVE-2024/CVE-2024-338xx/CVE-2024-33858.json +++ b/CVE-2024/CVE-2024-338xx/CVE-2024-33858.json @@ -2,8 +2,8 @@ "id": "CVE-2024-33858", "sourceIdentifier": "cve@mitre.org", "published": "2024-05-07T16:15:08.147", - "lastModified": "2024-11-21T20:15:41.053", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T12:38:04.987", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,22 +51,52 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:logpoint:siem:*:*:*:*:*:*:*:*", + "versionEndExcluding": "7.4.0", + "matchCriteriaId": "38961EE7-E2D5-40AC-B736-C3CA4D5F4953" + } + ] + } + ] + } + ], "references": [ { "url": "https://servicedesk.logpoint.com/hc/en-us/articles/18533668045725-Path-Injection-on-Enrichment-Sources-leading-to-arbitrary-file-write-in-tmp-folder", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.logpoint.com/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] }, { "url": "https://servicedesk.logpoint.com/hc/en-us/articles/18533668045725-Path-Injection-on-Enrichment-Sources-leading-to-arbitrary-file-write-in-tmp-folder", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.logpoint.com/", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-338xx/CVE-2024-33859.json b/CVE-2024/CVE-2024-338xx/CVE-2024-33859.json index 567b2787873..d3297a2c58f 100644 --- a/CVE-2024/CVE-2024-338xx/CVE-2024-33859.json +++ b/CVE-2024/CVE-2024-338xx/CVE-2024-33859.json @@ -2,8 +2,8 @@ "id": "CVE-2024-33859", "sourceIdentifier": "cve@mitre.org", "published": "2024-05-07T17:15:09.200", - "lastModified": "2024-11-21T09:17:36.450", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T12:35:55.773", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,22 +51,52 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:logpoint:siem:*:*:*:*:*:*:*:*", + "versionEndExcluding": "7.4.0", + "matchCriteriaId": "38961EE7-E2D5-40AC-B736-C3CA4D5F4953" + } + ] + } + ] + } + ], "references": [ { "url": "https://servicedesk.logpoint.com/hc/en-us/articles/18533927651357-XSS-in-Interesting-Fields-in-Logpoint-Web-UI", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.logpoint.com/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] }, { "url": "https://servicedesk.logpoint.com/hc/en-us/articles/18533927651357-XSS-in-Interesting-Fields-in-Logpoint-Web-UI", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.logpoint.com/", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-338xx/CVE-2024-33860.json b/CVE-2024/CVE-2024-338xx/CVE-2024-33860.json index fb5d6053a8f..6780b1d362d 100644 --- a/CVE-2024/CVE-2024-338xx/CVE-2024-33860.json +++ b/CVE-2024/CVE-2024-338xx/CVE-2024-33860.json @@ -2,8 +2,8 @@ "id": "CVE-2024-33860", "sourceIdentifier": "cve@mitre.org", "published": "2024-05-07T17:15:09.257", - "lastModified": "2024-11-21T09:17:36.627", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T12:32:57.393", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,22 +51,52 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:logpoint:siem:*:*:*:*:*:*:*:*", + "versionEndExcluding": "7.4.0", + "matchCriteriaId": "38961EE7-E2D5-40AC-B736-C3CA4D5F4953" + } + ] + } + ] + } + ], "references": [ { "url": "https://logpoint.com", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] }, { "url": "https://servicedesk.logpoint.com/hc/en-us/articles/18533986803741-Local-File-Inclusion-in-File-System-Collector", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://logpoint.com", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Product" + ] }, { "url": "https://servicedesk.logpoint.com/hc/en-us/articles/18533986803741-Local-File-Inclusion-in-File-System-Collector", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-338xx/CVE-2024-33873.json b/CVE-2024/CVE-2024-338xx/CVE-2024-33873.json index 90c028a7d21..127abb0cfc0 100644 --- a/CVE-2024/CVE-2024-338xx/CVE-2024-33873.json +++ b/CVE-2024/CVE-2024-338xx/CVE-2024-33873.json @@ -2,8 +2,8 @@ "id": "CVE-2024-33873", "sourceIdentifier": "cve@mitre.org", "published": "2024-05-14T15:38:09.727", - "lastModified": "2024-11-21T09:17:38.887", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T14:35:11.893", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,14 +51,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:hdfgroup:hdf5:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.14.4", + "matchCriteriaId": "6110F965-9503-40E6-B681-CE1064B09C49" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] }, { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-338xx/CVE-2024-33874.json b/CVE-2024/CVE-2024-338xx/CVE-2024-33874.json index 9b49fb5abf8..c88a2f8d189 100644 --- a/CVE-2024/CVE-2024-338xx/CVE-2024-33874.json +++ b/CVE-2024/CVE-2024-338xx/CVE-2024-33874.json @@ -2,8 +2,8 @@ "id": "CVE-2024-33874", "sourceIdentifier": "cve@mitre.org", "published": "2024-05-14T15:38:09.980", - "lastModified": "2024-11-21T09:17:39.070", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T14:35:09.187", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,14 +51,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:hdfgroup:hdf5:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.14.4", + "matchCriteriaId": "6110F965-9503-40E6-B681-CE1064B09C49" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] }, { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-338xx/CVE-2024-33875.json b/CVE-2024/CVE-2024-338xx/CVE-2024-33875.json index fb39127da20..211c82d12e6 100644 --- a/CVE-2024/CVE-2024-338xx/CVE-2024-33875.json +++ b/CVE-2024/CVE-2024-338xx/CVE-2024-33875.json @@ -2,8 +2,8 @@ "id": "CVE-2024-33875", "sourceIdentifier": "cve@mitre.org", "published": "2024-05-14T15:38:10.110", - "lastModified": "2024-11-21T09:17:39.290", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T14:35:07.087", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,14 +51,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:hdfgroup:hdf5:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.14.4", + "matchCriteriaId": "6110F965-9503-40E6-B681-CE1064B09C49" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] }, { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-338xx/CVE-2024-33876.json b/CVE-2024/CVE-2024-338xx/CVE-2024-33876.json index 2619ebbde9a..bba42ef4a2e 100644 --- a/CVE-2024/CVE-2024-338xx/CVE-2024-33876.json +++ b/CVE-2024/CVE-2024-338xx/CVE-2024-33876.json @@ -2,8 +2,8 @@ "id": "CVE-2024-33876", "sourceIdentifier": "cve@mitre.org", "published": "2024-05-14T15:38:10.250", - "lastModified": "2024-11-25T18:15:11.537", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T14:35:04.110", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,14 +51,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:hdfgroup:hdf5:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.14.4", + "matchCriteriaId": "6110F965-9503-40E6-B681-CE1064B09C49" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] }, { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-338xx/CVE-2024-33877.json b/CVE-2024/CVE-2024-338xx/CVE-2024-33877.json index f4b495eb5da..78384674e8b 100644 --- a/CVE-2024/CVE-2024-338xx/CVE-2024-33877.json +++ b/CVE-2024/CVE-2024-338xx/CVE-2024-33877.json @@ -2,8 +2,8 @@ "id": "CVE-2024-33877", "sourceIdentifier": "cve@mitre.org", "published": "2024-05-14T15:38:10.513", - "lastModified": "2024-11-21T09:17:39.600", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T14:35:01.750", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,14 +51,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:hdfgroup:hdf5:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.14.4", + "matchCriteriaId": "6110F965-9503-40E6-B681-CE1064B09C49" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] }, { "url": "https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-344xx/CVE-2024-34448.json b/CVE-2024/CVE-2024-344xx/CVE-2024-34448.json index 7cabe715f38..103952adddf 100644 --- a/CVE-2024/CVE-2024-344xx/CVE-2024-34448.json +++ b/CVE-2024/CVE-2024-344xx/CVE-2024-34448.json @@ -2,8 +2,8 @@ "id": "CVE-2024-34448", "sourceIdentifier": "cve@mitre.org", "published": "2024-05-22T16:15:10.580", - "lastModified": "2024-11-21T09:18:41.693", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-04-18T14:48:08.530", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,14 +51,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ghost:ghost:*:*:*:*:*:node.js:*:*", + "versionEndExcluding": "5.82.0", + "matchCriteriaId": "12A23757-69EF-419D-8988-204FDFB903B9" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/phulelouch/CVEs/blob/main/CVE-2024-34448.md", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://github.com/phulelouch/CVEs/blob/main/CVE-2024-34448.md", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-37xx/CVE-2024-3755.json b/CVE-2024/CVE-2024-37xx/CVE-2024-3755.json index d4b0f20e03d..5123fb71112 100644 --- a/CVE-2024/CVE-2024-37xx/CVE-2024-3755.json +++ b/CVE-2024/CVE-2024-37xx/CVE-2024-3755.json @@ -2,8 +2,8 @@ "id": "CVE-2024-3755", "sourceIdentifier": "contact@wpscan.com", "published": "2024-05-06T06:15:07.140", - "lastModified": "2024-11-21T18:15:06.730", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T12:55:12.317", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -39,14 +39,52 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mf_gig_calendar_project:mf_gig_calendar:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.2.1", + "matchCriteriaId": "9A95FA02-9E77-43CF-8A55-E9C907928ED7" + } + ] + } + ] + } + ], "references": [ { "url": "https://wpscan.com/vulnerability/d34caeaf-2ecf-44a2-b308-e940bafd402c/", - "source": "contact@wpscan.com" + "source": "contact@wpscan.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://wpscan.com/vulnerability/d34caeaf-2ecf-44a2-b308-e940bafd402c/", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-37xx/CVE-2024-3756.json b/CVE-2024/CVE-2024-37xx/CVE-2024-3756.json index 3f6c2bf999b..9104f99e1b7 100644 --- a/CVE-2024/CVE-2024-37xx/CVE-2024-3756.json +++ b/CVE-2024/CVE-2024-37xx/CVE-2024-3756.json @@ -2,8 +2,8 @@ "id": "CVE-2024-3756", "sourceIdentifier": "contact@wpscan.com", "published": "2024-05-06T06:15:07.197", - "lastModified": "2024-11-21T09:30:19.857", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T12:54:00.033", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -39,14 +39,52 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mf_gig_calendar_project:mf_gig_calendar:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.2.1", + "matchCriteriaId": "9A95FA02-9E77-43CF-8A55-E9C907928ED7" + } + ] + } + ] + } + ], "references": [ { "url": "https://wpscan.com/vulnerability/b28d0dca-2df1-4925-be81-dd9c46859c38/", - "source": "contact@wpscan.com" + "source": "contact@wpscan.