admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-01-14T15:00:40.394190+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-01-14 15:04:06 +00:00
parent d1723f93a3
commit 8421ce65c7
82 changed files with 6570 additions and 585 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

130
CVE-2021/CVE-2021-472xx/CVE-2021-47202.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47202",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-10T19:15:48.167",
"lastModified": "2024-11-21T06:35:37.220",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-14T14:42:43.193",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,47 +15,151 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: thermal: Fix NULL pointer dereferences in of_thermal_ functions of_parse_thermal_zones() analiza el nodo thermal-zones y registra un dispositivo thermal_zone para cada subnodo. Sin embargo, si una zona t\u00e9rmica est\u00e1 consumiendo un sensor t\u00e9rmico y ese dispositivo de sensor t\u00e9rmico a\u00fan no ha realizado la prueba, un intento de establecer trip_point_*_temp para ese dispositivo de zona t\u00e9rmica puede provocar una desreferencia de puntero NULL. Arr\u00e9glelo. console:/sys/class/thermal/thermal_zone87 # echo 120000 > trip_point_0_temp ... No se puede manejar la desreferencia del puntero NULL del n\u00facleo en la direcci\u00f3n virtual 0000000000000020 ... Seguimiento de llamadas: of_thermal_set_trip_temp+0x40/0xc4 trip_point_temp_store+0xc0/0x1dc dev_attr_store+0x38/0x88 sysfs_kf_write+0x64/0xc0 kernfs_fop_write_iter+0x108/0x1d0 vfs_write+0x2f4/0x368 ksys_write+0x7c/0xec __arm64_sys_write+0x20/0x30 el0_svc_common.llvm.7279915941325364641+0xbc/0x1bc do_el0_svc+0x28/0xa0 el0_svc+0x14/0x24 el0_sync_handler+0x88/0xec el0_sync+0x1c0/0x200 Mientras tanto, corrija tambi\u00e9n la posible desreferencia del puntero NULL en otras funciones: of_thermal_get_temp(), of_thermal_set_emul_temp(), of_thermal_get_trend()."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.210",
"matchCriteriaId": "769A1563-4E73-4FA2-BDEB-9DBD40989582"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.81",
"matchCriteriaId": "36581F45-F01C-4014-84F2-F7F59F4F5D10"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.14.21",
"matchCriteriaId": "542D1BE5-8431-4A4D-8523-C35DF9570429"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.15",
"versionEndExcluding": "5.15.4",
"matchCriteriaId": "562752F1-191C-49DC-921A-2032FAC48FD4"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/0750f769b95841b34a9fe8c418dd792ff526bf86",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6a315471cb6a07f651e1d3adc8962730f4fcccac",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/828f4c31684da94ecf0b44a2cbd35bbede04f0bd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/96cfe05051fd8543cdedd6807ec59a0e6c409195",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ef2590a5305e0b8e9342f84c2214aa478ee7f28e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/0750f769b95841b34a9fe8c418dd792ff526bf86",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6a315471cb6a07f651e1d3adc8962730f4fcccac",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/828f4c31684da94ecf0b44a2cbd35bbede04f0bd",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/96cfe05051fd8543cdedd6807ec59a0e6c409195",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ef2590a5305e0b8e9342f84c2214aa478ee7f28e",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

119
CVE-2021/CVE-2021-472xx/CVE-2021-47204.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47204",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-10T19:15:48.270",
"lastModified": "2024-11-21T06:35:37.460",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-14T14:35:39.270",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,39 +15,136 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: dpaa2-eth: se ha corregido el error use-after-free en dpaa2_eth_remove. El acceso a netdev despu\u00e9s de free_netdev() provocar\u00e1 un error use-after-free. Mueva el registro de depuraci\u00f3n antes de la llamada free_netdev() para evitarlo."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.17",
"versionEndExcluding": "5.4.162",
"matchCriteriaId": "3EB87820-60BB-4776-8344-33AF0E3BA3BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.82",
"matchCriteriaId": "AE501832-500C-4EF1-9489-5C13674F619D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.5",
"matchCriteriaId": "2128A085-4C0C-4C1E-9E9C-0DD868E2170F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.16:rc1:*:*:*:*:*:*",
"matchCriteriaId": "357AA433-37E8-4323-BFB2-3038D6E4B414"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/1c4099dc0d6a01e76e4f7dd98e4b3e0d55d80ad9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/32d4686224744819ddcae58b666c21d2a4ef4c88",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9b5a333272a48c2f8b30add7a874e46e8b26129c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d74ff10ed2d93dc9b67e99a74b36fb9a83273d8a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/1c4099dc0d6a01e76e4f7dd98e4b3e0d55d80ad9",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/32d4686224744819ddcae58b666c21d2a4ef4c88",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9b5a333272a48c2f8b30add7a874e46e8b26129c",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d74ff10ed2d93dc9b67e99a74b36fb9a83273d8a",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

79
CVE-2021/CVE-2021-472xx/CVE-2021-47211.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47211",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-10T19:15:48.547",
"lastModified": "2024-11-21T06:35:38.357",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-14T14:43:27.637",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,23 +15,88 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ALSA: usb-audio: se corrige la desreferencia de puntero nulo en el puntero cs_desc El puntero cs_desc devuelto por snd_usb_find_clock_source podr\u00eda ser nulo, por lo que existe un posible problema de desreferencia de puntero nulo. Solucione esto agregando una comprobaci\u00f3n de nulo antes de la desreferencia."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.5",
"matchCriteriaId": "B2845F69-264B-45BD-B7E7-D12B24338382"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/58fa50de595f152900594c28ec9915c169643739",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b97053df0f04747c3c1e021ecbe99db675342954",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/58fa50de595f152900594c28ec9915c169643739",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b97053df0f04747c3c1e021ecbe99db675342954",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

136
CVE-2021/CVE-2021-472xx/CVE-2021-47217.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47217",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-10T19:15:48.813",
"lastModified": "2024-11-21T06:35:38.900",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-14T14:44:11.917",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,47 +15,157 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: x86/hyperv: Se corrige la desreferencia NULL en set_hv_tscchange_cb() si falla la configuraci\u00f3n de Hyper-V. Verifique si hay una matriz hv_vp_index v\u00e1lida antes de desreferenciar hv_vp_index al configurar la devoluci\u00f3n de llamada de cambio de TSC de Hyper-V. Si la configuraci\u00f3n de Hyper-V fall\u00f3 en hyperv_init(), el kernel a\u00fan informar\u00e1 que se est\u00e1 ejecutando bajo Hyper-V, pero habr\u00e1 deshabilitado silenciosamente casi todas las funciones. ERROR: desreferencia de puntero NULL del kernel, direcci\u00f3n: 0000000000000010 #PF: acceso de lectura del supervisor en modo kernel #PF: error_code(0x0000) - p\u00e1gina no presente PGD 0 P4D 0 Oops: 0000 [#1] SMP CPU: 4 PID: 1 Comm: swapper/0 No contaminado 5.15.0-rc2+ #75 Nombre del hardware: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 0.0.0 02/06/2015 RIP: 0010:set_hv_tscchange_cb+0x15/0xa0 C\u00f3digo: <8b> 04 82 8b 15 12 17 85 01 48 c1 e0 20 48 0d ee 00 01 00 f6 c6 08 ... Seguimiento de llamadas: kvm_arch_init+0x17c/0x280 kvm_init+0x31/0x330 vmx_init+0xba/0x13a do_one_initcall+0x41/0x1c0 kernel_init_freeable+0x1f2/0x23b kernel_init+0x16/0x120 ret_from_fork+0x22/0x30"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.16",
"versionEndExcluding": "4.19.218",
"matchCriteriaId": "3917EFBF-AD24-48ED-B8B4-4F6BA6A5E0E0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.162",
"matchCriteriaId": "51A152D8-D5CE-47BD-9041-DEE164DCE99D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.82",
"matchCriteriaId": "AE501832-500C-4EF1-9489-5C13674F619D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.5",
"matchCriteriaId": "2128A085-4C0C-4C1E-9E9C-0DD868E2170F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.16:rc1:*:*:*:*:*:*",
"matchCriteriaId": "357AA433-37E8-4323-BFB2-3038D6E4B414"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/8823ea27fff6084bbb4bc71d15378fae0220b1d8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9c177eee116cf888276d3748cb176e72562cfd5c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b0e44dfb4e4c699cca33ede431b8d127e6e8d661",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b20ec58f8a6f4fef32cc71480ddf824584e24743",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/daf972118c517b91f74ff1731417feb4270625a4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8823ea27fff6084bbb4bc71d15378fae0220b1d8",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9c177eee116cf888276d3748cb176e72562cfd5c",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b0e44dfb4e4c699cca33ede431b8d127e6e8d661",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b20ec58f8a6f4fef32cc71480ddf824584e24743",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/daf972118c517b91f74ff1731417feb4270625a4",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

107
CVE-2021/CVE-2021-472xx/CVE-2021-47218.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47218",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-10T19:15:48.860",
"lastModified": "2024-11-21T06:35:39.020",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-14T14:44:55.610",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,31 +15,120 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: selinux: corregir la desreferencia de puntero NULL cuando falla la asignaci\u00f3n de hashtab Cuando la asignaci\u00f3n de la matriz de ranuras de la tabla hash falla en hashtab_init(), h->size se deja inicializado con un valor distinto de cero, pero el puntero h->htable es NULL. Esto puede causar una desreferencia de puntero NULL, ya que el c\u00f3digo policydb se basa en la suposici\u00f3n de que incluso despu\u00e9s de un hashtab_init() fallido, se pueden llamar hashtab_map() y hashtab_destroy() de forma segura. Sin embargo, estos detectan un hashtab vac\u00edo solo mirando el tama\u00f1o. Solucione esto asegur\u00e1ndose de que hashtab_init() siempre deje atr\u00e1s un hashtab vac\u00edo v\u00e1lido cuando falla la asignaci\u00f3n."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.8",
"versionEndExcluding": "5.10.82",
"matchCriteriaId": "AB0877E3-6FA0-42C3-8484-EB609F8F6D4B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.5",
"matchCriteriaId": "2128A085-4C0C-4C1E-9E9C-0DD868E2170F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.16:rc1:*:*:*:*:*:*",
"matchCriteriaId": "357AA433-37E8-4323-BFB2-3038D6E4B414"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.16:rc2:*:*:*:*:*:*",
"matchCriteriaId": "A73429BA-C2D9-4D0C-A75F-06A1CA8B3983"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/83c8ab8503adf56bf68dafc7a382f4946c87da79",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b17dd53cac769dd13031b0ca34f90cc65e523fab",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/dc27f3c5d10c58069672215787a96b4fae01818b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/83c8ab8503adf56bf68dafc7a382f4946c87da79",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b17dd53cac769dd13031b0ca34f90cc65e523fab",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/dc27f3c5d10c58069672215787a96b4fae01818b",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

144
CVE-2022/CVE-2022-486xx/CVE-2022-48648.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-48648",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-28T13:15:07.290",
"lastModified": "2024-11-21T07:33:41.353",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-14T14:52:07.293",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,39 +15,161 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: sfc: corrige la desreferencia del puntero nulo en efx_hard_start_xmit Intentar obtener el canal de la variable tx_queue aqu\u00ed es incorrecto porque solo podemos estar aqu\u00ed si tx_queue es NULL, por lo que no debemos desreferenciarlo. Como dice el comentario anterior en el c\u00f3digo, es muy poco probable que esto suceda, pero de todos modos est\u00e1 mal, as\u00ed que solucion\u00e9moslo. Encontr\u00e9 este problema debido a un error diferente que provoc\u00f3 que tx_queue fuera NULL. Si eso sucede, este es el mensaje de error que recibimos aqu\u00ed: ERROR: no se puede manejar la desreferencia del puntero NULL del kernel en 0000000000000020 [...] RIP: 0010:efx_hard_start_xmit+0x153/0x170 [sfc]"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.10",
"versionEndExcluding": "5.10.146",
"matchCriteriaId": "26BCCE2C-EE0C-437D-A9D6-6714B5AE47CC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.71",
"matchCriteriaId": "080C1827-D257-4D5A-9071-779EF7F5EF0B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.19.12",
"matchCriteriaId": "03B0F56B-C5CC-4E81-BB51-D07D569DE4CA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E8BD11A3-8643-49B6-BADE-5029A0117325"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "5F0AD220-F6A9-4012-8636-155F1B841FAD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "A46498B3-78E1-4623-AAE1-94D29A42BE4E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "F8446E87-F5F6-41CA-8201-BAE0F0CA6DD9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.0:rc5:*:*:*:*:*:*",
"matchCriteriaId": "8E5FB72F-67CE-43CC-83FE-541604D98182"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.0:rc6:*:*:*:*:*:*",
"matchCriteriaId": "3A0A7397-F5F8-4753-82DC-9A11288E696D"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/0a242eb2913a4aa3d6fbdb86559f27628e9466f3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8547c7bfc0617e7184e4da65b9b96681fcfe9998",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b3b41d4d95d3822b2e459ecbc80d030ea6aec5e7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b3b952168ee1f220ba729fa100fd9d5aa752eb03",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/0a242eb2913a4aa3d6fbdb86559f27628e9466f3",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8547c7bfc0617e7184e4da65b9b96681fcfe9998",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b3b41d4d95d3822b2e459ecbc80d030ea6aec5e7",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b3b952168ee1f220ba729fa100fd9d5aa752eb03",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

114
CVE-2022/CVE-2022-486xx/CVE-2022-48663.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-48663",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-28T13:15:07.980",
"lastModified": "2024-11-21T07:33:43.727",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-14T14:53:12.910",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,39 +15,131 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: gpio: maqueta: corrige la desreferencia del puntero NULL al eliminar debugfs Ahora eliminamos las entradas debugfs del dispositivo al desvincular el controlador. Esto ahora provoca una desreferencia del puntero NULL al salir del m\u00f3dulo porque los dispositivos de la plataforma no est\u00e1n registrados *despu\u00e9s* de que el directorio global debugfs se haya eliminado de forma recursiva. Solucionarlo cancelando el registro de los dispositivos primero."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.10.144",
"versionEndExcluding": "5.10.146",
"matchCriteriaId": "2EAE3A2C-3F60-40DD-AF52-8B1F528F2683"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.15.69",
"versionEndExcluding": "5.15.71",
"matchCriteriaId": "E59B6451-2447-4C1E-AF94-1971FD9D8B1B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.19.10",
"versionEndExcluding": "5.19.12",
"matchCriteriaId": "D95C917A-1411-4409-A9B3-E2F4514E6A56"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/18352095a0d581f6aeb1e9fc9d68cc0152cd64b4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/af0bfabf06c74c260265c30ba81a34e7dec0e881",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b7df41a6f79dfb18ba2203f8c5f0e9c0b9b57f68",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/bdea98b98f844bd8a983ca880893e509a8b4162f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/18352095a0d581f6aeb1e9fc9d68cc0152cd64b4",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/af0bfabf06c74c260265c30ba81a34e7dec0e881",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b7df41a6f79dfb18ba2203f8c5f0e9c0b9b57f68",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/bdea98b98f844bd8a983ca880893e509a8b4162f",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

56
CVE-2023/CVE-2023-379xx/CVE-2023-37931.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2023-37931",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:26.623",
"lastModified": "2025-01-14T14:15:26.623",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper neutralization of special elements used in an sql command ('sql injection') vulnerability [CWE-88] in FortiVoice Entreprise version 7.0.0 through 7.0.1 and before 6.4.8 allows an authenticated attacker to perform a blind sql injection attack via sending crafted HTTP or HTTPS requests"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://fortiguard.com/psirt/FG-IR-23-220",
"source": "psirt@fortinet.com"
}
]
}

56
CVE-2023/CVE-2023-379xx/CVE-2023-37936.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2023-37936",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:26.790",
"lastModified": "2025-01-14T14:15:26.790",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A use of hard-coded cryptographic key in Fortinet FortiSwitch version 7.4.0 and 7.2.0 through 7.2.5 and 7.0.0 through 7.0.7 and 6.4.0 through 6.4.13 and 6.2.0 through 6.2.7 and 6.0.0 through 6.0.7 allows attacker to execute unauthorized code or commands via crafted requests."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-321"
}
]
}
],
"references": [
{
"url": "https://fortiguard.com/psirt/FG-IR-23-260",
"source": "psirt@fortinet.com"
}
]
}

56
CVE-2023/CVE-2023-379xx/CVE-2023-37937.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2023-37937",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:26.940",
"lastModified": "2025-01-14T14:15:26.940",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSwitch version 7.4.0 and 7.2.0 through 7.2.5 and 7.0.0 through 7.0.7 and 6.4.0 through 6.4.13 and 6.2.0 through 6.2.7 and 6.0.0 through 6.0.7 allows attacker to execute unauthorized code or commands via the FortiSwitch CLI."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://fortiguard.com/psirt/FG-IR-23-258",
"source": "psirt@fortinet.com"
}
]
}

56
CVE-2023/CVE-2023-427xx/CVE-2023-42785.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2023-42785",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:27.083",
"lastModified": "2025-01-14T14:15:27.083",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A null pointer dereference in FortiOS versions 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0 all versions, 6.4 all versions , 6.2 all versions and 6.0 all versions allows attacker to trigger a denial of service via a crafted http request."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-23-293",
"source": "psirt@fortinet.com"
}
]
}

56
CVE-2023/CVE-2023-427xx/CVE-2023-42786.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2023-42786",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:27.237",
"lastModified": "2025-01-14T14:15:27.237",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A null pointer dereference in FortiOS versions 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0 all versions, 6.4 all versions , 6.2 all versions and 6.0 all versions allows attacker to trigger a denial of service via a crafted http request."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-23-293",
"source": "psirt@fortinet.com"
}
]
}

56
CVE-2023/CVE-2023-467xx/CVE-2023-46715.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2023-46715",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:27.387",
"lastModified": "2025-01-14T14:15:27.387",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An origin validation error [CWE-346] vulnerability in Fortinet FortiOS IPSec VPN version 7.4.0 through 7.4.1 and version 7.2.6 and below allows an authenticated IPSec VPN user with dynamic IP addressing to send (but not receive) packets spoofing the IP of another user via crafted network packets."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.1,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-346"
}
]
}
],
"references": [
{
"url": "https://fortiguard.com/psirt/FG-IR-23-407",
"source": "psirt@fortinet.com"
}
]
}

151
CVE-2023/CVE-2023-526xx/CVE-2023-52643.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-52643",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-17T10:15:08.503",
"lastModified": "2024-11-21T08:40:16.210",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-14T14:58:40.580",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,47 +15,172 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: iio: core: corrige memleak en iio_device_register_sysfs Cuando falla iio_device_register_sysfs_group(), debemos liberar iio_dev_opaque->chan_attr_group.attrs para evitar posibles fugas de mem."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.13",
"versionEndExcluding": "5.15.149",
"matchCriteriaId": "35E631A3-4D05-4FC9-8CF5-E3E21448663F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.79",
"matchCriteriaId": "656E2F29-1779-4EFC-AA64-8F984E2885B1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.18",
"matchCriteriaId": "BD961E49-FEDA-47CF-BF23-4D2BD942B4E0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.7.6",
"matchCriteriaId": "C6D6A5C8-7308-42A9-8A72-ABF3DEA4BB82"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9F4EA73-0894-400F-A490-3A397AB7A517"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc2:*:*:*:*:*:*",
"matchCriteriaId": "056BD938-0A27-4569-B391-30578B309EE3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc3:*:*:*:*:*:*",
"matchCriteriaId": "F02056A5-B362-4370-9FF8-6F0BD384D520"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc4:*:*:*:*:*:*",
"matchCriteriaId": "62075ACE-B2A0-4B16-829D-B3DA5AE5CC41"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/1c6d19c8cbf6abcea2c8fca2db26abca2cbf0363",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/359f220d0e753bba840eac19ffedcdc816b532f2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3db312e06851996e7fb27cb5a8ccab4c0f9cdb93",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/95a0d596bbd0552a78e13ced43f2be1038883c81",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b90126c86d83912688501826643ea698f0df1728",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/1c6d19c8cbf6abcea2c8fca2db26abca2cbf0363",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/359f220d0e753bba840eac19ffedcdc816b532f2",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3db312e06851996e7fb27cb5a8ccab4c0f9cdb93",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/95a0d596bbd0552a78e13ced43f2be1038883c81",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b90126c86d83912688501826643ea698f0df1728",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

148
CVE-2023/CVE-2023-526xx/CVE-2023-52662.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-52662",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-17T14:15:08.373",
"lastModified": "2024-11-21T08:40:18.603",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-14T14:55:24.477",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,55 +15,173 @@
"value": " En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: drm/vmwgfx: soluciona un memleak en vmw_gmrid_man_get_node Cuando falla ida_alloc_max, se deben liberar los recursos asignados anteriormente, incluido *res asignado por kmalloc y ttm_resource_init."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.14",
"versionEndExcluding": "5.15.153",
"matchCriteriaId": "D811A71A-BD96-4E48-ABE1-315AD51DCB5C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.83",
"matchCriteriaId": "121A07F6-F505-4C47-86BF-9BB6CC7B6C19"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.23",
"matchCriteriaId": "E00814DC-0BA7-431A-9926-80FEB4A96C68"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.7.11",
"matchCriteriaId": "9B95D3A6-E162-47D5-ABFC-F3FA74FA7CFD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.8",
"versionEndExcluding": "6.8.2",
"matchCriteriaId": "543A75FF-25B8-4046-A514-1EA8EDD87AB1"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/03b1072616a8f7d6e8594f643b416a9467c83fbf",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/40624af6674745e174c754a20d7c53c250e65e7a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6fc6233f6db1579b69b54b44571f1a7fde8186e6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/83e0f220d1e992fa074157fcf14945bf170ffbc5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/89709105a6091948ffb6ec2427954cbfe45358ce",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d1e546ab91c670e536a274a75481034ab7534876",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/03b1072616a8f7d6e8594f643b416a9467c83fbf",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/40624af6674745e174c754a20d7c53c250e65e7a",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6fc6233f6db1579b69b54b44571f1a7fde8186e6",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/83e0f220d1e992fa074157fcf14945bf170ffbc5",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/89709105a6091948ffb6ec2427954cbfe45358ce",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d1e546ab91c670e536a274a75481034ab7534876",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

56
CVE-2024/CVE-2024-114xx/CVE-2024-11497.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-11497",
"sourceIdentifier": "info@cert.vde.com",
"published": "2025-01-14T14:15:27.720",
"lastModified": "2025-01-14T14:15:27.720",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An authenticated attacker can use this vulnerability to perform a privilege escalation to gain root access."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "info@cert.vde.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "info@cert.vde.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-732"
}
]
}
],
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2024-070",
"source": "info@cert.vde.com"
}
]
}

33
CVE-2024/CVE-2024-118xx/CVE-2024-11863.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-11863",
"sourceIdentifier": "arm-security@arm.com",
"published": "2025-01-14T14:15:27.927",
"lastModified": "2025-01-14T14:15:27.927",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Specifically crafted SCMI messages sent to an SCP running SCP-Firmware release versions up to and including 2.15.0 may lead to a Usage Fault and crash the SCP"
}
],
"metrics": {},
"weaknesses": [
{
"source": "arm-security@arm.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-755"
}
]
}
],
"references": [
{
"url": "https://developer.arm.com/Arm%20Security%20Center/SCP-Firmware%20Vulnerability%20CVE-2024-11863-11864",
"source": "arm-security@arm.com"
}
]
}

33
CVE-2024/CVE-2024-118xx/CVE-2024-11864.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-11864",
"sourceIdentifier": "arm-security@arm.com",
"published": "2025-01-14T14:15:28.053",
"lastModified": "2025-01-14T14:15:28.053",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Specifically crafted SCMI messages sent to an SCP running SCP-Firmware release versions up to and including 2.15.0 may lead to a Usage Fault and crash the SCP"
}
],
"metrics": {},
"weaknesses": [
{
"source": "arm-security@arm.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-755"
}
]
}
],
"references": [
{
"url": "https://developer.arm.com/Arm%20Security%20Center/SCP-Firmware%20Vulnerability%20CVE-2024-11863-11864",
"source": "arm-security@arm.com"
}
]
}

17
CVE-2024/CVE-2024-121xx/CVE-2024-12147.json
View File

@ -2,13 +2,20 @@
"id": "CVE-2024-12147",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-12-04T18:15:11.803",
"lastModified": "2024-12-04T18:15:11.803",
"lastModified": "2025-01-14T14:15:28.163",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"cveTags": [
{
"sourceIdentifier": "cna@vuldb.com",
"tags": [
"unsupported-when-assigned"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Netgear R6900 1.0.1.26_1.0.20. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file upgrade_check.cgi of the component HTTP Header Handler. The manipulation of the argument Content-Length leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
"value": "A vulnerability was found in Netgear R6900 1.0.1.26_1.0.20. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file upgrade_check.cgi of the component HTTP Header Handler. The manipulation of the argument Content-Length leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer."
},
{
"lang": "es",
@ -144,6 +151,10 @@
{
"url": "https://www.netgear.com/",
"source": "cna@vuldb.com"
},
{
"url": "https://www.netgear.com/about/eos/",
"source": "cna@vuldb.com"
}
]
}

17
CVE-2024/CVE-2024-129xx/CVE-2024-12988.json
View File

@ -2,13 +2,20 @@
"id": "CVE-2024-12988",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-12-27T17:15:08.130",
"lastModified": "2024-12-27T19:15:08.260",
"lastModified": "2025-01-14T14:15:28.347",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"cveTags": [
{
"sourceIdentifier": "cna@vuldb.com",
"tags": [
"unsupported-when-assigned"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in Netgear R6900P and R7000P 1.3.3.154 and classified as critical. Affected by this vulnerability is the function sub_16C4C of the component HTTP Header Handler. The manipulation of the argument Host leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
"value": "A vulnerability has been found in Netgear R6900P and R7000P 1.3.3.154 and classified as critical. Affected by this vulnerability is the function sub_16C4C of the component HTTP Header Handler. The manipulation of the argument Host leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer."
},
{
"lang": "es",
@ -145,6 +152,10 @@
"url": "https://www.netgear.com/",
"source": "cna@vuldb.com"
},
{
"url": "https://www.netgear.com/about/eos/",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/physicszq/Routers/tree/main/Netgear/1.3.3.154",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"

139
CVE-2024/CVE-2024-131xx/CVE-2024-13131.json
View File

@ -2,144 +2,15 @@
"id": "CVE-2024-13131",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-01-05T03:15:05.690",
"lastModified": "2025-01-10T14:15:28.793",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-14T14:15:28.490",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic has been found in Dahua IPC-HFW1200S, IPC-HFW2300R-Z, IPC-HFW5220E-Z and IPC-HDW1200S up to 20241222. This affects an unknown part of the file /web_caps/webCapsConfig of the component Web Interface. The manipulation leads to information disclosure. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad clasificada como problem\u00e1tica en los dispositivos Dahua IPC-HFW1200S, IPC-HFW2300R-Z, IPC-HFW5220E-Z e IPC-HDW1200S hasta 20241222. Afecta a una parte desconocida del archivo /web_caps/webCapsConfig del componente Web Interface. La manipulaci\u00f3n conduce a la divulgaci\u00f3n de informaci\u00f3n. Es posible iniciar el ataque de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse. Se contact\u00f3 al proveedor con anticipaci\u00f3n sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera."
"value": "Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-9680. Reason: This candidate is a reservation duplicate of CVE-2019-9680. Notes: All CVE users should reference CVE-2019-9680 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "NONE",
"vulnerableSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"baseScore": 5.0,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
},
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://netsecfish.notion.site/IntelBras-IP-Camera-Information-Disclosure-15e6b683e67c80a89f89daf59daa9ea8?pvs=73",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.290205",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.290205",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.464258",
"source": "cna@vuldb.com"
}
]
"metrics": {},
"references": []
}