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://wpscan.com/vulnerability/b28d0dca-2df1-4925-be81-dd9c46859c38/", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-400xx/CVE-2024-40074.json b/CVE-2024/CVE-2024-400xx/CVE-2024-40074.json index 9f462391128..51e45abdb6d 100644 --- a/CVE-2024/CVE-2024-400xx/CVE-2024-40074.json +++ b/CVE-2024/CVE-2024-400xx/CVE-2024-40074.json @@ -2,8 +2,8 @@ "id": "CVE-2024-40074", "sourceIdentifier": "cve@mitre.org", "published": "2025-04-16T17:15:49.270", - "lastModified": "2025-04-17T20:22:16.240", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T12:15:13.960", + "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [ { @@ -11,11 +11,50 @@ "value": "Sourcecodester Online ID Generator System 1.0 was discovered to contain Stored Cross Site Scripting (XSS) via id_generator/classes/SystemSettings.php?f=update_settings, and the point of vulnerability is in the POST parameter 'short_name'." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 4.8, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], "references": [ { "url": "https://github.com/DiliLearngent/BugReport/blob/main/php/Online-ID-Generator-System/bug1-XSS-short_name.md", "source": "cve@mitre.org" + }, + { + "url": "https://github.com/DiliLearngent/BugReport/blob/main/php/Online-ID-Generator-System/bug1-XSS-short_name.md", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-401xx/CVE-2024-40124.json b/CVE-2024/CVE-2024-401xx/CVE-2024-40124.json index f9194af1e1c..30f9e475992 100644 --- a/CVE-2024/CVE-2024-401xx/CVE-2024-40124.json +++ b/CVE-2024/CVE-2024-401xx/CVE-2024-40124.json @@ -2,7 +2,7 @@ "id": "CVE-2024-40124", "sourceIdentifier": "cve@mitre.org", "published": "2025-04-17T17:15:31.853", - "lastModified": "2025-04-17T20:21:05.203", + "lastModified": "2025-04-18T15:15:53.500", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -11,7 +11,42 @@ "value": "Pydio Core <= 8.2.5 is vulnerable to Cross Site Scripting (XSS) via the New URL Bookmark feature." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], "references": [ { "url": "https://gist.github.com/Xib3rR4dAr/711195d5793bfbb4364dc179ecaae25d", @@ -20,6 +55,10 @@ { "url": "https://pydio.com/en/community/releases/pydio-core/pydio-core-pydio-enterprise-825-hotfix-824", "source": "cve@mitre.org" + }, + { + "url": "https://gist.github.com/Xib3rR4dAr/711195d5793bfbb4364dc179ecaae25d", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-456xx/CVE-2024-45651.json b/CVE-2024/CVE-2024-456xx/CVE-2024-45651.json new file mode 100644 index 00000000000..6c5af099410 --- /dev/null +++ b/CVE-2024/CVE-2024-456xx/CVE-2024-45651.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-45651", + "sourceIdentifier": "psirt@us.ibm.com", + "published": "2025-04-18T11:15:44.940", + "lastModified": "2025-04-18T11:15:44.940", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "IBM Sterling Connect:Direct Web Services 6.1.0, 6.2.0, and 6.3.0 \n\ndoes not invalidate session after a browser closure which could allow an authenticated user to impersonate another user on the system." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@us.ibm.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 6.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@us.ibm.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-613" + } + ] + } + ], + "references": [ + { + "url": "https://www.ibm.com/support/pages/node/7231178", + "source": "psirt@us.ibm.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-460xx/CVE-2024-46089.json b/CVE-2024/CVE-2024-460xx/CVE-2024-46089.json new file mode 100644 index 00000000000..bdde003d8bd --- /dev/null +++ b/CVE-2024/CVE-2024-460xx/CVE-2024-46089.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-46089", + "sourceIdentifier": "cve@mitre.org", + "published": "2025-04-18T13:15:57.320", + "lastModified": "2025-04-18T14:15:20.490", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "74cms <=3.33 is vulnerable to remote code execution (RCE) in the background interface apiadmin." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 6.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-77" + } + ] + } + ], + "references": [ + { + "url": "https://gitee.com/Q16G/laravel_bug/blob/master/74cms.md", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/Q16G/cve_detail/blob/main/74cms/unzipRCE.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-489xx/CVE-2024-48950.json b/CVE-2024/CVE-2024-489xx/CVE-2024-48950.json index 68f478ebe4a..a539235487e 100644 --- a/CVE-2024/CVE-2024-489xx/CVE-2024-48950.json +++ b/CVE-2024/CVE-2024-489xx/CVE-2024-48950.json @@ -2,8 +2,8 @@ "id": "CVE-2024-48950", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-07T17:15:08.373", - "lastModified": "2024-11-08T19:01:03.880", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T13:12:45.667", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,18 +51,45 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:logpoint:siem:*:*:*:*:*:*:*:*", + "versionEndExcluding": "7.5.0", + "matchCriteriaId": "88AD9F8A-98CD-459E-A2C4-404AE1F573ED" + } + ] + } + ] + } + ], "references": [ { "url": "https://docs.logpoint.com/docs/whats-new-in-logpoint/en/latest/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes" + ] }, { "url": "https://servicedesk.logpoint.com/hc/en-us/articles/21968264954525-Authentication-and-CSRF-bypass-leading-to-unauthorized-access", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://servicedesk.logpoint.com/hc/en-us/sections/7201103730845-Product-Security", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-498xx/CVE-2024-49808.json b/CVE-2024/CVE-2024-498xx/CVE-2024-49808.json new file mode 100644 index 00000000000..5faa75d9f16 --- /dev/null +++ b/CVE-2024/CVE-2024-498xx/CVE-2024-49808.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-49808", + "sourceIdentifier": "psirt@us.ibm.com", + "published": "2025-04-18T11:15:45.920", + "lastModified": "2025-04-18T11:15:45.920", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "IBM Sterling Connect:Direct Web Services 6.1.0, 6.2.0, and 6.3.0 could allow an authenticated user to spoof the identity of another user due to improper authorization which could allow the user to bypass access restrictions." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@us.ibm.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 6.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@us.ibm.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-863" + } + ] + } + ], + "references": [ + { + "url": "https://www.ibm.com/support/pages/node/7231180", + "source": "psirt@us.ibm.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-509xx/CVE-2024-50960.json b/CVE-2024/CVE-2024-509xx/CVE-2024-50960.json index 371bdd7ef29..c7f97623bf4 100644 --- a/CVE-2024/CVE-2024-509xx/CVE-2024-50960.json +++ b/CVE-2024/CVE-2024-509xx/CVE-2024-50960.json @@ -2,13 +2,13 @@ "id": "CVE-2024-50960", "sourceIdentifier": "cve@mitre.org", "published": "2025-04-15T18:15:45.263", - "lastModified": "2025-04-16T15:15:52.977", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T14:15:20.650", + "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "A command injection vulnerability in the Nmap diagnostic tool in the admin web console of Extron SMP 111 <=3.01, SMP 351 <=2.16, and SMP 352 <= 2.16 allows a remote authenticated attacker with administrative privileges to execute arbitrary commands as root on the underlying operating system." + "value": "A command injection vulnerability in the Nmap diagnostic tool in the admin web console of Extron SMP 111 <=3.01, SMP 351 <=2.16, SMP 352 <= 2.16, and SME 211 <= 3.02, allows a remote authenticated attacker to execute arbitrary commands as root on the underlying operating system." }, { "lang": "es", diff --git a/CVE-2024/CVE-2024-510xx/CVE-2024-51055.json b/CVE-2024/CVE-2024-510xx/CVE-2024-51055.json index a037ff30934..230928fd195 100644 --- a/CVE-2024/CVE-2024-510xx/CVE-2024-51055.json +++ b/CVE-2024/CVE-2024-510xx/CVE-2024-51055.json @@ -2,8 +2,8 @@ "id": "CVE-2024-51055", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-08T19:15:06.190", - "lastModified": "2024-11-13T16:35:25.810", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T14:38:02.220", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,10 +51,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:hoosk:hoosk:1.7.1:*:*:*:*:*:*:*", + "matchCriteriaId": "911AF63F-5AE6-417B-B3B5-8F62E47BA1E6" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/havok89/Hoosk/issues/66", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory", + "Issue Tracking" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-532xx/CVE-2024-53204.json b/CVE-2024/CVE-2024-532xx/CVE-2024-53204.json index 52d1166317a..b4c90346331 100644 --- a/CVE-2024/CVE-2024-532xx/CVE-2024-53204.json +++ b/CVE-2024/CVE-2024-532xx/CVE-2024-53204.json @@ -2,8 +2,8 @@ "id": "CVE-2024-53204", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-12-27T14:15:28.207", - "lastModified": "2025-01-13T19:51:04.787", - "vulnStatus": "Analyzed", + "lastModified": "2025-04-18T14:15:20.860", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { @@ -78,6 +78,10 @@ } ], "references": [ + { + "url": "https://git.kernel.org/stable/c/258ea41c926b7b3a16d0d7aa210a1401c4a1601b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, { "url": "https://git.kernel.org/stable/c/48d52d3168749e10c1c37cd4ceccd18625851741", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", @@ -98,6 +102,10 @@ "tags": [ "Patch" ] + }, + { + "url": "https://git.kernel.org/stable/c/e27877990e54bfe4246dd850f7ec8646c999ce58", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-532xx/CVE-2024-53205.json b/CVE-2024/CVE-2024-532xx/CVE-2024-53205.json index 1e63cd0df90..9ab30bba21b 100644 --- a/CVE-2024/CVE-2024-532xx/CVE-2024-53205.json +++ b/CVE-2024/CVE-2024-532xx/CVE-2024-53205.json @@ -2,8 +2,8 @@ "id": "CVE-2024-53205", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-12-27T14:15:28.340", - "lastModified": "2025-01-14T15:51:28.677", - "vulnStatus": "Analyzed", + "lastModified": "2025-04-18T14:15:20.987", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { @@ -92,6 +92,14 @@ "Patch" ] }, + { + "url": "https://git.kernel.org/stable/c/7a784bcdd7e54f0599da3b2360e472238412623e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/7e2cde1813418b39b5e95d86e10d6701dccf18af", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, { "url": "https://git.kernel.org/stable/c/fb83c9a08324e37f321ffb400809aa4310387d65", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", diff --git a/CVE-2024/CVE-2024-538xx/CVE-2024-53868.json b/CVE-2024/CVE-2024-538xx/CVE-2024-53868.json index cb09bbc548d..bf700c4135f 100644 --- a/CVE-2024/CVE-2024-538xx/CVE-2024-53868.json +++ b/CVE-2024/CVE-2024-538xx/CVE-2024-53868.json @@ -2,7 +2,7 @@ "id": "CVE-2024-53868", "sourceIdentifier": "security@apache.org", "published": "2025-04-03T09:15:15.780", - "lastModified": "2025-04-07T14:18:34.453", + "lastModified": "2025-04-18T15:15:53.920", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,11 +15,34 @@ "value": "Apache Traffic Server permite el contrabando de solicitudes si los mensajes fragmentados tienen un formato incorrecto. Este problema afecta a Apache Traffic Server: de la 9.2.0 a la 9.2.9 y de la 10.0.0 a la 10.0.4. Se recomienda actualizar a la versi\u00f3n 9.2.10 o 10.0.5, que soluciona el problema." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, "weaknesses": [ { "source": "security@apache.org", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-563xx/CVE-2024-56325.json b/CVE-2024/CVE-2024-563xx/CVE-2024-56325.json index d0bea9aaefc..82056da7264 100644 --- a/CVE-2024/CVE-2024-563xx/CVE-2024-56325.json +++ b/CVE-2024/CVE-2024-563xx/CVE-2024-56325.json @@ -2,7 +2,7 @@ "id": "CVE-2024-56325", "sourceIdentifier": "security@apache.org", "published": "2025-04-01T09:15:15.240", - "lastModified": "2025-04-01T20:26:11.547", + "lastModified": "2025-04-18T15:15:57.637", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,7 +15,30 @@ "value": "Problema de omisi\u00f3n de autenticaci\u00f3n: Si la ruta no contiene / ni contiene., no se requiere autenticaci\u00f3n. Ejemplo de solicitud y respuesta normal esperada: curl -X POST -H \"Content-Type: application/json\" -d {\\\"username\\\":\\\"hack2\\\",\\\"password\\\":\\\"hack\\\",\\\"component\\\":\\\"CONTROLLER\\\",\\\"role\\\":\\\"ADMIN\\\",\\\"tables\\\":[],\\\"permissions\\\":[],\\\"usernameWithComponent\\\":\\\"hack_CONTROLLER\\\"} http://{server_ip}:9000/users. Devuelve: {\"code\":401,\"error\":\"HTTP 401 Unauthorized\"}. Ejemplo de solicitud y respuesta maliciosa: curl -X POST -H \"Content-Type: application/json\" -d '{\\\"username\\\":\\\"hack\\\",\\\"password\\\":\\\"hack\\\",\\\"component\\\":\\\"CONTROLLER\\\",\\\"role\\\":\\\"ADMIN\\\",\\\"tables\\\":[],\\\"permissions\\\":[],\\\"usernameWithComponent\\\":\\\"hack_CONTROLLER\\\"}' http://{serverip}:9000/users; http://{serverip}:9000/users; . Devuelve: {\"users\":{}} Se agrega un nuevo usuario sin autenticaci\u00f3n, lo que le permite controlar Pinot." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, "weaknesses": [ { "source": "security@apache.org", diff --git a/CVE-2024/CVE-2024-567xx/CVE-2024-56705.json b/CVE-2024/CVE-2024-567xx/CVE-2024-56705.json index 83042b3b6b0..163f2e7e409 100644 --- a/CVE-2024/CVE-2024-567xx/CVE-2024-56705.json +++ b/CVE-2024/CVE-2024-567xx/CVE-2024-56705.json @@ -2,7 +2,7 @@ "id": "CVE-2024-56705", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-12-28T10:15:19.043", - "lastModified": "2024-12-28T10:15:19.043", + "lastModified": "2025-04-18T15:15:57.813", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -33,6 +33,10 @@ "url": "https://git.kernel.org/stable/c/4676e50444046b498555b849e6080a5c78cdda9b", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" }, + { + "url": "https://git.kernel.org/stable/c/51b8dc5163d2ff2bf04019f8bf7e3bd0e75bb654", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, { "url": "https://git.kernel.org/stable/c/74aa783682c4d78c69d87898e40c78df1fec204e", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" diff --git a/CVE-2025/CVE-2025-18xx/CVE-2025-1863.json b/CVE-2025/CVE-2025-18xx/CVE-2025-1863.json new file mode 100644 index 00000000000..7f97a22a825 --- /dev/null +++ b/CVE-2025/CVE-2025-18xx/CVE-2025-1863.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-1863", + "sourceIdentifier": "7168b535-132a-4efe-a076-338f829b2eb9", + "published": "2025-04-18T06:15:42.357", + "lastModified": "2025-04-18T06:15:42.357", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Insecure default settings have been found in recorder products provided by Yokogawa Electric Corporation. The default setting of the authentication function is disabled on the affected products. Therefore, when connected to a network with default settings, anyone can access all functions related to settings and operations. As a result, an attacker can illegally manipulate and configure important data such as measured values and settings.\nThis issue affects GX10 / GX20 / GP10 / GP20 Paperless Recorders: R5.04.01 or earlier; GM Data Acquisition System: R5.05.01 or earlier; DX1000 / DX2000 / DX1000N Paperless Recorders: R4.21 or earlier; FX1000 Paperless Recorders: R1.31 or earlier; \u03bcR10000 / \u03bcR20000 Chart Recorders: R1.51 or earlier; MW100 Data Acquisition Units: All versions; DX1000T / DX2000T Paperless Recorders: All versions; CX1000 / CX2000 Paperless Recorders: All versions." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "7168b535-132a-4efe-a076-338f829b2eb9", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "7168b535-132a-4efe-a076-338f829b2eb9", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-1188" + } + ] + } + ], + "references": [ + { + "url": "https://web-material3.yokogawa.com/1/36974/files/YSAR-25-0001-E.pdf", + "source": "7168b535-132a-4efe-a076-338f829b2eb9" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-21xx/CVE-2025-2162.json b/CVE-2025/CVE-2025-21xx/CVE-2025-2162.json new file mode 100644 index 00000000000..b985f29bed8 --- /dev/null +++ b/CVE-2025/CVE-2025-21xx/CVE-2025-2162.json @@ -0,0 +1,48 @@ +{ + "id": "CVE-2025-2162", + "sourceIdentifier": "contact@wpscan.com", + "published": "2025-04-18T06:15:43.593", + "lastModified": "2025-04-18T12:15:15.360", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The MapPress Maps for WordPress plugin before 2.94.10 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 4.8, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://wpscan.com/vulnerability/06063788-7ab8-49cc-9911-1d9926fcf99d/", + "source": "contact@wpscan.com" + }, + { + "url": "https://wpscan.com/vulnerability/06063788-7ab8-49cc-9911-1d9926fcf99d/", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-228xx/CVE-2025-22871.json b/CVE-2025/CVE-2025-228xx/CVE-2025-22871.json index f6544dce6e7..59769e70947 100644 --- a/CVE-2025/CVE-2025-228xx/CVE-2025-22871.json +++ b/CVE-2025/CVE-2025-228xx/CVE-2025-22871.json @@ -2,7 +2,7 @@ "id": "CVE-2025-22871", "sourceIdentifier": "security@golang.org", "published": "2025-04-08T20:15:20.183", - "lastModified": "2025-04-09T20:02:41.860", + "lastModified": "2025-04-18T15:15:57.923", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,7 +15,30 @@ "value": "El paquete net/http acepta incorrectamente un LF simple como terminador de l\u00ednea en l\u00edneas de datos fragmentados. Esto puede permitir el contrabando de solicitudes si se utiliza un servidor net/http junto con un servidor que acepta incorrectamente un LF simple como parte de una extensi\u00f3n fragmentada." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", + "baseScore": 9.1, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.2 + } + ] + }, "references": [ { "url": "https://go.dev/cl/652998", diff --git a/CVE-2025/CVE-2025-240xx/CVE-2025-24054.json b/CVE-2025/CVE-2025-240xx/CVE-2025-24054.json index 4d66aa5ec30..905b9c7073b 100644 --- a/CVE-2025/CVE-2025-240xx/CVE-2025-24054.json +++ b/CVE-2025/CVE-2025-240xx/CVE-2025-24054.json @@ -2,8 +2,8 @@ "id": "CVE-2025-24054", "sourceIdentifier": "secure@microsoft.com", "published": "2025-03-11T17:16:27.660", - "lastModified": "2025-04-18T01:00:02.077", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T14:15:17.677", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -19,7 +19,7 @@ "cvssMetricV31": [ { "source": "secure@microsoft.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", @@ -36,6 +36,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 3.6 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 } ] }, @@ -55,10 +75,178 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.10240.20947", + "matchCriteriaId": "6997DE6E-CBAD-4690-A68C-8F10E477DCC2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.10240.20947", + "matchCriteriaId": "3CBCF6D9-5085-473C-82F5-98BC246A9C4C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.14393.7876", + "matchCriteriaId": "0CF0E174-4692-4AA3-B72E-12E73A1BDBE5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.14393.7876", + "matchCriteriaId": "340EF5F8-D4F5-4AD8-9D80-1DEC2F376BE5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.17763.7009", + "matchCriteriaId": "67C8DCD7-90C4-431F-BD03-FDFDE170E748" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.17763.7009", + "matchCriteriaId": "05169574-28AB-4E42-B3DE-710574BB1AD3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*", + "versionEndExcluding": "10.0.19044.5608", + "matchCriteriaId": "714C0D5E-BE31-45AB-A729-FF55DE59F593" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.19044.5608", + "matchCriteriaId": "0C8B2D45-7059-4FA0-A46C-64A171D287DA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.19044.5608", + "matchCriteriaId": "5569800D-B907-47CC-86D2-EC0118157916" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*", + "versionEndExcluding": "10.0.19045.5608", + "matchCriteriaId": "A84E706C-3A65-4920-8F80-2A684D3CB110" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.19045.5608", + "matchCriteriaId": "ED157557-37C1-4802-8746-B87120BA16FA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.19045.5608", + "matchCriteriaId": "BE8F0EF2-EED3-4791-AE26-D24D97B673D6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:*", + "versionEndExcluding": "10.0.22621.5039", + "matchCriteriaId": "C8949B3E-5847-42F8-A15A-D7515F0EE305" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.22621.5039", + "matchCriteriaId": "84D4F97D-3BA2-4B7A-B650-5772DE49CE97" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*", + "versionEndExcluding": "10.0.22631.5039", + "matchCriteriaId": "82807292-1736-4453-B805-3D471BF94A35" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.22631.5039", + "matchCriteriaId": "E19130AD-ECD6-4FC4-B2C8-AB058BDEF928" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*", + "versionEndExcluding": "10.0.26100.3403", + "matchCriteriaId": "B7ADF37E-1DD3-4539-8922-1E059955FEF1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.26100.3403", + "matchCriteriaId": "E0A74D52-ABC0-4733-B892-F8688B6AEBA7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.14393.7876", + "matchCriteriaId": "C7610CDB-A02B-4C62-B17F-6DCE2B3DE4F0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.7009", + "matchCriteriaId": "D271422D-A29F-4DBF-BF72-BCD90E393A5A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.20348.3270", + "matchCriteriaId": "AAACC9C4-DDC5-4059-AFE3-A49DB2347A86" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.25398.1486", + "matchCriteriaId": "EF423F8C-2E8A-46AB-BB2D-C416BF341F92" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.26100.3403", + "matchCriteriaId": "CF81B44C-8FF7-4C61-9974-3F98DA9D492C" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24054", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-244xx/CVE-2025-24450.json b/CVE-2025/CVE-2025-244xx/CVE-2025-24450.json index 654d2bc6636..8a405656600 100644 --- a/CVE-2025/CVE-2025-244xx/CVE-2025-24450.json +++ b/CVE-2025/CVE-2025-244xx/CVE-2025-24450.json @@ -2,8 +2,8 @@ "id": "CVE-2025-24450", "sourceIdentifier": "psirt@adobe.com", "published": "2025-03-11T18:15:31.840", - "lastModified": "2025-03-11T18:15:31.840", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-04-18T14:52:45.263", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,10 +51,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:substance_3d_painter:*:*:*:*:*:*:*:*", + "versionEndExcluding": "11.0.0", + "matchCriteriaId": "1A722B38-75DB-43B9-979F-096EE9B2A43A" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/substance3d_painter/apsb25-18.