56
CVE-2024/CVE-2024-217xx/CVE-2024-21758.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-21758",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:28.597",
"lastModified": "2025-01-14T14:15:28.597",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A stack-based buffer overflow in Fortinet FortiWeb versions 7.2.0 through 7.2.7, and 7.4.0 through 7.4.1 may allow a privileged user to execute arbitrary code via specially crafted CLI commands, provided the user is able to evade FortiWeb stack protections."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.5,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-121"
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-23-458",
"source": "psirt@fortinet.com"
}
]
}

56
CVE-2024/CVE-2024-231xx/CVE-2024-23106.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-23106",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:28.747",
"lastModified": "2025-01-14T14:15:28.747",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper restriction of excessive authentication attempts [CWE-307] in FortiClientEMS version 7.2.0 through 7.2.4 and before 7.0.10 allows an unauthenticated attacker to try a brute force attack against the FortiClientEMS console via crafted HTTP or HTTPS requests."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-307"
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-23-476",
"source": "psirt@fortinet.com"
}
]
}

56
CVE-2024/CVE-2024-260xx/CVE-2024-26012.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-26012",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:28.893",
"lastModified": "2025-01-14T14:15:28.893",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiAP-S 6.2 all verisons, and 6.4.0 through 6.4.9, FortiAP-W2 6.4 all versions, 7.0 all versions, 7.2.0 through 7.2.3, and 7.4.0 through 7.4.2, FortiAP 6.4 all versions, 7.0 all versions, 7.2.0 through 7.2.3, and 7.4.0 through 7.4.2 allow a local authenticated attacker to execute unauthorized code via the CLI."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-23-405",
"source": "psirt@fortinet.com"
}
]
}

167
CVE-2024/CVE-2024-268xx/CVE-2024-26829.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26829",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-17T10:15:09.347",
"lastModified": "2024-11-21T09:03:09.783",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-14T14:58:05.850",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,55 +15,192 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: media: ir_toy: corrige una fuga de mem en irtoy_tx Cuando falla irtoy_command, se debe liberar buf ya que est\u00e1 asignado por irtoy_tx, o hay una fuga de mem."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.210",
"matchCriteriaId": "24443040-F8E0-445D-8395-40A94214526C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.15.54",
"versionEndExcluding": "5.15.149",
"matchCriteriaId": "FC55D6FB-B445-4760-AA4E-387BAD7DD8D6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.79",
"matchCriteriaId": "656E2F29-1779-4EFC-AA64-8F984E2885B1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.18",
"matchCriteriaId": "BD961E49-FEDA-47CF-BF23-4D2BD942B4E0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.7.6",
"matchCriteriaId": "C6D6A5C8-7308-42A9-8A72-ABF3DEA4BB82"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9F4EA73-0894-400F-A490-3A397AB7A517"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc2:*:*:*:*:*:*",
"matchCriteriaId": "056BD938-0A27-4569-B391-30578B309EE3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc3:*:*:*:*:*:*",
"matchCriteriaId": "F02056A5-B362-4370-9FF8-6F0BD384D520"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc4:*:*:*:*:*:*",
"matchCriteriaId": "62075ACE-B2A0-4B16-829D-B3DA5AE5CC41"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/207557e393a135c1b6fe1df7cc0741d2c1789fff",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/486a4176bc783df798bce2903824801af8d2c3ae",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7219a692ffc00089015ada33b85b334d1a4b6e8e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b37259448bbc70af1d0e52a9dd5559a9c29c9621",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/be76ad74a43f90f340f9f479e6b04f02125f6aef",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/dc9ceb90c4b42c6e5c6757df1d6257110433788e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/207557e393a135c1b6fe1df7cc0741d2c1789fff",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/486a4176bc783df798bce2903824801af8d2c3ae",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7219a692ffc00089015ada33b85b334d1a4b6e8e",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b37259448bbc70af1d0e52a9dd5559a9c29c9621",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/be76ad74a43f90f340f9f479e6b04f02125f6aef",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/dc9ceb90c4b42c6e5c6757df1d6257110433788e",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

232
CVE-2024/CVE-2024-268xx/CVE-2024-26839.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26839",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-17T10:15:09.860",
"lastModified": "2024-11-21T09:03:10.980",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-14T14:56:47.140",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,79 +15,269 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: IB/hfi1: corrige una fuga de mem en init_credit_return Cuando dma_alloc_coherent no puede asignar dd->cr_base[i].va, init_credit_return deber\u00eda desasignar dd->cr_base y dd->cr_base[i]. ] el asignado antes. O esos recursos nunca se liberar\u00edan y se desencadenar\u00eda una fuga de memoria."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.3",
"versionEndExcluding": "4.19.308",
"matchCriteriaId": "B8C10ACD-3562-46D8-9264-AB7D6E861232"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.270",
"matchCriteriaId": "5D8044B1-C7E8-44A4-9F03-A4D7BCDB1721"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.211",
"matchCriteriaId": "7DDA4DCF-671D-415D-94DF-6E3C77DF0704"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.150",
"matchCriteriaId": "CB6C60DE-9E0C-46C5-904D-D4F4031F8E95"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.80",
"matchCriteriaId": "BA7850CE-97C9-4408-A348-6173296BCA2B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.19",
"matchCriteriaId": "8D82004C-B2AE-4048-9344-32EFF65953B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.7.7",
"matchCriteriaId": "575EE16B-67F2-4B5B-B5F8-1877715C898B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9F4EA73-0894-400F-A490-3A397AB7A517"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc2:*:*:*:*:*:*",
"matchCriteriaId": "056BD938-0A27-4569-B391-30578B309EE3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc3:*:*:*:*:*:*",
"matchCriteriaId": "F02056A5-B362-4370-9FF8-6F0BD384D520"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc4:*:*:*:*:*:*",
"matchCriteriaId": "62075ACE-B2A0-4B16-829D-B3DA5AE5CC41"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc5:*:*:*:*:*:*",
"matchCriteriaId": "A780F817-2A77-4130-A9B7-5C25606314E3"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/2e4f9f20b32658ef3724aa46f7aef4908d2609e3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3fa240bb6b2dbb3e7a3ee1440a4889cbb6207eb7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/52de5805c147137205662af89ed7e083d656ae25",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/809aa64ebff51eb170ee31a95f83b2d21efa32e2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8412c86e89cc78d8b513cb25cf2157a2adf3670a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b41d0ade0398007fb746213f09903d52a920e896",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/cecfb90cf71d91e9efebd68b9e9b84661b277cc8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f0d857ce31a6bc7a82afcdbadb8f7417d482604b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/2e4f9f20b32658ef3724aa46f7aef4908d2609e3",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3fa240bb6b2dbb3e7a3ee1440a4889cbb6207eb7",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/52de5805c147137205662af89ed7e083d656ae25",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/809aa64ebff51eb170ee31a95f83b2d21efa32e2",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8412c86e89cc78d8b513cb25cf2157a2adf3670a",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b41d0ade0398007fb746213f09903d52a920e896",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/cecfb90cf71d91e9efebd68b9e9b84661b277cc8",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f0d857ce31a6bc7a82afcdbadb8f7417d482604b",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
}
]
}

131
CVE-2024/CVE-2024-268xx/CVE-2024-26868.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26868",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-17T11:15:09.360",
"lastModified": "2024-11-21T09:03:15.243",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-14T14:45:52.020",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,47 +15,152 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: nfs: soluciona el p\u00e1nico cuando falla nfs4_ff_layout_prepare_ds() Hemos estado viendo el siguiente error de p\u00e1nico en producci\u00f3n: desreferencia del puntero NULL del kernel, direcci\u00f3n: 0000000000000065 PGD 2f485f067 P4D 2f485f067 PUD 2cc5d8067 PMD RIP : 0010:ff_layout_cancel_io+0x3a/0x90 [nfs_layout_flexfiles] Seguimiento de llamadas: ? __die+0x78/0xc0 ? page_fault_oops+0x286/0x380? __rpc_execute+0x2c3/0x470 [sunrpc] ? rpc_new_task+0x42/0x1c0 [sunrpc] ? exc_page_fault+0x5d/0x110? asm_exc_page_fault+0x22/0x30? ff_layout_free_layoutreturn+0x110/0x110 [nfs_layout_flexfiles]? ff_layout_cancel_io+0x3a/0x90 [nfs_layout_flexfiles]? ff_layout_cancel_io+0x6f/0x90 [nfs_layout_flexfiles] pnfs_mark_matching_lsegs_return+0x1b0/0x360 [nfsv4] pnfs_error_mark_layout_for_return+0x9e/0x110 [nfsv4] ? ff_layout_send_layouterror+0x50/0x160 [nfs_layout_flexfiles] nfs4_ff_layout_prepare_ds+0x11f/0x290 [nfs_layout_flexfiles] ff_layout_pg_init_write+0xf0/0x1f0 [nfs_layout_flexfiles] __nfs_pageio_add_re b\u00fasqueda+0x154/0x6c0 [nfs] nfs_pageio_add_request+0x26b/0x380 [nfs] nfs_do_writepage+0x111/0x1e0 [nfs] nfs_writepages_callback+ 0xf/0x30 [nfs] write_cache_pages+0x17f/0x380 ? nfs_pageio_init_write+0x50/0x50 [nfs] ? nfs_writepages+0x6d/0x210 [nfs]? nfs_writepages+0x6d/0x210 [nfs] nfs_writepages+0x125/0x210 [nfs] do_writepages+0x67/0x220? generic_perform_write+0x14b/0x210 filemap_fdatawrite_wbc+0x5b/0x80 file_write_and_wait_range+0x6d/0xc0 nfs_file_fsync+0x81/0x170 [nfs] ? nfs_file_mmap+0x60/0x60 [nfs] __x64_sys_fsync+0x53/0x90 do_syscall_64+0x3d/0x90 Entry_SYSCALL_64_after_hwframe+0x46/0xb0 Inspeccionando el n\u00facleo con drgn pude extraer esto >>> prog.crashed_thread().stack_trace()[0 ] # 0 en 0xffffffffa079657a (ff_layout_cancel_io+0x3a/0x84) en ff_layout_cancel_io en fs/nfs/flexfilelayout/flexfilelayout.c:2021:27 >>> prog.crashed_thread().stack_trace()[0]['idx'] (u32)1 >>> prog.crashed_thread().stack_trace()[0]['flseg'].mirror_array[1].mirror_ds (struct nfs4_ff_layout_ds *)0xffffffffffffffed Esto queda claro en el seguimiento de la pila, llamamos a nfs4_ff_layout_prepare_ds(), lo que podr\u00eda generar un error inicializando mirror_ds, y luego vamos a limpiarlo todo y nuestra verificaci\u00f3n es solo para if (!mirror->mirror_ds). Esto es inconsistente con el resto de usuarios de mirror_ds, que tienen if (IS_ERR_OR_NULL(mirror_ds)) para evitar tropezar con este escenario exacto. Solucione esto en ff_layout_cancel_io() para asegurarnos de que no entremos en p\u00e1nico cuando recibamos un error. Tambi\u00e9n revis\u00e9 todas las dem\u00e1s instancias de verificaci\u00f3n de mirror_ds y parece que estamos haciendo las verificaciones correctas en todas partes, solo desreferenciando incondicionalmente mirror_ds cuando sabemos que ser\u00eda v\u00e1lido."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.1",
"versionEndExcluding": "6.1.83",
"matchCriteriaId": "3057E4AB-0FB4-49B3-B63D-10D187B96B1B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.23",
"matchCriteriaId": "E00814DC-0BA7-431A-9926-80FEB4A96C68"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.7.11",
"matchCriteriaId": "9B95D3A6-E162-47D5-ABFC-F3FA74FA7CFD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.8",
"versionEndExcluding": "6.8.2",
"matchCriteriaId": "543A75FF-25B8-4046-A514-1EA8EDD87AB1"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/31db25e3141b20e2a76a9f219eeca52e3cab126c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5ada9016b1217498fad876a3d5b07645cc955608",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/719fcafe07c12646691bd62d7f8d94d657fa0766",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7ca651b4ec4a049f5a46a0e5ff921b86b91c47c5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/dac068f164ad05b35e7c0be13f138c3f6adca58f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/31db25e3141b20e2a76a9f219eeca52e3cab126c",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5ada9016b1217498fad876a3d5b07645cc955608",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/719fcafe07c12646691bd62d7f8d94d657fa0766",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7ca651b4ec4a049f5a46a0e5ff921b86b91c47c5",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/dac068f164ad05b35e7c0be13f138c3f6adca58f",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

114
CVE-2024/CVE-2024-268xx/CVE-2024-26871.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26871",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-17T11:15:09.513",
"lastModified": "2024-11-21T09:03:15.620",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-14T14:46:37.293",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,39 +15,131 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: f2fs: corrige la desreferencia del puntero NULL en f2fs_submit_page_write() ERROR: desreferencia del puntero NULL del kernel, direcci\u00f3n: 0000000000000014 RIP: 0010:f2fs_submit_page_write+0x6cf/0x780 [f2fs] Seguimiento de llamadas: ? show_regs+0x6e/0x80? __morir+0x29/0x70 ? page_fault_oops+0x154/0x4a0? prb_read_valid+0x20/0x30? __irq_work_queue_local+0x39/0xd0 ? irq_work_queue+0x36/0x70? do_user_addr_fault+0x314/0x6c0? exc_page_fault+0x7d/0x190? asm_exc_page_fault+0x2b/0x30? f2fs_submit_page_write+0x6cf/0x780 [f2fs] ? f2fs_submit_page_write+0x736/0x780 [f2fs] do_write_page+0x50/0x170 [f2fs] f2fs_outplace_write_data+0x61/0xb0 [f2fs] f2fs_do_write_data_page+0x3f8/0x660 [f2fs] f2fs_write_single_data_page+0 x5bb/0x7a0 [f2fs] f2fs_write_cache_pages+0x3da/0xbe0 [f2fs] .. Es posible que otros hilos hayan agregado este fio a io->bio y hayan enviado el io->bio antes de ingresar a f2fs_submit_page_write(). En este punto io->bio = NULL. Si is_end_zone_blkaddr(sbi, fio->new_blkaddr) de este fio es verdadero, entonces se produce un error de desreferencia de puntero NULL en bio_get(io->bio). El c\u00f3digo original para determinar el final de la zona estaba despu\u00e9s de \"out:\", lo que habr\u00eda pasado por alto a alg\u00fan fio que es el final de la zona. Mov\u00ed este c\u00f3digo antes de \"omitir:\" para asegurarme de que est\u00e9 hecho para cada fio."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.5",
"versionEndExcluding": "6.6.23",
"matchCriteriaId": "89C006B8-BD53-4D24-9E4A-3482F60C50EC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.7.11",
"matchCriteriaId": "9B95D3A6-E162-47D5-ABFC-F3FA74FA7CFD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.8",
"versionEndExcluding": "6.8.2",
"matchCriteriaId": "543A75FF-25B8-4046-A514-1EA8EDD87AB1"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/4c122a32582b67bdd44ca8d25f894ee2dc54f566",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6d102382a11d5e6035f6c98f6e508a38541f7af3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8e2ea8b04cb8d976110c4568509e67d6a39b2889",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c2034ef6192a65a986a45c2aa2ed05824fdc0e9f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4c122a32582b67bdd44ca8d25f894ee2dc54f566",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6d102382a11d5e6035f6c98f6e508a38541f7af3",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8e2ea8b04cb8d976110c4568509e67d6a39b2889",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c2034ef6192a65a986a45c2aa2ed05824fdc0e9f",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

227
CVE-2024/CVE-2024-268xx/CVE-2024-26878.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26878",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-17T11:15:09.870",
"lastModified": "2024-11-21T09:03:16.660",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-14T14:49:44.283",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,87 +15,268 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: cuota: corrige una posible desreferencia del puntero NULL La siguiente carrera puede causar una desreferencia del puntero NULL P1 P2 dquot_free_inode quote_off drop_dquot_ref remove_dquot_ref dquots = i_dquot(inode) dquots = i_dquot(inode) srcu_read_lock dquots[cnt]) != NULL (1) dquots[tipo] = NULL (2) spin_lock(&dquots[cnt]->dq_dqb_lock) (3) .... Si dquot_free_inode(u otras rutinas) verifica los punteros de cuota del inodo (1) antes de que cuota_off lo establezca a NULL(2) y usarlo (3) despu\u00e9s de eso, se activar\u00e1 la desreferencia del puntero NULL. Entonces, solucion\u00e9moslo usando un puntero temporal para evitar este problema."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-362"
},
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.19.311",
"matchCriteriaId": "A6E19FC1-2A3F-4FF8-805C-2864C71553EC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.273",
"matchCriteriaId": "620FD8B7-BF03-43E0-951A-0A58461D4C55"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.214",
"matchCriteriaId": "65987874-467B-4D3B-91D6-68A129B34FB8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.153",
"matchCriteriaId": "ACB69438-845D-4E3C-B114-3140611F9C0B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.83",
"matchCriteriaId": "121A07F6-F505-4C47-86BF-9BB6CC7B6C19"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.23",
"matchCriteriaId": "E00814DC-0BA7-431A-9926-80FEB4A96C68"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.7.11",
"matchCriteriaId": "9B95D3A6-E162-47D5-ABFC-F3FA74FA7CFD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.8",
"versionEndExcluding": "6.8.2",
"matchCriteriaId": "543A75FF-25B8-4046-A514-1EA8EDD87AB1"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/1ca72a3de915f87232c9a4cb9bebbd3af8ed3e25",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/40a673b4b07efd6f74ff3ab60f38b26aa91ee5d5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/49669f8e7eb053f91d239df7b1bfb4500255a9d0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/61380537aa6dd32d8a723d98b8f1bd1b11d8fee0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6afc9f4434fa8063aa768c2bf5bf98583aee0877",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7f9e833fc0f9b47be503af012eb5903086939754",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8514899c1a4edf802f03c408db901063aa3f05a1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d0aa72604fbd80c8aabb46eda00535ed35570f1f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f2649d98aa9ca8623149b3cb8df00c944f5655c7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/1ca72a3de915f87232c9a4cb9bebbd3af8ed3e25",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/40a673b4b07efd6f74ff3ab60f38b26aa91ee5d5",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/49669f8e7eb053f91d239df7b1bfb4500255a9d0",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/61380537aa6dd32d8a723d98b8f1bd1b11d8fee0",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6afc9f4434fa8063aa768c2bf5bf98583aee0877",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7f9e833fc0f9b47be503af012eb5903086939754",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8514899c1a4edf802f03c408db901063aa3f05a1",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d0aa72604fbd80c8aabb46eda00535ed35570f1f",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f2649d98aa9ca8623149b3cb8df00c944f5655c7",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
}
]
}

121
CVE-2024/CVE-2024-268xx/CVE-2024-26892.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26892",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-17T11:15:10.530",
"lastModified": "2024-11-21T09:03:19.010",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-14T14:34:50.407",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,39 +15,138 @@
"value": "En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: wifi: mt76: mt7921e: fix use-after-free en free_irq() Desde el commit a304e1b82808 (\"[PATCH] Depurar irqs compartidas\"), existe una prueba para asegurarse de que El controlador de irq compartido deber\u00eda poder manejar el evento inesperado despu\u00e9s de la cancelaci\u00f3n del registro. Para este caso, apliquemos el indicador MT76_REMOVED para indicar que el dispositivo fue eliminado y no volver a acceder al recurso. ERROR: KASAN: use-after-free en mt7921_irq_handler+0xd8/0x100 [mt7921e] Lectura de tama\u00f1o 8 en la direcci\u00f3n ffff88824a7d3b78 por tarea rmmod/11115 CPU: 28 PID: 11115 Comm: rmmod Tainted: GWL 5.17.0 #10 Nombre de hardware: Micro-Star International Co., Ltd. MS-7D73/MPG B650I EDGE WIFI (MS-7D73), BIOS 1.81 05/01/2024 Seguimiento de llamadas: dump_stack_lvl+0x6f/0xa0 print_address_description.constprop.0+0x1f/0x190 ? mt7921_irq_handler+0xd8/0x100 [mt7921e] ? mt7921_irq_handler+0xd8/0x100 [mt7921e] kasan_report.cold+0x7f/0x11b ? mt7921_irq_handler+0xd8/0x100 [mt7921e] mt7921_irq_handler+0xd8/0x100 [mt7921e] free_irq+0x627/0xaa0 devm_free_irq+0x94/0xd0 ? devm_request_any_context_irq+0x160/0x160? kobject_put+0x18d/0x4a0 mt7921_pci_remove+0x153/0x190 [mt7921e] pci_device_remove+0xa2/0x1d0 __device_release_driver+0x346/0x6e0 driver_detach+0x1ef/0x2c0 bus_remove_driver+0xe7/0x2d 0 ? __check_object_size+0x57/0x310 pci_unregister_driver+0x26/0x250 __do_sys_delete_module+0x307/0x510 ? m\u00f3dulo_libre+0x6a0/0x6a0? fpregs_assert_state_consistent+0x4b/0xb0? rcu_read_lock_sched_held+0x10/0x70? syscall_enter_from_user_mode+0x20/0x70? trace_hardirqs_on+0x1c/0x130 do_syscall_64+0x5c/0x80? trace_hardirqs_on_prepare+0x72/0x160? do_syscall_64+0x68/0x80? trace_hardirqs_on_prepare+0x72/0x160 entrada_SYSCALL_64_after_hwframe+0x44/0xae"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2.15",
"versionEndExcluding": "6.3",
"matchCriteriaId": "70B668F1-1B39-45E1-ADAC-438F51BF80D6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.3.2",
"versionEndExcluding": "6.6.23",
"matchCriteriaId": "EFF8850B-FC76-4A55-B289-22210F46A872"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.7.11",
"matchCriteriaId": "9B95D3A6-E162-47D5-ABFC-F3FA74FA7CFD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.8",
"versionEndExcluding": "6.8.2",
"matchCriteriaId": "543A75FF-25B8-4046-A514-1EA8EDD87AB1"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/bfe1adf1606f76c180324e53b130f0e76d5cc6c3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/bfeaef901194c5923ce3330272786eff2fac513a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c7dd42fbebcfb02bef070fd48f774d6412d0b49d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c957280ef6ab6bdf559a91ae693a6b34310697e3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/bfe1adf1606f76c180324e53b130f0e76d5cc6c3",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/bfeaef901194c5923ce3330272786eff2fac513a",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c7dd42fbebcfb02bef070fd48f774d6412d0b49d",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c957280ef6ab6bdf559a91ae693a6b34310697e3",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

185
CVE-2024/CVE-2024-268xx/CVE-2024-26895.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26895",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-17T11:15:10.677",
"lastModified": "2024-11-21T09:03:19.490",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-14T14:33:40.417",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,67 +15,216 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: wifi: wilc1000: evita el use-after-free en vif al limpiar todas las interfaces wilc_netdev_cleanup activa actualmente una advertencia KASAN, que se puede observar en la ruta del error de registro de la interfaz, o simplemente eliminando el m\u00f3dulo/dispositivo de desvinculaci\u00f3n del controlador: echo spi0.1 > /sys/bus/spi/drivers/wilc1000_spi/unbind ========================== ========================================= ERROR: KASAN: uso de losa despu\u00e9s -free en wilc_netdev_cleanup+0x508/0x5cc Lectura de tama\u00f1o 4 en addr c54d1ce8 por tarea sh/86 CPU: 0 PID: 86 Comm: sh Not tainted 6.8.0-rc1+ #117 Nombre de hardware: Atmel SAMA5 unwind_backtrace from show_stack+0x18/0x1c show_stack de dump_stack_lvl+0x34/0x58 dump_stack_lvl de print_report+0x154/0x500 print_report de kasan_report+0xac/0xd8 kasan_report de wilc_netdev_cleanup+0x508/0x5cc wilc_netdev_cleanup de wilc_bus_remove+0xc8/0xec wilc_bus_remove de spi_remove+0x8c/0xac spi_remove de dispositivo_release_driver_internal+0x434/0x5f8 dispositivo_release_driver_internal de unbind_store+0xbc/0x108 unbind_store de kernfs_fop_write_iter+0x398/0x584 kernfs_fop_write_iter de vfs_write+0x728/0xf88 vfs_write de ksys_write+0x110/0x1e4 ksys_write de ret_fast_syscall+0x0/0 x1c [...] Asignado por la tarea 1: kasan_save_track+0x30/0x5c __kasan_kmalloc +0x8c/0x94 __kmalloc_node+0x1cc/0x3e4 kvmalloc_node+0x48/0x180 alloc_netdev_mqs+0x68/0x11dc alloc_etherdev_mqs+0x28/0x34 wilc_netdev_ifc_init+0x34/0x8ec wilc_cfg80211 _init+0x690/0x910 wilc_bus_probe+0xe0/0x4a0 spi_probe+0x158/0x1b0 Actually_probe+0x270/0xdf4 __driver_probe_device +0x1dc/0x580 driver_probe_device+0x60/0x140 __driver_attach+0x228/0x5d4 bus_for_each_dev+0x13c/0x1a8 bus_add_driver+0x2a0/0x608 driver_register+0x24c/0x578 do_one_initcall+0x180/0x310 kernel _init_freeable+0x424/0x484 kernel_init+0x20/0x148 ret_from_fork+0x14/0x28 Liberado por tarea 86: kasan_save_track+0x30/0x5c kasan_save_free_info+0x38/0x58 __kasan_slab_free+0xe4/0x140 kfree+0xb0/0x238 device_release+0xc0/0x2a8 kobject_put+0x1d4/0x46c netdev_run_todo+0x8fc/0x11 d0 wilc_netdev_cleanup+0x1e4/0x5cc wilc_bus_remove+0xc8/0xec spi_remove +0x8c/0xac dispositivo_release_driver_internal+0x434/0x5f8 unbind_store+0xbc/0x108 kernfs_fop_write_iter+0x398/0x584 vfs_write+0x728/0xf88 ksys_write+0x110/0x1e4 ret_fast_syscall+0x0/0x1c [...] La investigaci\u00f3n inicial de David Mosberger-Tan [1] mostr\u00f3 que Este use-after-free se debe a la cancelaci\u00f3n del registro del dispositivo de red durante el recorrido de la lista vif. Al cancelar el registro de un dispositivo de red, dado que need_free_netdev se configur\u00f3 en verdadero durante el registro, el objeto netdevice tambi\u00e9n se libera y, como consecuencia, tambi\u00e9n el objeto vif correspondiente, ya que est\u00e1 adjunto a \u00e9l como datos privados del dispositivo de red. La siguiente aparici\u00f3n del bucle intenta acceder al puntero vif liberado a la lista para avanzar en la lista. Solucionar este use-after-free gracias a dos mecanismos: - navegar en la lista con list_for_each_entry_safe, que permite modificar de forma segura la lista a medida que avanzamos por cada elemento. Para cada elemento, elim\u00ednelo de la lista con list_del_rcu; aseg\u00farese de esperar a que finalice el per\u00edodo de gracia de RCU despu\u00e9s de cada eliminaci\u00f3n de vif para asegurarse de que tambi\u00e9n sea seguro liberar el vif correspondiente (a trav\u00e9s de unregister_netdev). Ya que estamos en un \"modificador\" de RCU. ruta (no una ruta de \"lector\"), y debido a que se espera que dicha ruta no sea concurrente con ning\u00fan otro modificador (estamos usando el bloqueo vif_mutex), no necesitamos usar la API de lista RCU, es por eso que podemos beneficiarnos de list_for_each_entry_safe . [1] https://lore.kernel.org/linux-wireless/ab077dbe58b1ea5de0a3b2ca21f275a07af967d2.camel@egauge.net/"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.214",
"matchCriteriaId": "65987874-467B-4D3B-91D6-68A129B34FB8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.153",
"matchCriteriaId": "ACB69438-845D-4E3C-B114-3140611F9C0B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.83",
"matchCriteriaId": "121A07F6-F505-4C47-86BF-9BB6CC7B6C19"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.23",
"matchCriteriaId": "E00814DC-0BA7-431A-9926-80FEB4A96C68"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.7.11",
"matchCriteriaId": "9B95D3A6-E162-47D5-ABFC-F3FA74FA7CFD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.8",
"versionEndExcluding": "6.8.2",
"matchCriteriaId": "543A75FF-25B8-4046-A514-1EA8EDD87AB1"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/24228dcf1d30c2231caa332be7d3090ac59fbfe9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3da9d32b7f4a1a9f7e4bb15bb82f2b2dd6719447",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5956f4203b6cdd0755bbdd21b45f3933c7026208",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/73a2aa0aef86c2c07be5a2f42c9e6047e1a2f7bb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a9545af2a533739ffb64d6c9a6fec6f13e2b505f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/cb5942b77c05d54310a0420cac12935e9b6aa21c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/fe20e3d56bc911408fc3c27a17c59e9d7885f7d1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/24228dcf1d30c2231caa332be7d3090ac59fbfe9",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3da9d32b7f4a1a9f7e4bb15bb82f2b2dd6719447",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5956f4203b6cdd0755bbdd21b45f3933c7026208",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/73a2aa0aef86c2c07be5a2f42c9e6047e1a2f7bb",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a9545af2a533739ffb64d6c9a6fec6f13e2b505f",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/cb5942b77c05d54310a0420cac12935e9b6aa21c",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/fe20e3d56bc911408fc3c27a17c59e9d7885f7d1",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
}
]
}