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-244xx/CVE-2025-24451.json b/CVE-2025/CVE-2025-244xx/CVE-2025-24451.json index bbdc8b319ee..dbc9e6c8b30 100644 --- a/CVE-2025/CVE-2025-244xx/CVE-2025-24451.json +++ b/CVE-2025/CVE-2025-244xx/CVE-2025-24451.json @@ -2,8 +2,8 @@ "id": "CVE-2025-24451", "sourceIdentifier": "psirt@adobe.com", "published": "2025-03-11T18:15:31.993", - "lastModified": "2025-03-11T18:15:31.993", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-04-18T15:50:28.323", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,10 +51,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:substance_3d_painter:*:*:*:*:*:*:*:*", + "versionEndExcluding": "11.0.0", + "matchCriteriaId": "1A722B38-75DB-43B9-979F-096EE9B2A43A" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/substance3d_painter/apsb25-18.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-24xx/CVE-2025-2492.json b/CVE-2025/CVE-2025-24xx/CVE-2025-2492.json new file mode 100644 index 00000000000..a31851b6070 --- /dev/null +++ b/CVE-2025/CVE-2025-24xx/CVE-2025-2492.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2025-2492", + "sourceIdentifier": "54bf65a7-a193-42d2-b1ba-8e150d3c35e1", + "published": "2025-04-18T09:15:13.823", + "lastModified": "2025-04-18T09:15:13.823", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An improper authentication control vulnerability exists in AiCloud. This vulnerability can be triggered by a crafted request, potentially leading to unauthorized execution of functions.\n\n\nRefer to the 'ASUS Router AiCloud vulnerability' section on the ASUS Security Advisory for more information." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "54bf65a7-a193-42d2-b1ba-8e150d3c35e1", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 9.2, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "PRESENT", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "HIGH", + "vulnIntegrityImpact": "HIGH", + "vulnAvailabilityImpact": "LOW", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "54bf65a7-a193-42d2-b1ba-8e150d3c35e1", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-288" + } + ] + } + ], + "references": [ + { + "url": "https://www.asus.com/content/asus-product-security-advisory/", + "source": "54bf65a7-a193-42d2-b1ba-8e150d3c35e1" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-254xx/CVE-2025-25427.json b/CVE-2025/CVE-2025-254xx/CVE-2025-25427.json index c8f3ba0931a..423a76652dd 100644 --- a/CVE-2025/CVE-2025-254xx/CVE-2025-25427.json +++ b/CVE-2025/CVE-2025-254xx/CVE-2025-25427.json @@ -2,7 +2,7 @@ "id": "CVE-2025-25427", "sourceIdentifier": "f23511db-6c3e-4e32-a477-6aa17d310630", "published": "2025-04-18T01:15:32.427", - "lastModified": "2025-04-18T01:15:32.427", + "lastModified": "2025-04-18T12:15:14.753", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -73,6 +73,10 @@ { "url": "https://github.com/slin99/2025-25427", "source": "f23511db-6c3e-4e32-a477-6aa17d310630" + }, + { + "url": "https://github.com/slin99/2025-25427/blob/master/readme.md", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-254xx/CVE-2025-25454.json b/CVE-2025/CVE-2025-254xx/CVE-2025-25454.json index 4cad9830412..cd9d28e2b7a 100644 --- a/CVE-2025/CVE-2025-254xx/CVE-2025-25454.json +++ b/CVE-2025/CVE-2025-254xx/CVE-2025-25454.json @@ -2,7 +2,7 @@ "id": "CVE-2025-25454", "sourceIdentifier": "cve@mitre.org", "published": "2025-04-17T18:15:48.123", - "lastModified": "2025-04-17T20:21:05.203", + "lastModified": "2025-04-18T14:15:21.103", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -11,7 +11,42 @@ "value": "Tenda AC10 V4.0si_V16.03.10.20 is vulnerable to Buffer Overflow in AdvSetMacMtuWan via wanSpeed2." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-121" + } + ] + } + ], "references": [ { "url": "https://gist.github.com/xyqer1/491bfd8b9b0868977dca66ab6ce238d2", @@ -20,6 +55,10 @@ { "url": "https://github.com/xyqer1/Tenda-AC10-AdvSetMacMtuWan-wanSpeed2-StackOverflow", "source": "cve@mitre.org" + }, + { + "url": "https://github.com/xyqer1/Tenda-AC10-AdvSetMacMtuWan-wanSpeed2-StackOverflow", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-254xx/CVE-2025-25455.json b/CVE-2025/CVE-2025-254xx/CVE-2025-25455.json index 86a206b3a77..8f7d63e71d4 100644 --- a/CVE-2025/CVE-2025-254xx/CVE-2025-25455.json +++ b/CVE-2025/CVE-2025-254xx/CVE-2025-25455.json @@ -2,7 +2,7 @@ "id": "CVE-2025-25455", "sourceIdentifier": "cve@mitre.org", "published": "2025-04-17T18:15:48.603", - "lastModified": "2025-04-17T20:21:05.203", + "lastModified": "2025-04-18T14:15:21.263", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -11,7 +11,42 @@ "value": "Tenda AC10 V4.0si_V16.03.10.20 is vulnerable to Buffer Overflow in AdvSetMacMtuWan via wanMTU2." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-121" + } + ] + } + ], "references": [ { "url": "https://gist.github.com/xyqer1/6c865a9ec44b4797e78b6765cd5c84e5", @@ -20,6 +55,10 @@ { "url": "https://github.com/xyqer1/Tenda-AC10-AdvSetMacMtuWan-wanMTU2-StackOverflow", "source": "cve@mitre.org" + }, + { + "url": "https://github.com/xyqer1/Tenda-AC10-AdvSetMacMtuWan-wanMTU2-StackOverflow", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-254xx/CVE-2025-25457.json b/CVE-2025/CVE-2025-254xx/CVE-2025-25457.json index 0895cb9215a..fa7bd9670c4 100644 --- a/CVE-2025/CVE-2025-254xx/CVE-2025-25457.json +++ b/CVE-2025/CVE-2025-254xx/CVE-2025-25457.json @@ -2,8 +2,8 @@ "id": "CVE-2025-25457", "sourceIdentifier": "cve@mitre.org", "published": "2025-04-17T16:15:34.390", - "lastModified": "2025-04-17T20:21:48.243", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T12:15:14.870", + "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [ { @@ -11,7 +11,42 @@ "value": "Tenda AC10 V4.0si_V16.03.10.20 is vulnerable to Buffer Overflow in AdvSetMacMtuWan via cloneType2." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-121" + } + ] + } + ], "references": [ { "url": "https://gist.github.com/xyqer1/f69ebbdec019cacf5870ea55e25780a4", @@ -20,6 +55,10 @@ { "url": "https://github.com/xyqer1/Tenda-AC10-AdvSetMacMtuWan-cloneType2-StackOverflow", "source": "cve@mitre.org" + }, + { + "url": "https://github.com/xyqer1/Tenda-AC10-AdvSetMacMtuWan-cloneType2-StackOverflow", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-259xx/CVE-2025-25948.json b/CVE-2025/CVE-2025-259xx/CVE-2025-25948.json index 270f7ec7cee..8264c27892a 100644 --- a/CVE-2025/CVE-2025-259xx/CVE-2025-25948.json +++ b/CVE-2025/CVE-2025-259xx/CVE-2025-25948.json @@ -2,7 +2,7 @@ "id": "CVE-2025-25948", "sourceIdentifier": "cve@mitre.org", "published": "2025-03-03T01:15:11.310", - "lastModified": "2025-03-05T17:15:15.487", + "lastModified": "2025-04-18T14:15:21.417", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -55,6 +55,10 @@ { "url": "https://github.com/VvV1per/Vulnerability-Research-CVEs/tree/main/CVE-2024-53637", "source": "cve@mitre.org" + }, + { + "url": "https://github.com/VvV1per/Vulnerability-Research-CVEs/tree/main/CVE-2025-25948", + "source": "cve@mitre.org" } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-259xx/CVE-2025-25949.json b/CVE-2025/CVE-2025-259xx/CVE-2025-25949.json index c0a20fdac3a..dfabfca50f5 100644 --- a/CVE-2025/CVE-2025-259xx/CVE-2025-25949.json +++ b/CVE-2025/CVE-2025-259xx/CVE-2025-25949.json @@ -2,7 +2,7 @@ "id": "CVE-2025-25949", "sourceIdentifier": "cve@mitre.org", "published": "2025-03-03T01:15:11.423", - "lastModified": "2025-03-04T17:15:17.890", + "lastModified": "2025-04-18T14:15:21.573", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -55,6 +55,10 @@ { "url": "https://github.com/VvV1per/Vulnerability-Research-CVEs/tree/main/CVE-2024-89636", "source": "cve@mitre.org" + }, + { + "url": "https://github.com/VvV1per/Vulnerability-Research-CVEs/tree/main/CVE-2025-25949", + "source": "cve@mitre.org" } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-259xx/CVE-2025-25950.json b/CVE-2025/CVE-2025-259xx/CVE-2025-25950.json index 8fc5b0303bf..993e999d986 100644 --- a/CVE-2025/CVE-2025-259xx/CVE-2025-25950.json +++ b/CVE-2025/CVE-2025-259xx/CVE-2025-25950.json @@ -2,7 +2,7 @@ "id": "CVE-2025-25950", "sourceIdentifier": "cve@mitre.org", "published": "2025-03-03T01:15:11.533", - "lastModified": "2025-03-05T17:15:15.647", + "lastModified": "2025-04-18T14:15:21.737", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -55,6 +55,10 @@ { "url": "https://github.com/VvV1per/Vulnerability-Research-CVEs/tree/main/CVE-2024-89637", "source": "cve@mitre.org" + }, + { + "url": "https://github.com/VvV1per/Vulnerability-Research-CVEs/tree/main/CVE-2025-25950", + "source": "cve@mitre.org" } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-259xx/CVE-2025-25951.json b/CVE-2025/CVE-2025-259xx/CVE-2025-25951.json index 266b25f8f8e..e90f81345e4 100644 --- a/CVE-2025/CVE-2025-259xx/CVE-2025-25951.json +++ b/CVE-2025/CVE-2025-259xx/CVE-2025-25951.json @@ -2,7 +2,7 @@ "id": "CVE-2025-25951", "sourceIdentifier": "cve@mitre.org", "published": "2025-03-03T01:15:11.660", - "lastModified": "2025-03-05T15:15:18.463", + "lastModified": "2025-04-18T14:15:21.937", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -55,6 +55,10 @@ { "url": "https://github.com/VvV1per/Vulnerability-Research-CVEs/tree/main/CVE-2024-89638", "source": "cve@mitre.org" + }, + { + "url": "https://github.com/VvV1per/Vulnerability-Research-CVEs/tree/main/CVE-2025-25951", + "source": "cve@mitre.org" } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-259xx/CVE-2025-25952.json b/CVE-2025/CVE-2025-259xx/CVE-2025-25952.json index 8f14d828700..e59fa4b32ce 100644 --- a/CVE-2025/CVE-2025-259xx/CVE-2025-25952.json +++ b/CVE-2025/CVE-2025-259xx/CVE-2025-25952.json @@ -2,7 +2,7 @@ "id": "CVE-2025-25952", "sourceIdentifier": "cve@mitre.org", "published": "2025-03-03T01:15:11.777", - "lastModified": "2025-03-05T18:15:38.050", + "lastModified": "2025-04-18T14:15:22.117", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -55,6 +55,10 @@ { "url": "https://github.com/VvV1per/Vulnerability-Research-CVEs/tree/main/CVE-2024-89639", "source": "cve@mitre.org" + }, + { + "url": "https://github.com/VvV1per/Vulnerability-Research-CVEs/tree/main/CVE-2025-25952", + "source": "cve@mitre.org" } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-259xx/CVE-2025-25953.json b/CVE-2025/CVE-2025-259xx/CVE-2025-25953.json index 8a41077f47b..df3a45dec4d 100644 --- a/CVE-2025/CVE-2025-259xx/CVE-2025-25953.json +++ b/CVE-2025/CVE-2025-259xx/CVE-2025-25953.json @@ -2,7 +2,7 @@ "id": "CVE-2025-25953", "sourceIdentifier": "cve@mitre.org", "published": "2025-03-03T01:15:11.910", - "lastModified": "2025-03-05T17:15:15.810", + "lastModified": "2025-04-18T14:15:22.280", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -55,6 +55,10 @@ { "url": "https://github.com/VvV1per/Vulnerability-Research-CVEs/tree/main/CVE-2024-89640", "source": "cve@mitre.org" + }, + { + "url": "https://github.com/VvV1per/Vulnerability-Research-CVEs/tree/main/CVE-2025-25953", + "source": "cve@mitre.org" } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-261xx/CVE-2025-26153.json b/CVE-2025/CVE-2025-261xx/CVE-2025-26153.json index a52510de7dd..00659a12c3a 100644 --- a/CVE-2025/CVE-2025-261xx/CVE-2025-26153.json +++ b/CVE-2025/CVE-2025-261xx/CVE-2025-26153.json @@ -2,7 +2,7 @@ "id": "CVE-2025-26153", "sourceIdentifier": "cve@mitre.org", "published": "2025-04-16T21:15:46.770", - "lastModified": "2025-04-17T20:21:48.243", + "lastModified": "2025-04-18T12:15:15.033", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -11,7 +11,42 @@ "value": "A Stored XSS vulnerability exists in the message compose feature of Chamilo LMS 1.11.28. Attackers can inject malicious scripts into messages, which execute when victims, such as administrators, reply to the message." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], "references": [ { "url": "https://gist.github.com/NoSpaceAvailable/234acdf57b5d7b29b2f39090c1686bc8", @@ -24,6 +59,10 @@ { "url": "https://github.com/chamilo/chamilo-lms/commit/d5c29cf39ac30d7364a52bba4036c3e870412066", "source": "cve@mitre.org" + }, + { + "url": "https://gist.github.com/NoSpaceAvailable/234acdf57b5d7b29b2f39090c1686bc8", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-271xx/CVE-2025-27173.json b/CVE-2025/CVE-2025-271xx/CVE-2025-27173.json index 7995df6c516..49788457b25 100644 --- a/CVE-2025/CVE-2025-271xx/CVE-2025-27173.json +++ b/CVE-2025/CVE-2025-271xx/CVE-2025-27173.json @@ -2,8 +2,8 @@ "id": "CVE-2025-27173", "sourceIdentifier": "psirt@adobe.com", "published": "2025-03-11T21:15:42.307", - "lastModified": "2025-03-11T21:15:42.307", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-04-18T15:51:57.553", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,10 +51,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:substance_3d_modeler:*:*:*:*:*:*:*:*", + "versionEndIncluding": "1.15.0", + "matchCriteriaId": "E84BE932-7364-4808-B05B-932F50B3BD38" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/substance3d-modeler/apsb25-21.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-271xx/CVE-2025-27180.json b/CVE-2025/CVE-2025-271xx/CVE-2025-27180.json index 7a8f483ce86..2c3bc00d02b 100644 --- a/CVE-2025/CVE-2025-271xx/CVE-2025-27180.json +++ b/CVE-2025/CVE-2025-271xx/CVE-2025-27180.json @@ -2,8 +2,8 @@ "id": "CVE-2025-27180", "sourceIdentifier": "psirt@adobe.com", "published": "2025-03-11T21:15:42.463", - "lastModified": "2025-03-11T21:15:42.463", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-04-18T14:50:13.647", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,10 +51,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:substance_3d_modeler:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.15.0", + "matchCriteriaId": "6495E77E-5168-4D53-9551-5F22EF33FE14" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/substance3d-modeler/apsb25-21.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-271xx/CVE-2025-27181.json b/CVE-2025/CVE-2025-271xx/CVE-2025-27181.json index 5eef69efa66..19c92a1b09c 100644 --- a/CVE-2025/CVE-2025-271xx/CVE-2025-27181.json +++ b/CVE-2025/CVE-2025-271xx/CVE-2025-27181.json @@ -2,8 +2,8 @@ "id": "CVE-2025-27181", "sourceIdentifier": "psirt@adobe.com", "published": "2025-03-11T21:15:42.613", - "lastModified": "2025-03-11T21:15:42.613", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-04-18T14:50:27.173", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,10 +51,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:substance_3d_modeler:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.15.0", + "matchCriteriaId": "6495E77E-5168-4D53-9551-5F22EF33FE14" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/substance3d-modeler/apsb25-21.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-271xx/CVE-2025-27182.json b/CVE-2025/CVE-2025-271xx/CVE-2025-27182.json index b12d348f96b..28001745637 100644 --- a/CVE-2025/CVE-2025-271xx/CVE-2025-27182.json +++ b/CVE-2025/CVE-2025-271xx/CVE-2025-27182.json @@ -2,8 +2,8 @@ "id": "CVE-2025-27182", "sourceIdentifier": "psirt@adobe.com", "published": "2025-04-08T18:15:53.740", - "lastModified": "2025-04-09T20:03:01.577", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-04-18T14:39:20.423", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,10 +51,55 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:after_effects:*:*:*:*:*:*:*:*", + "versionEndExcluding": "24.6.5", + "matchCriteriaId": "27AA97C6-5384-47C1-8F2C-13347B4DC018" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:after_effects:*:*:*:*:*:*:*:*", + "versionStartIncluding": "25.0", + "versionEndExcluding": "25.2", + "matchCriteriaId": "7F4174F7-5B60-419D-BD3D-C0F7485B5FE8" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/after_effects/apsb25-23.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-271xx/CVE-2025-27183.json b/CVE-2025/CVE-2025-271xx/CVE-2025-27183.json index b950ef12198..2253562b6f2 100644 --- a/CVE-2025/CVE-2025-271xx/CVE-2025-27183.json +++ b/CVE-2025/CVE-2025-271xx/CVE-2025-27183.json @@ -2,8 +2,8 @@ "id": "CVE-2025-27183", "sourceIdentifier": "psirt@adobe.com", "published": "2025-04-08T18:15:53.937", - "lastModified": "2025-04-09T20:03:01.577", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-04-18T14:39:12.477", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,10 +51,55 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:after_effects:*:*:*:*:*:*:*:*", + "versionEndExcluding": "24.6.5", + "matchCriteriaId": "27AA97C6-5384-47C1-8F2C-13347B4DC018" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:after_effects:*:*:*:*:*:*:*:*", + "versionStartIncluding": "25.0", + "versionEndExcluding": "25.2", + "matchCriteriaId": "7F4174F7-5B60-419D-BD3D-C0F7485B5FE8" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/after_effects/apsb25-23.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-271xx/CVE-2025-27184.json b/CVE-2025/CVE-2025-271xx/CVE-2025-27184.json index 61590508985..78a3bbe04f1 100644 --- a/CVE-2025/CVE-2025-271xx/CVE-2025-27184.json +++ b/CVE-2025/CVE-2025-271xx/CVE-2025-27184.json @@ -2,8 +2,8 @@ "id": "CVE-2025-27184", "sourceIdentifier": "psirt@adobe.com", "published": "2025-04-08T18:15:54.090", - "lastModified": "2025-04-09T20:03:01.577", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-04-18T14:38:59.740", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,10 +51,55 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:after_effects:*:*:*:*:*:*:*:*", + "versionEndExcluding": "24.6.5", + "matchCriteriaId": "27AA97C6-5384-47C1-8F2C-13347B4DC018" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:after_effects:*:*:*:*:*:*:*:*", + "versionStartIncluding": "25.0", + "versionEndExcluding": "25.2", + "matchCriteriaId": "7F4174F7-5B60-419D-BD3D-C0F7485B5FE8" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/after_effects/apsb25-23.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-271xx/CVE-2025-27185.json b/CVE-2025/CVE-2025-271xx/CVE-2025-27185.json index a12fab378fa..299376ec142 100644 --- a/CVE-2025/CVE-2025-271xx/CVE-2025-27185.json +++ b/CVE-2025/CVE-2025-271xx/CVE-2025-27185.json @@ -2,8 +2,8 @@ "id": "CVE-2025-27185", "sourceIdentifier": "psirt@adobe.com", "published": "2025-04-08T18:15:54.233", - "lastModified": "2025-04-09T20:03:01.577", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-04-18T14:38:49.510", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,10 +51,55 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:after_effects:*:*:*:*:*:*:*:*", + "versionEndExcluding": "24.6.5", + "matchCriteriaId": "27AA97C6-5384-47C1-8F2C-13347B4DC018" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:after_effects:*:*:*:*:*:*:*:*", + "versionStartIncluding": "25.0", + "versionEndExcluding": "25.2", + "matchCriteriaId": "7F4174F7-5B60-419D-BD3D-C0F7485B5FE8" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/after_effects/apsb25-23.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-271xx/CVE-2025-27186.json b/CVE-2025/CVE-2025-271xx/CVE-2025-27186.json index c9ffbca3e9d..fa4bed074c4 100644 --- a/CVE-2025/CVE-2025-271xx/CVE-2025-27186.json +++ b/CVE-2025/CVE-2025-271xx/CVE-2025-27186.json @@ -2,8 +2,8 @@ "id": "CVE-2025-27186", "sourceIdentifier": "psirt@adobe.com", "published": "2025-04-08T18:15:54.380", - "lastModified": "2025-04-09T20:03:01.577", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-04-18T14:38:32.703", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,10 +51,55 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:after_effects:*:*:*:*:*:*:*:*", + "versionEndExcluding": "24.6.5", + "matchCriteriaId": "27AA97C6-5384-47C1-8F2C-13347B4DC018" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:after_effects:*:*:*:*:*:*:*:*", + "versionStartIncluding": "25.0", + "versionEndExcluding": "25.2", + "matchCriteriaId": "7F4174F7-5B60-419D-BD3D-C0F7485B5FE8" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/after_effects/apsb25-23.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-271xx/CVE-2025-27187.json b/CVE-2025/CVE-2025-271xx/CVE-2025-27187.json index fc2143964b6..a03e377cc3d 100644 --- a/CVE-2025/CVE-2025-271xx/CVE-2025-27187.json +++ b/CVE-2025/CVE-2025-271xx/CVE-2025-27187.json @@ -2,8 +2,8 @@ "id": "CVE-2025-27187", "sourceIdentifier": "psirt@adobe.com", "published": "2025-04-08T18:15:54.540", - "lastModified": "2025-04-09T20:03:01.577", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-04-18T14:38:20.120", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,10 +51,55 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:after_effects:*:*:*:*:*:*:*:*", + "versionEndExcluding": "24.6.5", + "matchCriteriaId": "27AA97C6-5384-47C1-8F2C-13347B4DC018" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:after_effects:*:*:*:*:*:*:*:*", + "versionStartIncluding": "25.0", + "versionEndExcluding": "25.2", + "matchCriteriaId": "7F4174F7-5B60-419D-BD3D-C0F7485B5FE8" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/after_effects/apsb25-23.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-271xx/CVE-2025-27199.json b/CVE-2025/CVE-2025-271xx/CVE-2025-27199.json index 02f5055ab30..fc2c181452b 100644 --- a/CVE-2025/CVE-2025-271xx/CVE-2025-27199.json +++ b/CVE-2025/CVE-2025-271xx/CVE-2025-27199.json @@ -2,8 +2,8 @@ "id": "CVE-2025-27199", "sourceIdentifier": "psirt@adobe.com", "published": "2025-04-08T18:15:55.477", - "lastModified": "2025-04-09T20:03:01.577", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-04-18T14:40:23.900", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,10 +51,56 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:animate:*:*:*:*:*:*:*:*", + "versionStartIncluding": "23.0.0", + "versionEndExcluding": "23.0.11", + "matchCriteriaId": "5CF70483-D52A-494B-8802-3E608EF3E6CB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:animate:*:*:*:*:*:*:*:*", + "versionStartIncluding": "24.0.0", + "versionEndExcluding": "24.0.8", + "matchCriteriaId": "FC600A8A-541A-42ED-923B-D33A1C417922" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/animate/apsb25-31.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-272xx/CVE-2025-27200.json b/CVE-2025/CVE-2025-272xx/CVE-2025-27200.json index 37aa70ab92d..112b71a21dc 100644 --- a/CVE-2025/CVE-2025-272xx/CVE-2025-27200.json +++ b/CVE-2025/CVE-2025-272xx/CVE-2025-27200.json @@ -2,8 +2,8 @@ "id": "CVE-2025-27200", "sourceIdentifier": "psirt@adobe.com", "published": "2025-04-08T18:15:55.630", - "lastModified": "2025-04-09T20:03:01.577", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-04-18T14:40:40.313", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,10 +51,56 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:animate:*:*:*:*:*:*:*:*", + "versionStartIncluding": "23.0.0", + "versionEndExcluding": "23.0.11", + "matchCriteriaId": "5CF70483-D52A-494B-8802-3E608EF3E6CB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:animate:*:*:*:*:*:*:*:*", + "versionStartIncluding": "24.0.0", + "versionEndExcluding": "24.0.8", + "matchCriteriaId": "FC600A8A-541A-42ED-923B-D33A1C417922" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/animate/apsb25-31.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-275xx/CVE-2025-27599.json b/CVE-2025/CVE-2025-275xx/CVE-2025-27599.json new file mode 100644 index 00000000000..b4511a62c7c --- /dev/null +++ b/CVE-2025/CVE-2025-275xx/CVE-2025-27599.json @@ -0,0 +1,68 @@ +{ + "id": "CVE-2025-27599", + "sourceIdentifier": "security-advisories@github.com", + "published": "2025-04-18T16:15:20.480", + "lastModified": "2025-04-18T16:15:20.480", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Element X Android is a Matrix Android Client provided by element.io. Prior to version 25.04.2, a crafted hyperlink on a webpage, or a locally installed malicious app, can force Element X up to version 25.04.1 to load a webpage with similar permissions to Element Call and automatically grant it temporary access to microphone and camera. This issue has been patched in version 25.04.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + }, + { + "lang": "en", + "value": "CWE-926" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/element-hq/element-x-android/commit/dc058544d7e693c04298191c1aadd5b39c9be52e", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/element-hq/element-x-android/releases/tag/v25.04.2", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/element-hq/element-x-android/security/advisories/GHSA-m5px-pwq3-4p5m", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-290xx/CVE-2025-29042.json b/CVE-2025/CVE-2025-290xx/CVE-2025-29042.json index b796697f492..eb4f655ccde 100644 --- a/CVE-2025/CVE-2025-290xx/CVE-2025-29042.json +++ b/CVE-2025/CVE-2025-290xx/CVE-2025-29042.json @@ -2,7 +2,7 @@ "id": "CVE-2025-29042", "sourceIdentifier": "cve@mitre.org", "published": "2025-04-17T16:15:38.560", - "lastModified": "2025-04-17T20:21:05.203", + "lastModified": "2025-04-18T15:15:58.490", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -11,7 +11,42 @@ "value": "An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the macaddr key value to the function 0x42232c" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], "references": [ { "url": "https://gist.github.com/xyqer1/841e78a3c4029808dac8c439595a1358", @@ -24,6 +59,10 @@ { "url": "https://www.dlink.com/en/security-bulletin/", "source": "cve@mitre.org" + }, + { + "url": "https://github.com/xyqer1/Dlink-dir-823x-set_prohibiting-macaddr-CommandInjection", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-290xx/CVE-2025-29044.json b/CVE-2025/CVE-2025-290xx/CVE-2025-29044.json index bf22bab34af..1698664b9f2 100644 --- a/CVE-2025/CVE-2025-290xx/CVE-2025-29044.json +++ b/CVE-2025/CVE-2025-290xx/CVE-2025-29044.json @@ -2,8 +2,8 @@ "id": "CVE-2025-29044", "sourceIdentifier": "cve@mitre.org", "published": "2025-04-17T15:15:54.717", - "lastModified": "2025-04-17T20:21:48.243", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T13:15:57.460", + "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [ { @@ -11,7 +11,42 @@ "value": "Buffer Overflow vulnerability in Netgear- R61 router V1.0.1.28 allows a remote attacker to execute arbitrary code via the QUERY_STRING key value" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], "references": [ { "url": "https://gist.github.com/xyqer1/09fe6488a6655776c8c5d33e630a0f2a", @@ -20,6 +55,14 @@ { "url": "https://github.com/xyqer1/Netgear-R6100-cgiMain-QUERY_STRING-StackOverflow?tab=readme-ov-file", "source": "cve@mitre.org" + }, + { + "url": "https://gist.github.com/xyqer1/09fe6488a6655776c8c5d33e630a0f2a", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" + }, + { + "url": "https://github.com/xyqer1/Netgear-R6100-cgiMain-QUERY_STRING-StackOverflow?tab=readme-ov-file", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-290xx/CVE-2025-29045.json b/CVE-2025/CVE-2025-290xx/CVE-2025-29045.json index 6a7eb09283a..5c9abe012d5 100644 --- a/CVE-2025/CVE-2025-290xx/CVE-2025-29045.json +++ b/CVE-2025/CVE-2025-290xx/CVE-2025-29045.json @@ -2,8 +2,8 @@ "id": "CVE-2025-29045", "sourceIdentifier": "cve@mitre.org", "published": "2025-04-17T15:15:54.877", - "lastModified": "2025-04-17T20:21:48.243", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T13:15:57.650", + "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [ { @@ -11,7 +11,42 @@ "value": "Buffer Overflow vulnerability in ALFA_CAMPRO-co-2.29 allows a remote attacker to execute arbitrary code via the newap_text_0 key value" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], "references": [ { "url": "https://gist.github.com/xyqer1/16f6b44ef062374bc32c12952c7b81f8", @@ -20,6 +55,14 @@ { "url": "https://github.com/xyqer1/ALFA-WiFi-CampPro-APSecurity-newap_text_0", "source": "cve@mitre.org" + }, + { + "url": "https://gist.github.com/xyqer1/16f6b44ef062374bc32c12952c7b81f8", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" + }, + { + "url": "https://github.com/xyqer1/ALFA-WiFi-CampPro-APSecurity-newap_text_0", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-290xx/CVE-2025-29046.json b/CVE-2025/CVE-2025-290xx/CVE-2025-29046.json index 1812682ac5d..3ac1b19f0e7 100644 --- a/CVE-2025/CVE-2025-290xx/CVE-2025-29046.json +++ b/CVE-2025/CVE-2025-290xx/CVE-2025-29046.json @@ -2,8 +2,8 @@ "id": "CVE-2025-29046", "sourceIdentifier": "cve@mitre.org", "published": "2025-04-17T15:15:55.013", - "lastModified": "2025-04-17T20:21:48.243", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T13:15:57.827", + "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [ { @@ -11,7 +11,42 @@ "value": "Buffer Overflow vulnerability inALFA WiFi CampPro router ALFA_CAMPRO-co-2.29 allows a remote attacker to execute arbitrary code via the GAPSMinute3 key value" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], "references": [ { "url": "https://gist.github.com/xyqer1/7f9970240aec0af412caee79271a5be5", @@ -20,6 +55,14 @@ { "url": "https://github.com/xyqer1/ALFA-WiFi-CampPro-GreenAP-GAPSMinute3", "source": "cve@mitre.org" + }, + { + "url": "https://gist.github.com/xyqer1/7f9970240aec0af412caee79271a5be5", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" + }, + { + "url": "https://github.com/xyqer1/ALFA-WiFi-CampPro-GreenAP-GAPSMinute3", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-290xx/CVE-2025-29047.json b/CVE-2025/CVE-2025-290xx/CVE-2025-29047.json index 7e6d83429cf..f9d2583f2f5 100644 --- a/CVE-2025/CVE-2025-290xx/CVE-2025-29047.json +++ b/CVE-2025/CVE-2025-290xx/CVE-2025-29047.json @@ -2,8 +2,8 @@ "id": "CVE-2025-29047", "sourceIdentifier": "cve@mitre.org", "published": "2025-04-17T15:15:55.140", - "lastModified": "2025-04-17T20:21:48.243", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T13:15:58.000", + "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [ { @@ -11,7 +11,42 @@ "value": "Buffer Overflow vulnerability inALFA WiFi CampPro router ALFA_CAMPRO-co-2.29 allows a remote attacker to execute arbitrary code via the hiddenIndex in the function StorageEditUser" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], "references": [ { "url": "https://gist.github.com/xyqer1/74adbc0249eeacf762fb4d33cf93a0f5", @@ -20,6 +55,14 @@ { "url": "https://github.com/xyqer1/ALFA-WiFi-CampPro-StorageEditUser-hiddenIndex", "source": "cve@mitre.org" + }, + { + "url": "https://gist.github.com/xyqer1/74adbc0249eeacf762fb4d33cf93a0f5", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" + }, + { + "url": "https://github.com/xyqer1/ALFA-WiFi-CampPro-StorageEditUser-hiddenIndex", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-294xx/CVE-2025-29459.json b/CVE-2025/CVE-2025-294xx/CVE-2025-29459.json index 8a19aca2713..c1a9138ce53 100644 --- a/CVE-2025/CVE-2025-294xx/CVE-2025-29459.json +++ b/CVE-2025/CVE-2025-294xx/CVE-2025-29459.json @@ -2,7 +2,7 @@ "id": "CVE-2025-29459", "sourceIdentifier": "cve@mitre.org", "published": "2025-04-17T22:15:15.387", - "lastModified": "2025-04-17T22:15:15.387", + "lastModified": "2025-04-18T14:15:22.437", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -11,7 +11,42 @@ "value": "An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Mail function." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L", + "baseScore": 7.6, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-918" + } + ] + } + ], "references": [ { "url": "https://www.yuque.com/morysummer/vx41bz/ggnmg5nnu635kvrc", diff --git a/CVE-2025/CVE-2025-294xx/CVE-2025-29460.json b/CVE-2025/CVE-2025-294xx/CVE-2025-29460.json index ffb29b1a2eb..b23f6058ea7 100644 --- a/CVE-2025/CVE-2025-294xx/CVE-2025-29460.json +++ b/CVE-2025/CVE-2025-294xx/CVE-2025-29460.json @@ -2,7 +2,7 @@ "id": "CVE-2025-29460", "sourceIdentifier": "cve@mitre.org", "published": "2025-04-17T22:15:15.493", - "lastModified": "2025-04-17T22:15:15.493", + "lastModified": "2025-04-18T14:15:22.603", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -11,7 +11,42 @@ "value": "An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Add Mycode function." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L", + "baseScore": 7.6, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-918" + } + ] + } + ], "references": [ { "url": "https://www.yuque.com/morysummer/vx41bz/fgg059stiog457ch", diff --git a/CVE-2025/CVE-2025-294xx/CVE-2025-29461.json b/CVE-2025/CVE-2025-294xx/CVE-2025-29461.json index 947cea26a30..59c1ca5f0ff 100644 --- a/CVE-2025/CVE-2025-294xx/CVE-2025-29461.json +++ b/CVE-2025/CVE-2025-294xx/CVE-2025-29461.json @@ -2,7 +2,7 @@ "id": "CVE-2025-29461", "sourceIdentifier": "cve@mitre.org", "published": "2025-04-17T22:15:15.607", - "lastModified": "2025-04-17T22:15:15.607", + "lastModified": "2025-04-18T14:15:22.770", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -11,7 +11,42 @@ "value": "An issue in a-blogcms 3.1.15 allows a remote attacker to obtain sensitive information via the /bid/1/admin/entry-edit/ path." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L", + "baseScore": 7.6, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-918" + } + ] + } + ], "references": [ { "url": "https://www.yuque.com/morysummer/vx41bz/xagedb4qdy5gouep", diff --git a/CVE-2025/CVE-2025-297xx/CVE-2025-29710.json b/CVE-2025/CVE-2025-297xx/CVE-2025-29710.json index 50146a8dede..a206d413bc6 100644 --- a/CVE-2025/CVE-2025-297xx/CVE-2025-29710.json +++ b/CVE-2025/CVE-2025-297xx/CVE-2025-29710.json @@ -2,8 +2,8 @@ "id": "CVE-2025-29710", "sourceIdentifier": "cve@mitre.org", "published": "2025-04-16T21:15:47.673", - "lastModified": "2025-04-17T20:21:48.243", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T12:15:15.203", + "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [ { @@ -11,7 +11,42 @@ "value": "SourceCodester Company Website CMS 1.0 is vulnerable to Cross Site Scripting (XSS) via /dashboard/Services." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], "references": [ { "url": "https://github.com/fupanc-w1n/fupanc/blob/main/php/CVE-2025-29710.md", @@ -20,6 +55,10 @@ { "url": "https://github.com/fupanc-w1n/fupanc/blob/main/php/Company%20Website%20CMS3.md", "source": "cve@mitre.org" + }, + { + "url": "https://github.com/fupanc-w1n/fupanc/blob/main/php/Company%20Website%20CMS3.md", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-297xx/CVE-2025-29784.json b/CVE-2025/CVE-2025-297xx/CVE-2025-29784.json new file mode 100644 index 00000000000..ed07fa32135 --- /dev/null +++ b/CVE-2025/CVE-2025-297xx/CVE-2025-29784.json @@ -0,0 +1,76 @@ +{ + "id": "CVE-2025-29784", + "sourceIdentifier": "security-advisories@github.com", + "published": "2025-04-18T16:15:22.163", + "lastModified": "2025-04-18T16:15:22.163", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, the s parameter in GET requests for forum search functionality lacks length validation, allowing attackers to submit excessively long search queries. This oversight can lead to performance degradation and potential denial-of-service (DoS) attacks. This issue has been patched in version 2.2.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + }, + { + "lang": "en", + "value": "CWE-130" + }, + { + "lang": "en", + "value": "CWE-1284" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/NamelessMC/Nameless/commit/f5341e56930a98978171e0a871d60f19ab30ebdd", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/NamelessMC/Nameless/releases/tag/v2.2.0", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/NamelessMC/Nameless/security/advisories/GHSA-4hrq-rf96-c2jm", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/NamelessMC/Nameless/security/advisories/GHSA-4hrq-rf96-c2jm", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-299xx/CVE-2025-29953.json b/CVE-2025/CVE-2025-299xx/CVE-2025-29953.json new file mode 100644 index 00000000000..61d1ef2e20d --- /dev/null +++ b/CVE-2025/CVE-2025-299xx/CVE-2025-29953.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2025-29953", + "sourceIdentifier": "security@apache.org", + "published": "2025-04-18T16:15:22.317", + "lastModified": "2025-04-18T16:15:22.317", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Deserialization of Untrusted Data vulnerability in Apache ActiveMQ NMS OpenWire Client.\n\nThis issue affects Apache ActiveMQ NMS OpenWire Client before 2.1.1 when performing connections to untrusted servers. Such servers could abuse the unbounded deserialization in the client to provide malicious responses that may eventually cause arbitrary code execution on the client. Version 2.1.0 introduced a allow/denylist feature to restrict deserialization, but this feature could be bypassed.\n\nThe .NET team has deprecated the built-in .NET binary serialization feature starting with .NET 9 and suggests migrating away from binary serialization. The project is considering to follow suit and drop this part of the NMS API altogether.\n\nUsers are recommended to upgrade to version 2.1.1, which fixes the issue. We also recommend to migrate away from relying on .NET binary serialization as a hardening method for the future." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "security@apache.org", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-502" + } + ] + } + ], + "references": [ + { + "url": "https://lists.apache.org/thread/vc1sj9y3056d3kkhcvrs9fyw5w8kpmlx", + "source": "security@apache.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-301xx/CVE-2025-30158.json b/CVE-2025/CVE-2025-301xx/CVE-2025-30158.json new file mode 100644 index 00000000000..cf498d7eb83 --- /dev/null +++ b/CVE-2025/CVE-2025-301xx/CVE-2025-30158.json @@ -0,0 +1,68 @@ +{ + "id": "CVE-2025-30158", + "sourceIdentifier": "security-advisories@github.com", + "published": "2025-04-18T16:15:22.443", + "lastModified": "2025-04-18T16:15:22.443", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, the forum allows users to post iframe elements inside forum topics/comments/feed with no restriction on the iframe's width and height attributes. This allows an authenticated attacker to perform a UI-based denial of service (DoS) by injecting oversized iframes that block the forum UI and disrupt normal user interactions. This issue has been patched in version 2.2.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 4.2 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-400" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/NamelessMC/Nameless/commit/caa42a975338a13fbc1658e8c440108f16135643", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/NamelessMC/Nameless/releases/tag/v2.2.0", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/NamelessMC/Nameless/security/advisories/GHSA-2prx-rgr7-hq5f", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/NamelessMC/Nameless/security/advisories/GHSA-2prx-rgr7-hq5f", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-303xx/CVE-2025-30357.json b/CVE-2025/CVE-2025-303xx/CVE-2025-30357.json new file mode 100644 index 00000000000..04eeb98a04c --- /dev/null +++ b/CVE-2025/CVE-2025-303xx/CVE-2025-30357.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2025-30357", + "sourceIdentifier": "security-advisories@github.com", + "published": "2025-04-18T16:15:22.593", + "lastModified": "2025-04-18T16:15:22.593", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, if a malicious user is leaving spam comments on many topics then an administrator, unable to manually remove each spam comment, may delete the malicious account. Once an administrator deletes the malicious user's account, all their posts (comments) along with the associated topics (by unrelated users) will be marked as deleted. This issue has been patched in version 2.2.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:N/I:H/A:H", + "baseScore": 7.3, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.0, + "impactScore": 5.8 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-706" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/NamelessMC/Nameless/commit/7040924e27f99aa486c619a5b4ca809051a1ca7f", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/NamelessMC/Nameless/releases/tag/v2.2.0", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/NamelessMC/Nameless/security/advisories/GHSA-22mc-7c9m-gv8h", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-30xx/CVE-2025-3056.json b/CVE-2025/CVE-2025-30xx/CVE-2025-3056.json new file mode 100644 index 00000000000..a1cf09b8132 --- /dev/null +++ b/CVE-2025/CVE-2025-30xx/CVE-2025-3056.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2025-3056", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-04-18T09:15:15.230", + "lastModified": "2025-04-18T09:15:15.230", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Download Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 3.3.12 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3275196/", + "source": "security@wordfence.com" + }, + { + "url": "https://wordpress.org/plugins/download-manager/#developers", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/dd9e6ba7-f107-4d7c-a7da-35e603f3a1a8?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-311xx/CVE-2025-31118.json b/CVE-2025/CVE-2025-311xx/CVE-2025-31118.json new file mode 100644 index 00000000000..1303d6fd9a5 --- /dev/null +++ b/CVE-2025/CVE-2025-311xx/CVE-2025-31118.json @@ -0,0 +1,68 @@ +{ + "id": "CVE-2025-31118", + "sourceIdentifier": "security-advisories@github.com", + "published": "2025-04-18T16:15:22.747", + "lastModified": "2025-04-18T16:15:22.747", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, forum quick reply feature (view_topic.php) does not implement any spam prevention mechanism. This allows authenticated users to continuously post replies without any time restriction, resulting in an uncontrolled surge of posts that can disrupt normal operations. This issue has been patched in version 2.2.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 4.2 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-400" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/NamelessMC/Nameless/commit/51e9d93aaa28d40f060b807533d22b768abea207", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/NamelessMC/Nameless/releases/tag/v2.2.0", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/NamelessMC/Nameless/security/advisories/GHSA-jhvp-mwj4-922m", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/NamelessMC/Nameless/security/advisories/GHSA-jhvp-mwj4-922m", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-311xx/CVE-2025-31120.json b/CVE-2025/CVE-2025-311xx/CVE-2025-31120.json new file mode 100644 index 00000000000..d2a80a8d3b1 --- /dev/null +++ b/CVE-2025/CVE-2025-311xx/CVE-2025-31120.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2025-31120", + "sourceIdentifier": "security-advisories@github.com", + "published": "2025-04-18T16:15:22.890", + "lastModified": "2025-04-18T16:15:22.890", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, an insecure view count mechanism in the forum page allows an unauthenticated attacker to artificially increase the view count. The application relies on a client-side cookie (nl-topic-[tid]) (or session variable for guests) to determine if a view should be counted. When a client does not provide the cookie, every page request increments the counter, leading to incorrect view metrics. This issue has been patched in version 2.2.