85
CVE-2024/CVE-2024-269xx/CVE-2024-26941.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26941",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-01T06:15:09.487",
"lastModified": "2024-11-21T09:03:26.373",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-14T14:37:37.710",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,23 +15,94 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: drm/dp: Se corrigi\u00f3 la regresi\u00f3n de divisi\u00f3n por cero en DP MST desconectar con nouveau Se corrigi\u00f3 una regresi\u00f3n al usar nouveau y desconectar un concentrador MST StarTech MSTDP122DP DisplayPort 1.2 (la misma regresi\u00f3n no aparecen cuando se utiliza un concentrador Cable Matters DisplayPort 1.4 MST). Seguimiento: error de divisi\u00f3n: 0000 [#1] PREEMPT SMP PTI CPU: 7 PID: 2962 Comm: Xorg Not tainted 6.8.0-rc3+ #744 Nombre de hardware: Razer Blade/DANA_MB, BIOS 01.01 31/08/2018 RIP: 0010: drm_dp_bw_overhead+0xb4/0x110 [drm_display_helper] C\u00f3digo: c6 b8 01 00 00 00 75 61 01 c6 41 0f af f3 41 0f af f1 c1 e1 04 48 63 c7 31 d2 89 ff 48 8b 5d f8 c9 48 0f af f1 48 8d 44 06 y siguientes <48> f7 f7 31 d2 31 c9 31 f6 31 ff 45 31 c0 45 31 c9 45 31 d2 45 31 RSP: 0018:ffffb2c5c211fa30 EFLAGS: 00010206 RAX: ffffffffffffffff RBX: 000000000 RCX: 0000000000f59b00 RDX: 0000000000000000 RSI: 0000000000000000 RDI : 0000000000000000 RBP: ffffb2c5c211fa48 R08: 0000000000000001 R09: 0000000000000020 R10: 00000000000000004 R11: 0000000000000000 R12: 0000000000023b4a R13: ffff91d37d165800 R14: ffff91d36fac6d80 R15: ffff91d34a764010 FS: 00007f4a1ca3fa80(0000) GS:ffff91d6edbc0000(0000) 00000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000559491d49000 CR3: 000000011d180002 CR4: 00000000003706f0 Seguimiento de llamadas: ? show_regs+0x6d/0x80? morir+0x37/0xa0? do_trap+0xd4/0xf0? do_error_trap+0x71/0xb0? drm_dp_bw_overhead+0xb4/0x110 [drm_display_helper] ? exc_divide_error+0x3a/0x70? drm_dp_bw_overhead+0xb4/0x110 [drm_display_helper] ? asm_exc_divide_error+0x1b/0x20? drm_dp_bw_overhead+0xb4/0x110 [drm_display_helper] ? drm_dp_calc_pbn_mode+0x2e/0x70 [drm_display_helper] nv50_msto_atomic_check+0xda/0x120 [nuevo] drm_atomic_helper_check_modeset+0xa87/0xdf0 [drm_kms_helper] drm_atomic_helper_check+0x19/0xa0 [drm_km s_helper] nv50_disp_atomic_check+0x13f/0x2f0 [nuevo] drm_atomic_check_only+0x668/0xb20 [drm]? drm_connector_list_iter_next+0x86/0xc0 [drm] drm_atomic_commit+0x58/0xd0 [drm] ? __pfx___drm_printfn_info+0x10/0x10 [drm] drm_atomic_connector_commit_dpms+0xd7/0x100 [drm] drm_mode_obj_set_property_ioctl+0x1c5/0x450 [drm] ? __pfx_drm_connector_property_set_ioctl+0x10/0x10 [drm] drm_connector_property_set_ioctl+0x3b/0x60 [drm] drm_ioctl_kernel+0xb9/0x120 [drm] drm_ioctl+0x2d0/0x550 [drm] ? __pfx_drm_connector_property_set_ioctl+0x10/0x10 [drm] nouveau_drm_ioctl+0x61/0xc0 [nuevo] __x64_sys_ioctl+0xa0/0xf0 do_syscall_64+0x76/0x140 ? do_syscall_64+0x85/0x140? do_syscall_64+0x85/0x140 Entry_SYSCALL_64_after_hwframe+0x6e/0x76 RIP: 0033:0x7f4a1cd1a94f C\u00f3digo: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <41> 89 c0 3d 00 f0 ff ff 77 1f 48 8b 44 24 18 64 48 2b 04 25 28 00 RSP: 002b:00007ffd2f1df520 EFLAGS: 0246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 00007ffd2f1df5b0 RCX: 00007f4a1cd1a94f RDX: 00007ffd2f1df5b0 RSI: 00000000c01064ab RDI: 000000000000000f RBP: 00000000c01064ab R08: 000056347932deb8 R09: 00056347a7d99c0 R10: 0000000000000000 R11: 0000000000000246 R12: 000056347938a220 R13: 0000000000000000f R14: 0000563479d9f3f0 0000000000000000 M\u00f3dulos vinculados en: rfcomm xt_conntrack nft_chain_nat xt_masquerade nf_nat nf_conntrack_netlink nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 xfrm_user xfrm_algo Xad_addrtype nft_compat nf_tables nfnetlink br_netfilter puente stp llc ccm cmac alkh_ overkh_ overkh_ overkh_ overkh_ overgh_ upny _alg bnep binfmt_misc snd_sof_pci_intel_cnl snd_sof_intel_hda_common snd_soc_hdac_hda snd_sof_pci snd_sof_xtensa_dsp snd_sof_intel_hda SOC_ACPP SOCPI SND_SOC_CORE SND_COMPRESS SND_SOF_INTEL_INTEL_HDA_MLINK SND_HDA_EXT_CORE IWLMVM Intel_raPl_MMSR Intel_raPl_Common Intel_tccc_Cooling x86_pkg_temp_Thermal Intel_PowerClAMCCLAMCCLAMCCLAMCO11111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111. a_codec_hdmi kvm snd_hda_ ---truncado---"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-369"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.8",
"versionEndExcluding": "6.8.3",
"matchCriteriaId": "4C59BBC3-6495-4A77-9C82-55EC7CDF5E02"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*",
"matchCriteriaId": "22BEDD49-2C6D-402D-9DBF-6646F6ECD10B"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/828862071a6ca0c52655e6e62ac7abfef3e5c578",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9cbd1dae842737bfafa4b10a87909fa209dde250",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/828862071a6ca0c52655e6e62ac7abfef3e5c578",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9cbd1dae842737bfafa4b10a87909fa209dde250",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

84
CVE-2024/CVE-2024-269xx/CVE-2024-26944.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26944",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-01T06:15:10.010",
"lastModified": "2024-11-21T09:03:26.850",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-14T14:29:21.517",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,23 +15,93 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: btrfs:zoned: corrige use-after-free en do_zone_finish() Shinichiro inform\u00f3 el siguiente use-after-free desencadenado por la operaci\u00f3n de reemplazo de dispositivo en fstests btrfs/070. Informaci\u00f3n BTRFS (dispositivo nullb1): limpieza: finalizado en el dispositivo 1 con estado: 0 ================================== ================================= ERROR: KASAN: uso de losa despu\u00e9s de liberarlo en do_zone_finish+0x91a/0xb90 [btrfs] Lectura del tama\u00f1o 8 en la direcci\u00f3n ffff8881543c8060 mediante la tarea btrfs-cleaner/3494007 CPU: 0 PID: 3494007 Comm: btrfs-cleaner Contaminado: GW 6.8.0-rc5-kts #1 Nombre del hardware: Supermicro Super Server/X11SPi-TF , BIOS 3.3 21/02/2020 Seguimiento de llamadas: dump_stack_lvl+0x5b/0x90 print_report+0xcf/0x670 ? __virt_addr_valid+0x200/0x3e0 kasan_report+0xd8/0x110 ? do_zone_finish+0x91a/0xb90 [btrfs]? do_zone_finish+0x91a/0xb90 [btrfs] do_zone_finish+0x91a/0xb90 [btrfs] btrfs_delete_unused_bgs+0x5e1/0x1750 [btrfs] ? __pfx_btrfs_delete_unused_bgs+0x10/0x10 [btrfs] ? btrfs_put_root+0x2d/0x220 [btrfs] ? btrfs_clean_one_deleted_snapshot+0x299/0x430 [btrfs] clean_kthread+0x21e/0x380 [btrfs] ? __pfx_cleaner_kthread+0x10/0x10 [btrfs] kthread+0x2e3/0x3c0 ? __pfx_kthread+0x10/0x10 ret_from_fork+0x31/0x70 ? __pfx_kthread+0x10/0x10 ret_from_fork_asm+0x1b/0x30 Asignado por tarea 3493983: kasan_save_stack+0x33/0x60 kasan_save_track+0x14/0x30 __kasan_kmalloc+0xaa/0xb0 btrfs_alloc_device+0x b3/0x4e0 [btrfs] lista_dispositivo_add.constprop.0+0x993/ 0x1630 [btrfs] btrfs_scan_one_device+0x219/0x3d0 [btrfs] btrfs_control_ioctl+0x26e/0x310 [btrfs] __x64_sys_ioctl+0x134/0x1b0 do_syscall_64+0x99/0x190 entrada_SYSCALL_6 4_after_hwframe+0x6e/0x76 Liberado por la tarea 3494056: kasan_save_stack+0x33/0x60 kasan_save_track+0x14/0x30 kasan_save_free_info+0x3f/0x60 veneno_slab_object+0x102/0x170 __kasan_slab_free+0x32/0x70 kfree+0x11b/0x320 btrfs_rm_dev_replace_free_srcdev+0xca/0x280 [btrfs_dev_replace_finishing+0xd 7e/0x14f0 [btrfs] btrfs_dev_replace_by_ioctl+0x1286/0x25a0 [btrfs] btrfs_ioctl+0xb27/0x57d0 [ btrfs] __x64_sys_ioctl+0x134/0x1b0 do_syscall_64+0x99/0x190 Entry_SYSCALL_64_after_hwframe+0x6e/0x76 La direcci\u00f3n con errores pertenece al objeto en ffff8881543c8000 que pertenece al cach\u00e9 kmalloc-1k de tama\u00f1o 1024 Se encuentra la direcci\u00f3n con errores 96 bytes dentro de los 1024 bytes liberados regi\u00f3n [ffff8881543c8000, ffff8881543c8400) La direcci\u00f3n del error pertenece a la p\u00e1gina f\u00edsica: p\u00e1gina:00000000fe2c1285 refcount:1 mapcount:0 mapeo:00000000000000000 index:0x0 pfn:0x1543c8 head:00000000fe2c1285 entero_mapcount:0 nr_pages_mapped:0 pincount:0 banderas: 0x17ffffc0000840(slab|head|node=0|zone=2|lastcpupid=0x1fffff) tipo de p\u00e1gina: 0xffffffff() raw: 0017ffffc0000840 ffff888100042dc0 ffffea0019e8f200 dead000000000002 raw: 0000000000 0000000000100010 00000001ffffffff 0000000000000000 p\u00e1gina volcada porque: kasan: mal acceso detectado Estado de la memoria alrededor de la direcci\u00f3n con errores : ffff8881543c7f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff8881543c7f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >ffff8881543c8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb ^ ffff8881543c8080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb ffff8881543c8100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb Esta UAF sucede porque estamos acceder a informaci\u00f3n de zona obsoleta de un btrfs_device ya eliminado en do_zone_finish(). La secuencia de eventos es la siguiente: btrfs_dev_replace_start btrfs_scrub_dev btrfs_dev_replace_finishing btrfs_dev_replace_update_device_in_mapping_tree <-- dispositivos reemplazados btrfs_rm_dev_replace_free_srcdev btrfs_free_device <-- dispositivo liberado clean_kthread btrfs_delete_unused_ bgs btrfs_zone_finish do_zone_finish <-- hace referencia al dispositivo liberado. La raz\u00f3n de esto es que estamos usando un ---truncado ---"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.8.3",
"matchCriteriaId": "45CAC835-1C61-4C27-A919-EF08207D3099"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*",
"matchCriteriaId": "22BEDD49-2C6D-402D-9DBF-6646F6ECD10B"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/1ec17ef59168a1a6f1105f5dc517f783839a5302",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/34ca809e055eca5cfe63d9c7efbf80b7c21b4e57",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/1ec17ef59168a1a6f1105f5dc517f783839a5302",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/34ca809e055eca5cfe63d9c7efbf80b7c21b4e57",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

237
CVE-2024/CVE-2024-270xx/CVE-2024-27059.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-27059",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-01T13:15:50.493",
"lastModified": "2024-11-21T09:03:46.410",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-14T14:36:42.747",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,79 +15,274 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: USB: almacenamiento-usb: evita el error de divisi\u00f3n por 0 en isd200_ata_command El subcontrolador isd200 en almacenamiento-usb utiliza los valores HEADS y SECTORES en la informaci\u00f3n de ID de ATA para calcular el cilindro y valores principales al crear un CDB para comandos LEER o ESCRIBIR. El c\u00e1lculo implica operaciones de divisi\u00f3n y m\u00f3dulo, lo que provocar\u00e1 un bloqueo si cualquiera de estos valores es 0. Si bien esto nunca sucede con un dispositivo genuino, podr\u00eda suceder con una emulaci\u00f3n defectuosa o subversiva, seg\u00fan lo informado por syzbot fuzzer. Prot\u00e9jase contra esta posibilidad neg\u00e1ndose a vincularse al dispositivo si el valor ATA_ID_HEADS o ATA_ID_SECTORS en la informaci\u00f3n de ID del dispositivo es 0. Esto requiere que isd200_Initialization() devuelva un c\u00f3digo de error negativo cuando falla la inicializaci\u00f3n; actualmente siempre devuelve 0 (incluso cuando hay un error)."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-369"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.6.12",
"versionEndExcluding": "4.19.312",
"matchCriteriaId": "0E489D47-7C41-43B5-A426-E0D8822EFB5A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.274",
"matchCriteriaId": "F45A0F3C-C16D-49C4-86D6-D021C3D4B834"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.215",
"matchCriteriaId": "9CD5894E-58E9-4B4A-B0F4-3E6BC134B8F5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.154",
"matchCriteriaId": "577E212E-7E95-4A71-9B5C-F1D1A3AFFF46"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.84",
"matchCriteriaId": "834D9BD5-42A6-4D74-979E-4D6D93F630FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.64",
"matchCriteriaId": "CA16DEE3-ABEC-4449-9F4A-7A3DC4FC36C7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.7.12",
"matchCriteriaId": "6BE9771A-BAFD-4624-95F9-58D536540C53"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9F4EA73-0894-400F-A490-3A397AB7A517"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc2:*:*:*:*:*:*",
"matchCriteriaId": "056BD938-0A27-4569-B391-30578B309EE3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc3:*:*:*:*:*:*",
"matchCriteriaId": "F02056A5-B362-4370-9FF8-6F0BD384D520"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc4:*:*:*:*:*:*",
"matchCriteriaId": "62075ACE-B2A0-4B16-829D-B3DA5AE5CC41"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc5:*:*:*:*:*:*",
"matchCriteriaId": "A780F817-2A77-4130-A9B7-5C25606314E3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc6:*:*:*:*:*:*",
"matchCriteriaId": "AEB9199B-AB8F-4877-8964-E2BA95B5F15C"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/014bcf41d946b36a8f0b8e9b5d9529efbb822f49",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/284fb1003d5da111019b9e0bf99b084fd71ac133",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3a67d4ab9e730361d183086dfb0ddd8c61f01636",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6c1f36d92c0a8799569055012665d2bb066fb964",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/871fd7b10b56d280990b7e754f43d888382ca325",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9968c701cba7eda42e5f0052b040349d6222ae34",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/eb7b01ca778170654e1c76950024270ba74b121f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f42ba916689f5c7b1642092266d2f53cf527aaaa",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/014bcf41d946b36a8f0b8e9b5d9529efbb822f49",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/284fb1003d5da111019b9e0bf99b084fd71ac133",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3a67d4ab9e730361d183086dfb0ddd8c61f01636",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6c1f36d92c0a8799569055012665d2bb066fb964",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/871fd7b10b56d280990b7e754f43d888382ca325",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9968c701cba7eda42e5f0052b040349d6222ae34",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/eb7b01ca778170654e1c76950024270ba74b121f",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f42ba916689f5c7b1642092266d2f53cf527aaaa",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
}
]
}

224
CVE-2024/CVE-2024-273xx/CVE-2024-27388.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-27388",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-01T13:15:51.550",
"lastModified": "2024-11-21T09:04:30.540",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-14T14:56:08.617",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,87 +15,265 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: SUNRPC: corrige algunas fugas de mem en gssx_dec_option_array Los creds y oa->data deben liberarse en las rutas de manejo de errores despu\u00e9s de su asignaci\u00f3n. Entonces este parche agrega estas desasignaciones en las rutas correspondientes."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.10",
"versionEndExcluding": "4.19.311",
"matchCriteriaId": "AA8D2CD8-65D2-47A7-9391-35AFA94D8CCC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.273",
"matchCriteriaId": "620FD8B7-BF03-43E0-951A-0A58461D4C55"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.214",
"matchCriteriaId": "65987874-467B-4D3B-91D6-68A129B34FB8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.153",
"matchCriteriaId": "ACB69438-845D-4E3C-B114-3140611F9C0B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.83",
"matchCriteriaId": "121A07F6-F505-4C47-86BF-9BB6CC7B6C19"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.23",
"matchCriteriaId": "E00814DC-0BA7-431A-9926-80FEB4A96C68"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.7.11",
"matchCriteriaId": "9B95D3A6-E162-47D5-ABFC-F3FA74FA7CFD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.8",
"versionEndExcluding": "6.8.2",
"matchCriteriaId": "543A75FF-25B8-4046-A514-1EA8EDD87AB1"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/3cfcfc102a5e57b021b786a755a38935e357797d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5e6013ae2c8d420faea553d363935f65badd32c3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/934212a623cbab851848b6de377eb476718c3e4c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9806c2393cd2ab0a8e7bb9ffae02ce20e3112ec4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/996997d1fb2126feda550d6adcedcbd94911fc69",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b97c37978ca825557d331c9012e0c1ddc0e42364",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/bb336cd8d5ecb69c430ebe3e7bcff68471d93fa8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/bfa9d86d39a0fe4685f90c3529aa9bd62a9d97a8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/dd292e884c649f9b1c18af0ec75ca90b390cd044",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3cfcfc102a5e57b021b786a755a38935e357797d",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5e6013ae2c8d420faea553d363935f65badd32c3",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/934212a623cbab851848b6de377eb476718c3e4c",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9806c2393cd2ab0a8e7bb9ffae02ce20e3112ec4",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/996997d1fb2126feda550d6adcedcbd94911fc69",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b97c37978ca825557d331c9012e0c1ddc0e42364",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/bb336cd8d5ecb69c430ebe3e7bcff68471d93fa8",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/bfa9d86d39a0fe4685f90c3529aa9bd62a9d97a8",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/dd292e884c649f9b1c18af0ec75ca90b390cd044",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
}
]
}

232
CVE-2024/CVE-2024-273xx/CVE-2024-27395.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-27395",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-14T15:12:27.683",
"lastModified": "2024-11-21T09:04:31.553",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-14T14:27:22.167",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,79 +15,269 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: openvswitch: Fix Use-After-Free en ovs_ct_exit Dado que kfree_rcu, que se llama en el recorrido hlist_for_each_entry_rcu de ovs_ct_limit_exit, no forma parte de la secci\u00f3n cr\u00edtica de lectura de RCU, es posible que el per\u00edodo de gracia de RCU pasar\u00e1 durante el recorrido y la clave quedar\u00e1 libre. Para evitar esto, se debe cambiar a hlist_for_each_entry_safe."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.18",
"versionEndExcluding": "4.19.313",
"matchCriteriaId": "50CBAC7D-95E2-40F3-8EC6-E2B23E7363E6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.275",
"matchCriteriaId": "5FF6D8DE-C559-4586-86C8-2C6B4420A2C2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.216",
"matchCriteriaId": "A44ABF89-F1BD-4C9A-895D-7596650DCD27"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.158",
"matchCriteriaId": "65D80EF6-76AF-4186-B680-55516EA42EED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.90",
"matchCriteriaId": "59CEDDCF-5C0D-4939-9CFE-2F4524892DD3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.30",
"matchCriteriaId": "84046DAF-73CF-429D-9BA4-05B658B377B5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.8.9",
"matchCriteriaId": "5F9041E5-8358-4EF7-8F98-B812EDE49612"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*",
"matchCriteriaId": "22BEDD49-2C6D-402D-9DBF-6646F6ECD10B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:*",
"matchCriteriaId": "DF73CB2A-DFFD-46FB-9BFE-AA394F27EA37"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc3:*:*:*:*:*:*",
"matchCriteriaId": "52048DDA-FC5A-4363-95A0-A6357B4D7F8C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc4:*:*:*:*:*:*",
"matchCriteriaId": "A06B2CCF-3F43-4FA9-8773-C83C3F5764B2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc5:*:*:*:*:*:*",
"matchCriteriaId": "F850DCEC-E08B-4317-A33B-D2DCF39F601B"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/2db9a8c0a01fa1c762c1e61a13c212c492752994",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/35880c3fa6f8fe281a19975d2992644588ca33d3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/589523cf0b384164e445dd5db8d5b1bf97982424",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5ea7b72d4fac2fdbc0425cd8f2ea33abe95235b2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9048616553c65e750d43846f225843ed745ec0d4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/bca6fa2d9a9f560e6b89fd5190b05cc2f5d422c1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/eaa5e164a2110d2fb9e16c8a29e4501882235137",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/edee0758747d7c219e29db9ed1d4eb33e8d32865",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/2db9a8c0a01fa1c762c1e61a13c212c492752994",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/35880c3fa6f8fe281a19975d2992644588ca33d3",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/589523cf0b384164e445dd5db8d5b1bf97982424",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5ea7b72d4fac2fdbc0425cd8f2ea33abe95235b2",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9048616553c65e750d43846f225843ed745ec0d4",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/bca6fa2d9a9f560e6b89fd5190b05cc2f5d422c1",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/eaa5e164a2110d2fb9e16c8a29e4501882235137",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/edee0758747d7c219e29db9ed1d4eb33e8d32865",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
}
]
}

239
CVE-2024/CVE-2024-273xx/CVE-2024-27396.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-27396",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-14T15:12:27.983",
"lastModified": "2024-11-21T09:04:31.693",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-14T14:26:09.117",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,79 +15,276 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: gtp: corrige Use-After-Free en gtp_dellink Dado que call_rcu, que se llama en el recorrido hlist_for_each_entry_rcu de gtp_dellink, no forma parte de la secci\u00f3n cr\u00edtica de lectura de RCU, es posible que el per\u00edodo de gracia de RCU pasar\u00e1 durante el recorrido y la clave quedar\u00e1 libre. Para evitar esto, se debe cambiar a hlist_for_each_entry_safe."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.14.162",
"versionEndExcluding": "4.15",
"matchCriteriaId": "D8E34938-B599-4B3F-9871-2341E248D9A4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.19.93",
"versionEndExcluding": "4.19.313",
"matchCriteriaId": "8186A8B1-49E7-44C9-8D09-6B053D4BDCBD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.4.8",
"versionEndExcluding": "5.4.275",
"matchCriteriaId": "08BA6295-1810-4C9A-B4D8-E799A4533B19"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.216",
"matchCriteriaId": "A44ABF89-F1BD-4C9A-895D-7596650DCD27"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.158",
"matchCriteriaId": "65D80EF6-76AF-4186-B680-55516EA42EED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.90",
"matchCriteriaId": "59CEDDCF-5C0D-4939-9CFE-2F4524892DD3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.30",
"matchCriteriaId": "84046DAF-73CF-429D-9BA4-05B658B377B5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.8.9",
"matchCriteriaId": "5F9041E5-8358-4EF7-8F98-B812EDE49612"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*",
"matchCriteriaId": "22BEDD49-2C6D-402D-9DBF-6646F6ECD10B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:*",
"matchCriteriaId": "DF73CB2A-DFFD-46FB-9BFE-AA394F27EA37"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc3:*:*:*:*:*:*",
"matchCriteriaId": "52048DDA-FC5A-4363-95A0-A6357B4D7F8C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc4:*:*:*:*:*:*",
"matchCriteriaId": "A06B2CCF-3F43-4FA9-8773-C83C3F5764B2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc5:*:*:*:*:*:*",
"matchCriteriaId": "F850DCEC-E08B-4317-A33B-D2DCF39F601B"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/07b20d0a3dc13fb1adff10b60021a4924498da58",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/0caff3e6390f840666b8dc1ecebf985c2ef3f1dd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/25a1c2d4b1fcf938356a9688a96a6456abd44b29",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/2aacd4de45477582993f8a8abb9505a06426bfb6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/2e74b3fd6bf542349758f283676dff3660327c07",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/718df1bc226c383dd803397d7f5d95557eb81ac7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/cd957d1716ec979d8f5bf38fc659aeb9fdaa2474",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f2a904107ee2b647bb7794a1a82b67740d7c8a64",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/07b20d0a3dc13fb1adff10b60021a4924498da58",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/0caff3e6390f840666b8dc1ecebf985c2ef3f1dd",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/25a1c2d4b1fcf938356a9688a96a6456abd44b29",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/2aacd4de45477582993f8a8abb9505a06426bfb6",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/2e74b3fd6bf542349758f283676dff3660327c07",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/718df1bc226c383dd803397d7f5d95557eb81ac7",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/cd957d1716ec979d8f5bf38fc659aeb9fdaa2474",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f2a904107ee2b647bb7794a1a82b67740d7c8a64",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
}
]
}