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-565" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/NamelessMC/Nameless/commit/9b112c0beab346a38b6f5a51e7773b38c6fc52e7", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/NamelessMC/Nameless/releases/tag/v2.2.0", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/NamelessMC/Nameless/security/advisories/GHSA-8jv7-77jw-h646", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-312xx/CVE-2025-31200.json b/CVE-2025/CVE-2025-312xx/CVE-2025-31200.json index 89591192726..b81d2fb0d73 100644 --- a/CVE-2025/CVE-2025-312xx/CVE-2025-31200.json +++ b/CVE-2025/CVE-2025-312xx/CVE-2025-31200.json @@ -2,8 +2,8 @@ "id": "CVE-2025-31200", "sourceIdentifier": "product-security@apple.com", "published": "2025-04-16T19:15:54.540", - "lastModified": "2025-04-18T01:00:02.077", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T13:50:15.483", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -39,22 +39,132 @@ "cisaActionDue": "2025-05-08", "cisaRequiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", "cisaVulnerabilityName": "Apple Multiple Products Memory Corruption Vulnerability", + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionEndExcluding": "15.4.1", + "matchCriteriaId": "1F73061A-3EA8-4A3A-9192-02C11B8A4943" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", + "versionEndExcluding": "18.4.1", + "matchCriteriaId": "A24DBFEA-B927-44AA-82F3-C9A385B6F426" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.4.1", + "matchCriteriaId": "925616D6-4CD8-4999-ABA7-57810D148EEF" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", + "versionEndExcluding": "18.4.1", + "matchCriteriaId": "F16CA380-BCA8-4704-A2DF-8DEFB6C74304" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", + "versionEndExcluding": "18.4.1", + "matchCriteriaId": "F3509987-8BCC-4735-B3A0-CB8821F015C4" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/122282", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/122400", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/122401", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/122402", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-312xx/CVE-2025-31201.json b/CVE-2025/CVE-2025-312xx/CVE-2025-31201.json index ace8d74e377..3aa32f9f22b 100644 --- a/CVE-2025/CVE-2025-312xx/CVE-2025-31201.json +++ b/CVE-2025/CVE-2025-312xx/CVE-2025-31201.json @@ -2,8 +2,8 @@ "id": "CVE-2025-31201", "sourceIdentifier": "product-security@apple.com", "published": "2025-04-16T19:15:54.673", - "lastModified": "2025-04-18T01:00:02.077", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-04-18T13:47:59.890", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -39,22 +39,132 @@ "cisaActionDue": "2025-05-08", "cisaRequiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", "cisaVulnerabilityName": "Apple Multiple Products Arbitrary Read and Write Vulnerability", + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionEndExcluding": "15.4.1", + "matchCriteriaId": "1F73061A-3EA8-4A3A-9192-02C11B8A4943" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", + "versionEndExcluding": "18.4.1", + "matchCriteriaId": "A24DBFEA-B927-44AA-82F3-C9A385B6F426" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.4.1", + "matchCriteriaId": "925616D6-4CD8-4999-ABA7-57810D148EEF" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", + "versionEndExcluding": "18.4.1", + "matchCriteriaId": "F16CA380-BCA8-4704-A2DF-8DEFB6C74304" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", + "versionEndExcluding": "18.4.1", + "matchCriteriaId": "F3509987-8BCC-4735-B3A0-CB8821F015C4" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/122282", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/122400", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/122401", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/122402", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-31xx/CVE-2025-3106.json b/CVE-2025/CVE-2025-31xx/CVE-2025-3106.json new file mode 100644 index 00000000000..ec671b46e28 --- /dev/null +++ b/CVE-2025/CVE-2025-31xx/CVE-2025-3106.json @@ -0,0 +1,68 @@ +{ + "id": "CVE-2025-3106", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-04-18T10:15:14.243", + "lastModified": "2025-04-18T10:15:14.243", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Table of Contents widget in all versions up to, and including, 1.4.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 6.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/lastudio-element-kit/trunk/assets/js/addons/tablet-contents.min.js", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3275257/", + "source": "security@wordfence.com" + }, + { + "url": "https://wordpress.org/plugins/lastudio-element-kit/#developers", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7c633419-e231-437f-a2af-6f564cffc2df?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-323xx/CVE-2025-32389.json b/CVE-2025/CVE-2025-323xx/CVE-2025-32389.json new file mode 100644 index 00000000000..59af7450c4d --- /dev/null +++ b/CVE-2025/CVE-2025-323xx/CVE-2025-32389.json @@ -0,0 +1,86 @@ +{ + "id": "CVE-2025-32389", + "sourceIdentifier": "security-advisories@github.com", + "published": "2025-04-18T16:15:23.033", + "lastModified": "2025-04-18T16:15:23.033", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "NamelessMC is a free, easy to use & powerful website software for Minecraft servers. Prior to version 2.1.4, NamelessMC is vulnerable to SQL injection by providing an unexpected square bracket GET parameter syntax. Square bracket GET parameter syntax refers to the structure `?param[0]=a¶m[1]=b¶m[2]=c` utilized by PHP, which is parsed by PHP as `$_GET['param']` being of type array. This issue has been patched in version 2.1.4." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 8.6, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "HIGH", + "vulnIntegrityImpact": "HIGH", + "vulnAvailabilityImpact": "NONE", + "subConfidentialityImpact": "LOW", + "subIntegrityImpact": "LOW", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/NamelessMC/Nameless/commit/02c81c7c45b98fad1ebe3bc085efae18aec4566f", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/NamelessMC/Nameless/releases/tag/v2.1.4", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/NamelessMC/Nameless/security/advisories/GHSA-5984-mhcp-cq2x", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-324xx/CVE-2025-32433.json b/CVE-2025/CVE-2025-324xx/CVE-2025-32433.json index c2647a964db..4bd7590bc52 100644 --- a/CVE-2025/CVE-2025-324xx/CVE-2025-32433.json +++ b/CVE-2025/CVE-2025-324xx/CVE-2025-32433.json @@ -2,7 +2,7 @@ "id": "CVE-2025-32433", "sourceIdentifier": "security-advisories@github.com", "published": "2025-04-16T22:15:14.373", - "lastModified": "2025-04-17T20:21:48.243", + "lastModified": "2025-04-18T05:15:33.407", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -38,7 +38,7 @@ "weaknesses": [ { "source": "security-advisories@github.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -67,6 +67,10 @@ { "url": "http://www.openwall.com/lists/oss-security/2025/04/16/2", "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "http://www.openwall.com/lists/oss-security/2025/04/18/1", + "source": "af854a3a-2127-422b-91ae-364da2661108" } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-324xx/CVE-2025-32434.json b/CVE-2025/CVE-2025-324xx/CVE-2025-32434.json new file mode 100644 index 00000000000..e6f9bbf562a --- /dev/null +++ b/CVE-2025/CVE-2025-324xx/CVE-2025-32434.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2025-32434", + "sourceIdentifier": "security-advisories@github.com", + "published": "2025-04-18T16:15:23.183", + "lastModified": "2025-04-18T16:15:23.183", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "PyTorch is a Python package that provides tensor computation with strong GPU acceleration and deep neural networks built on a tape-based autograd system. In version 2.5.1 and prior, a Remote Command Execution (RCE) vulnerability exists in PyTorch when loading a model using torch.load with weights_only=True. This issue has been patched in version 2.6.0." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 9.3, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "HIGH", + "vulnIntegrityImpact": "HIGH", + "vulnAvailabilityImpact": "HIGH", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-502" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/pytorch/pytorch/security/advisories/GHSA-53q9-r3pm-6pq6", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-324xx/CVE-2025-32442.json b/CVE-2025/CVE-2025-324xx/CVE-2025-32442.json new file mode 100644 index 00000000000..6438f06c528 --- /dev/null +++ b/CVE-2025/CVE-2025-324xx/CVE-2025-32442.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2025-32442", + "sourceIdentifier": "security-advisories@github.com", + "published": "2025-04-18T16:15:23.327", + "lastModified": "2025-04-18T16:15:23.327", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Fastify is a fast and low overhead web framework, for Node.js. In versions 5.0.0 to 5.3.0, applications that specify different validation strategies for different content types have a possibility to bypass validation by providing a _slightly altered_ content type such as with different casing or altered whitespacing before `;`. This issue has been patched in version 5.3.1. A workaround involves not specifying individual content types in the schema." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-1287" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/fastify/fastify/commit/436da4c06dfbbb8c24adee3a64de0c51e4f47418", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/fastify/fastify/security/advisories/GHSA-mg2h-6x62-wpwc", + "source": "security-advisories@github.com" + }, + { + "url": "https://hackerone.com/reports/3087928", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-327xx/CVE-2025-32790.json b/CVE-2025/CVE-2025-327xx/CVE-2025-32790.json new file mode 100644 index 00000000000..5d05a71777b --- /dev/null +++ b/CVE-2025/CVE-2025-327xx/CVE-2025-32790.json @@ -0,0 +1,68 @@ +{ + "id": "CVE-2025-32790", + "sourceIdentifier": "security-advisories@github.com", + "published": "2025-04-18T13:15:58.177", + "lastModified": "2025-04-18T14:15:22.930", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Dify is an open-source LLM app development platform. In versions 0.6.8 and prior, a vulnerability was identified in the DIFY AI where normal users are improperly granted permissions to export APP DSL. The feature in '/export' should only allow administrator users to export DSL. A workaround for this vulnerability involves updating the access control mechanisms to enforce stricter user role permissions and implementing role-based access controls (RBAC) to ensure that only users with admin privileges can export the APP DSL. This vulnerability is fixed in 0.6.13." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 6.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-284" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/langgenius/dify/commit/59ad091e69736bc9dc1a3bace62ec0a232346246", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/langgenius/dify/pull/5841", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/langgenius/dify/security/advisories/GHSA-jp6m-v4gw-5vgp", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/langgenius/dify/security/advisories/GHSA-jp6m-v4gw-5vgp", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-327xx/CVE-2025-32792.json b/CVE-2025/CVE-2025-327xx/CVE-2025-32792.json new file mode 100644 index 00000000000..bea16c96638 --- /dev/null +++ b/CVE-2025/CVE-2025-327xx/CVE-2025-32792.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2025-32792", + "sourceIdentifier": "security-advisories@github.com", + "published": "2025-04-18T16:15:23.487", + "lastModified": "2025-04-18T16:15:23.487", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "SES safely executes third-party JavaScript 'strict' mode programs in compartments that have no excess authority in their global scope. Prior to version 1.12.0, web pages and web extensions using `ses` and the Compartment API to evaluate third-party code in an isolated execution environment that have also elsewhere used `const`, `let`, and `class` bindings in the top-level scope of a `