56
CVE-2024/CVE-2024-277xx/CVE-2024-27778.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-27778",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:29.053",
"lastModified": "2025-01-14T14:15:29.053",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper neutralization of special elements used in an OS Command vulnerability [CWE-78] in Fortinet FortiSandbox version 4.4.0 through 4.4.4, 4.2.0 through 4.2.6 and below 4.0.4 allows an authenticated attacker with at least read-only permission to execute unauthorized commands via crafted requests."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-061",
"source": "psirt@fortinet.com"
}
]
}

56
CVE-2024/CVE-2024-321xx/CVE-2024-32115.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-32115",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:29.200",
"lastModified": "2025-01-14T14:15:29.200",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A relative path traversal vulnerability [CWE-23] in Fortinet FortiManager version 7.4.0 through 7.4.2 and before 7.2.5 allows a privileged attacker to delete files from the underlying filesystem via crafted HTTP or HTTPs requests."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 4.2
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-23"
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-097",
"source": "psirt@fortinet.com"
}
]
}

56
CVE-2024/CVE-2024-335xx/CVE-2024-33502.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-33502",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:29.360",
"lastModified": "2025-01-14T14:15:29.360",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiManager, FortiAnalyzer versions 7.4.0 through 7.4.2 and 7.2.0 through 7.2.5 and 7.0.0 through 7.0.12 and 6.4.0 through 6.4.14 and 6.2.0 through 6.2.12 and 6.0.0 through 6.0.12 allows attacker to execute unauthorized code or commands via crafted HTTP or HTTPs requests."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-143",
"source": "psirt@fortinet.com"
}
]
}

56
CVE-2024/CVE-2024-335xx/CVE-2024-33503.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-33503",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:29.517",
"lastModified": "2025-01-14T14:15:29.517",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A improper privilege management in Fortinet FortiManager version 7.4.0 through 7.4.3, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, FortiAnalyzer version 7.4.0 through 7.4.2, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14 allows attacker to escalation of privilege via specific shell commands"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-266"
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-127",
"source": "psirt@fortinet.com"
}
]
}

56
CVE-2024/CVE-2024-352xx/CVE-2024-35273.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-35273",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:29.663",
"lastModified": "2025-01-14T14:15:29.663",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A out-of-bounds write in Fortinet FortiManager version 7.4.0 through 7.4.2, FortiAnalyzer version 7.4.0 through 7.4.2 allows attacker to escalation of privilege via specially crafted http requests."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-106",
"source": "psirt@fortinet.com"
}
]
}

56
CVE-2024/CVE-2024-352xx/CVE-2024-35275.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-35275",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:29.817",
"lastModified": "2025-01-14T14:15:29.817",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiAnalyzer version 7.4.0 through 7.4.2, FortiManager version 7.4.0 through 7.4.2 allows attacker to escalation of privilege via specially crafted http requests."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.7,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-091",
"source": "psirt@fortinet.com"
}
]
}

56
CVE-2024/CVE-2024-352xx/CVE-2024-35276.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-35276",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:29.973",
"lastModified": "2025-01-14T14:15:29.973",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A stack-based buffer overflow in Fortinet FortiAnalyzer versions 7.4.0 through 7.4.3, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, FortiManager versions 7.4.0 through 7.4.3, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, FortiManager Cloud versions 7.4.1 through 7.4.3, 7.2.1 through 7.2.5, 7.0.1 through 7.0.11, 6.4.1 through 6.4.7, FortiAnalyzer Cloud versions 7.4.1 through 7.4.3, 7.2.1 through 7.2.5, 7.0.1 through 7.0.11, 6.4.1 through 6.4.7 allows attacker to execute unauthorized code or commands via specially crafted packets."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.2,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-121"
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-165",
"source": "psirt@fortinet.com"
}
]
}

56
CVE-2024/CVE-2024-352xx/CVE-2024-35277.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-35277",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:30.130",
"lastModified": "2025-01-14T14:15:30.130",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A missing authentication for critical function in Fortinet FortiPortal version 6.0.0 through 6.0.15, FortiManager version 7.4.0 through 7.4.2, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14 allows attacker to access to the configuration of the managed devices by sending specifically crafted packets"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-135",
"source": "psirt@fortinet.com"
}
]
}

56
CVE-2024/CVE-2024-352xx/CVE-2024-35278.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-35278",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:30.280",
"lastModified": "2025-01-14T14:15:30.280",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiPortal versions 7.2.4 through 7.2.0 and 7.0.0 through 7.2.8 may allow an authenticated attacker to view the SQL query being run server-side when submitting an HTTP request, via including special elements in said request."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-086",
"source": "psirt@fortinet.com"
}
]
}

224
CVE-2024/CVE-2024-358xx/CVE-2024-35811.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35811",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-17T14:15:15.177",
"lastModified": "2024-11-21T09:20:57.097",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-14T14:23:38.660",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,87 +15,265 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: wifi: brcmfmac: corregido el error de use after free en brcmf_cfg80211_detach Este es el parche candidato de CVE-2023-47233: https://nvd.nist.gov/vuln/detail /CVE-2023-47233 En el controlador brcm80211, comienza con la siguiente cadena de invocaci\u00f3n para iniciar un trabajador de tiempo de espera: ->brcmf_usb_probe ->brcmf_usb_probe_cb ->brcmf_attach ->brcmf_bus_started ->brcmf_cfg80211_attach ->wl_init_priv ->brcmf_init_escan ->INIT_WORK(&cfg ->escan_timeout_work, brcmf_cfg80211_escan_timeout_worker); Si desconectamos el USB mediante hotplug, llamar\u00e1 a brcmf_usb_disconnect para realizar la limpieza. La cadena de invocaci\u00f3n es: brcmf_usb_disconnect ->brcmf_usb_disconnect_cb ->brcmf_detach ->brcmf_cfg80211_detach ->kfree(cfg); Mientras que el activador de tiempo de espera a\u00fan puede estar ejecut\u00e1ndose. Esto provocar\u00e1 un error de use after free en cfg en brcmf_cfg80211_escan_timeout_worker. Soluci\u00f3nelo eliminando el temporizador y cancelando el trabajador en brcmf_cfg80211_detach. [arend.vanspriel@broadcom.com: mantenga la eliminaci\u00f3n del temporizador tal como est\u00e1 y cancele el trabajo justo antes de liberarlo]"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.7",
"versionEndExcluding": "4.19.312",
"matchCriteriaId": "48A978A1-082D-4FD8-B0A8-15D857F7935B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.274",
"matchCriteriaId": "F45A0F3C-C16D-49C4-86D6-D021C3D4B834"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.215",
"matchCriteriaId": "9CD5894E-58E9-4B4A-B0F4-3E6BC134B8F5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.154",
"matchCriteriaId": "577E212E-7E95-4A71-9B5C-F1D1A3AFFF46"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.84",
"matchCriteriaId": "834D9BD5-42A6-4D74-979E-4D6D93F630FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.24",
"matchCriteriaId": "8018C1D0-0A5F-48D0-BC72-A2B33FDDA693"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.7.12",
"matchCriteriaId": "6BE9771A-BAFD-4624-95F9-58D536540C53"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.8",
"versionEndExcluding": "6.8.3",
"matchCriteriaId": "4C59BBC3-6495-4A77-9C82-55EC7CDF5E02"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/0a7591e14a8da794d0b93b5d1c6254ccb23adacb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/0b812f706fd7090be74812101114a0e165b36744",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/0f7352557a35ab7888bc7831411ec8a3cbe20d78",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/190794848e2b9d15de92d502b6ac652806904f5a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/202c503935042272e2f9e1bb549d5f69a8681169",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6678a1e7d896c00030b31491690e8ddc9a90767a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8c36205123dc57349b59b4f1a2301eb278cbc731",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8e3f03f4ef7c36091f46e7349096efb5a2cdb3a1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/bacb8c3ab86dcd760c15903fcee58169bc3026aa",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/0a7591e14a8da794d0b93b5d1c6254ccb23adacb",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/0b812f706fd7090be74812101114a0e165b36744",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/0f7352557a35ab7888bc7831411ec8a3cbe20d78",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/190794848e2b9d15de92d502b6ac652806904f5a",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/202c503935042272e2f9e1bb549d5f69a8681169",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6678a1e7d896c00030b31491690e8ddc9a90767a",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8c36205123dc57349b59b4f1a2301eb278cbc731",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8e3f03f4ef7c36091f46e7349096efb5a2cdb3a1",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/bacb8c3ab86dcd760c15903fcee58169bc3026aa",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
}
]
}

224
CVE-2024/CVE-2024-358xx/CVE-2024-35828.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35828",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-17T14:15:18.887",
"lastModified": "2024-11-21T09:20:59.467",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-14T14:54:31.167",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,87 +15,265 @@
"value": "En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: wifi: libertas: arreglados algunas memleaks en lbs_allocate_cmd_buffer() En la declaraci\u00f3n for de lbs_allocate_cmd_buffer(), si fall\u00f3 la asignaci\u00f3n de cmdarray[i].cmdbuf, tanto cmdarray como cmdarray[i] Es necesario liberar ].cmdbuf. De lo contrario, habr\u00e1 fugas de memoria en lbs_allocate_cmd_buffer()."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.6.22",
"versionEndExcluding": "4.19.311",
"matchCriteriaId": "0C11EA91-49A5-48C2-88DC-31A895CF5BA4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.273",
"matchCriteriaId": "620FD8B7-BF03-43E0-951A-0A58461D4C55"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.214",
"matchCriteriaId": "65987874-467B-4D3B-91D6-68A129B34FB8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.153",
"matchCriteriaId": "ACB69438-845D-4E3C-B114-3140611F9C0B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.83",
"matchCriteriaId": "121A07F6-F505-4C47-86BF-9BB6CC7B6C19"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.23",
"matchCriteriaId": "E00814DC-0BA7-431A-9926-80FEB4A96C68"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.7.11",
"matchCriteriaId": "9B95D3A6-E162-47D5-ABFC-F3FA74FA7CFD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.8",
"versionEndExcluding": "6.8.2",
"matchCriteriaId": "543A75FF-25B8-4046-A514-1EA8EDD87AB1"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/4d99d267da3415db2124029cb5a6d2d955ca43f9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5f0e4aede01cb01fa633171f0533affd25328c3a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8e243ac649c10922a6b4855170eaefe4c5b3faab",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/96481624fb5a6319079fb5059e46dbce43a90186",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/bea9573c795acec5614d4ac2dcc7b3b684cea5bf",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d219724d4b0ddb8ec7dfeaed5989f23edabaf591",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/da10f6b7918abd5b4bc5c9cb66f0fc6763ac48f3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e888c4461e109f7b93c3522afcbbaa5a8fdf29d2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f0dd27314c7afe34794c2aa19dd6f2d30eb23bc7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4d99d267da3415db2124029cb5a6d2d955ca43f9",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5f0e4aede01cb01fa633171f0533affd25328c3a",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8e243ac649c10922a6b4855170eaefe4c5b3faab",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/96481624fb5a6319079fb5059e46dbce43a90186",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/bea9573c795acec5614d4ac2dcc7b3b684cea5bf",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d219724d4b0ddb8ec7dfeaed5989f23edabaf591",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/da10f6b7918abd5b4bc5c9cb66f0fc6763ac48f3",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e888c4461e109f7b93c3522afcbbaa5a8fdf29d2",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f0dd27314c7afe34794c2aa19dd6f2d30eb23bc7",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
}
]
}

102
CVE-2024/CVE-2024-359xx/CVE-2024-35968.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35968",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-20T10:15:11.713",
"lastModified": "2024-11-21T09:21:19.147",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-14T14:41:00.457",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,23 +15,111 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: pds_core: corrige la funci\u00f3n pdsc_check_pci_health para usar el subproceso de trabajo. Cuando el controlador nota fw_status == 0xff, intenta realizar un restablecimiento de PCI sobre s\u00ed mismo a trav\u00e9s de pci_reset_function() en el contexto del subproceso de estado del controlador. . Sin embargo, pdsc_reset_prepare llama a pdsc_stop_health_thread(), que intenta detener/vaciar el hilo de salud. Esto da como resultado un punto muerto porque la parada/vaciado nunca se completar\u00e1 ya que el controlador llam\u00f3 a pci_reset_function() desde el contexto del hilo de salud. Para solucionarlo, cambie pdsc_check_pci_health_function() para poner en cola un pdsc_pci_reset_thread() reci\u00e9n introducido en la cola de trabajo del pdsc. La descarga del controlador en el estado fw_down/dead descubri\u00f3 otro problema, que se puede ver en el siguiente seguimiento: ADVERTENCIA: CPU: 51 PID: 6914 en kernel/workqueue.c:1450 __queue_work+0x358/0x440 [...] RIP: 0010:__queue_work+0x358/0x440 [...] Seguimiento de llamadas: ? __warn+0x85/0x140 ? __queue_work+0x358/0x440? report_bug+0xfc/0x1e0? handle_bug+0x3f/0x70? exc_invalid_op+0x17/0x70? asm_exc_invalid_op+0x1a/0x20? __queue_work+0x358/0x440 queue_work_on+0x28/0x30 pdsc_devcmd_locked+0x96/0xe0 [pds_core] pdsc_devcmd_reset+0x71/0xb0 [pds_core] pdsc_teardown+0x51/0xe0 [pds_core] pdsc_remove+0x106/0x200 [pds_core] pci_device_remove+0x37/0xc0 device_release_driver_internal+0xae /0x140 driver_detach+0x48/0x90 bus_remove_driver+0x6d/0xf0 pci_unregister_driver+0x2e/0xa0 pdsc_cleanup_module+0x10/0x780 [pds_core] __x64_sys_delete_module+0x142/0x2b0 ? syscall_trace_enter.isra.18+0x126/0x1a0 do_syscall_64+0x3b/0x90 Entry_SYSCALL_64_after_hwframe+0x72/0xdc RIP: 0033:0x7fbd9d03a14b [...] Solucione este problema evitando que devcmd se reinicie si el FW no se est\u00e1 ejecutando."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-667"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.6.16",
"versionEndExcluding": "6.7",
"matchCriteriaId": "CA039DA0-F81C-49F2-8BC2-CBBCF83EE6A4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7.4",
"versionEndExcluding": "6.8.7",
"matchCriteriaId": "DA814412-CD30-4333-AA23-FB18D865BFD6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*",
"matchCriteriaId": "22BEDD49-2C6D-402D-9DBF-6646F6ECD10B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:*",
"matchCriteriaId": "DF73CB2A-DFFD-46FB-9BFE-AA394F27EA37"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc3:*:*:*:*:*:*",
"matchCriteriaId": "52048DDA-FC5A-4363-95A0-A6357B4D7F8C"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/38407914d48273d7f8ab765b9243658afe1c3ab6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/81665adf25d28a00a986533f1d3a5df76b79cad9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/38407914d48273d7f8ab765b9243658afe1c3ab6",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/81665adf25d28a00a986533f1d3a5df76b79cad9",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

56
CVE-2024/CVE-2024-365xx/CVE-2024-36504.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-36504",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:30.433",
"lastModified": "2025-01-14T14:15:30.433",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read vulnerability [CWE-125] in FortiOS SSLVPN web portal versions 7.4.0 through 7.4.4, versions 7.2.0 through 7.2.8, 7.0 all verisons, and 6.4 all versions may allow an authenticated attacker to perform a denial of service on the SSLVPN web portal via a specially crafted URL."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-23-473",
"source": "psirt@fortinet.com"
}
]
}

56
CVE-2024/CVE-2024-365xx/CVE-2024-36506.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-36506",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:30.590",
"lastModified": "2025-01-14T14:15:30.590",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper verification of source of a communication channel vulnerability [CWE-940] in FortiClientEMS 7.4.0, 7.2.0 through 7.2.4, 7.0 all versions, 6.4 all versions may allow a remote attacker to bypass the trusted host feature via session connection."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 3.7,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-940"
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-078",
"source": "psirt@fortinet.com"
}
]
}

56
CVE-2024/CVE-2024-365xx/CVE-2024-36510.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-36510",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:30.737",
"lastModified": "2025-01-14T14:15:30.737",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An observable response discrepancy vulnerability [CWE-204] in FortiClientEMS 7.4.0, 7.2.0 through 7.2.4, 7.0 all versions, and FortiSOAR 7.5.0, 7.4.0 through 7.4.4, 7.3.0 through 7.3.2, 7.2 all versions, 7.0 all versions, 6.4 all versions may allow an unauthenticated attacker to enumerate valid users via observing login request responses."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-204"
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-071",
"source": "psirt@fortinet.com"
}
]
}

56
CVE-2024/CVE-2024-365xx/CVE-2024-36512.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-36512",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:30.880",
"lastModified": "2025-01-14T14:15:30.880",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiManager, FortiAnalyzer 7.4.0 through 7.4.3 and 7.2.0 through 7.2.5 and 7.0.2 through 7.0.12 and 6.2.10 through 6.2.13 allows attacker to execute unauthorized code or commands via crafted HTTP or HTTPS requests."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-152",
"source": "psirt@fortinet.com"
}
]
}

56
CVE-2024/CVE-2024-405xx/CVE-2024-40587.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-40587",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:31.027",
"lastModified": "2025-01-14T14:15:31.027",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiVoice version 7.0.0 through 7.0.4 and before 6.4.9 allows an authenticated privileged attacker to execute unauthorized code or commands via crafted CLI requests."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-304",
"source": "psirt@fortinet.com"
}
]
}

56
CVE-2024/CVE-2024-453xx/CVE-2024-45326.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-45326",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:31.183",
"lastModified": "2025-01-14T14:15:31.183",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An\u00a0Improper Access Control vulnerability [CWE-284] in FortiDeceptor version 6.0.0, version 5.3.3 and below, version 5.2.1 and below, version 5.1.0, version 5.0.0 may allow an authenticated attacker with none privileges to perform operations on the central management appliance via crafted requests."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-285",
"source": "psirt@fortinet.com"
}
]
}

56
CVE-2024/CVE-2024-466xx/CVE-2024-46664.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-46664",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:31.330",
"lastModified": "2025-01-14T14:15:31.330",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A relative path traversal in Fortinet FortiRecorder [CWE-23] version 7.2.0 through 7.2.1 and before 7.0.4 allows a privileged attacker to read files from the underlying filesystem via crafted HTTP or HTTPs requests."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 4.2
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-23"
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-310",
"source": "psirt@fortinet.com"
}
]
}

56
CVE-2024/CVE-2024-466xx/CVE-2024-46665.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-46665",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:31.490",
"lastModified": "2025-01-14T14:15:31.490",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An insertion of sensitive information into sent data vulnerability [CWE-201] in FortiOS 7.6.0, 7.4.0 through 7.4.4 may allow an attacker in a man-in-the-middle position to retrieve the RADIUS accounting server shared secret via intercepting accounting-requests."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 3.7,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-201"
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-326",
"source": "psirt@fortinet.com"
}
]
}

56
CVE-2024/CVE-2024-466xx/CVE-2024-46666.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-46666",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:31.647",
"lastModified": "2025-01-14T14:15:31.647",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An allocation of resources without limits or throttling [CWE-770] vulnerability in FortiOS versions 7.6.0, versions 7.4.4 through 7.4.0, 7.2 all versions, 7.0 all versions, 6.4 all versions may allow a remote unauthenticated attacker to prevent access to the GUI via specially crafted requests directed at specific endpoints."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-250",
"source": "psirt@fortinet.com"
}
]
}

56
CVE-2024/CVE-2024-466xx/CVE-2024-46667.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-46667",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:31.797",
"lastModified": "2025-01-14T14:15:31.797",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A allocation of resources without limits or throttling in Fortinet FortiSIEM 5.3 all versions, 5.4 all versions, 6.x all versions, 7.0 all versions, and 7.1.0 through 7.1.5 may allow an attacker to deny valid TLS traffic via consuming all allotted connections."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-164",
"source": "psirt@fortinet.com"
}
]
}

56
CVE-2024/CVE-2024-466xx/CVE-2024-46668.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-46668",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:31.950",
"lastModified": "2025-01-14T14:15:31.950",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An allocation of resources without limits or throttling vulnerability [CWE-770] in FortiOS versions 7.4.0 through 7.4.4, versions 7.2.0 through 7.2.8, versions 7.0.0 through 7.0.15, and versions 6.4.0 through 6.4.15 may allow an unauthenticated remote user to consume all system memory via multiple large file uploads."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-219",
"source": "psirt@fortinet.com"
}
]
}

56
CVE-2024/CVE-2024-466xx/CVE-2024-46669.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-46669",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:32.100",
"lastModified": "2025-01-14T14:15:32.100",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An\u00a0Integer Overflow or Wraparound vulnerability [CWE-190] in version 7.4.4 and below, version 7.2.10 and below; FortiSASE version 23.4.b FortiOS tenant IPsec IKE service may allow an authenticated attacker to crash the IPsec tunnel via crafted requests, resulting in potential denial of service."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 3.5,
"baseSeverity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-267",
"source": "psirt@fortinet.com"
}
]
}

56
CVE-2024/CVE-2024-466xx/CVE-2024-46670.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-46670",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:32.243",
"lastModified": "2025-01-14T14:15:32.243",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An\u00a0Out-of-bounds Read vulnerability [CWE-125] in FortiOS version 7.6.0, version 7.4.4 and below, version 7.2.9 and below and FortiSASE FortiOS tenant version 24.3.b IPsec IKE service may allow an unauthenticated remote attacker to trigger memory consumption leading to Denial of Service via crafted requests."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-266",
"source": "psirt@fortinet.com"
}
]
}

56
CVE-2024/CVE-2024-475xx/CVE-2024-47566.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-47566",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:32.400",
"lastModified": "2025-01-14T14:15:32.400",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A improper limitation of a pathname to a restricted directory ('path traversal') [CWE-23] in Fortinet FortiRecorder version 7.2.0 through 7.2.1 and before 7.0.4 allows a privileged attacker to delete files from the underlying filesystem via crafted CLI requests."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 4.2
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-401",
"source": "psirt@fortinet.com"
}
]
}

56
CVE-2024/CVE-2024-475xx/CVE-2024-47571.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-47571",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:32.560",
"lastModified": "2025-01-14T14:15:32.560",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An operation on a resource after expiration or release in Fortinet FortiManager 6.4.12 through 7.4.0 allows an attacker to gain improper access to FortiGate via valid credentials."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-672"
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-239",
"source": "psirt@fortinet.com"
}
]
}

56
CVE-2024/CVE-2024-475xx/CVE-2024-47572.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-47572",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:32.717",
"lastModified": "2025-01-14T14:15:32.717",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper neutralization of formula elements in a csv file in Fortinet FortiSOAR 7.2.1 through 7.4.1 allows attacker to execute unauthorized code or commands via manipulating csv file"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"baseScore": 9.0,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1236"
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-210",
"source": "psirt@fortinet.com"
}
]
}

56
CVE-2024/CVE-2024-488xx/CVE-2024-48884.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-48884",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:32.873",
"lastModified": "2025-01-14T14:15:32.873",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiManager versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiOS versions 7.6.0, 7.4.0 through 7.4.4, 7.2.5 through 7.2.9, 7.0.0 through 7.0.15, 6.4.0 through 6.4.15, FortiProxy 7.4.0 through 7.4.5, 7.2.0 through 7.2.11, 7.0.0 through 7.0.18, 2.0.0 through 2.0.14, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiManager Cloud versions 7.4.1 through 7.4.3, FortiRecorder versions 7.2.0 through 7.2.1, 7.0.0 through 7.0.4, FortiVoice versions 7.0.0 through 7.0.4, 6.4.0 through 6.4.9, 6.0.0 through 6.0.12, FortiWeb 7.6.0, 7.4.0 through 7.4.4, 7.2.0 through 7.2.10, 7.0.0 through 7.0.10, 6.4.0 through 6.4.3 allows attacker to trigger an escalation of privilege via specially crafted packets."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-259",
"source": "psirt@fortinet.com"
}
]
}

56
CVE-2024/CVE-2024-488xx/CVE-2024-48886.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-48886",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:33.027",
"lastModified": "2025-01-14T14:15:33.027",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A weak authentication in Fortinet FortiOS versions 7.4.0 through 7.4.4, 7.2.0 through 7.2.8, 7.0.0 through 7.0.15, 6.4.0 through 6.4.15, FortiProxy versions 7.4.0 through 7.4.4, 7.2.0 through 7.2.10, 7.0.0 through 7.0.17, 2.0.0 through 2.0.14, FortiManager versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiManager Cloud versions 7.4.1 through 7.4.3, FortiAnalyzer Cloud versions 7.4.1 through 7.4.3 allows attacker to execute unauthorized code or commands via a brute-force attack."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"baseScore": 9.0,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1390"
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-221",
"source": "psirt@fortinet.com"
}
]
}

56
CVE-2024/CVE-2024-488xx/CVE-2024-48890.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-48890",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:33.187",
"lastModified": "2025-01-14T14:15:33.187",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in FortiSOAR IMAP connector version 3.5.7 and below may allow an authenticated attacker to execute unauthorized code or commands via a specifically crafted playbook"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-415",
"source": "psirt@fortinet.com"
}
]
}

56
CVE-2024/CVE-2024-488xx/CVE-2024-48893.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-48893",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:33.333",
"lastModified": "2025-01-14T14:15:33.333",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiSOAR 7.3.0 through 7.3.3, 7.2.1 through 7.2.2 may allow an authenticated attacker to perform a stored cross site scripting (XSS) attack via the creation of malicious playbook."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-405",
"source": "psirt@fortinet.com"
}
]
}

10
CVE-2024/CVE-2024-503xx/CVE-2024-50312.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-50312",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-10-22T14:15:19.973",
"lastModified": "2025-01-09T07:15:26.893",
"lastModified": "2025-01-14T13:15:19.733",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "secalert@redhat.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
@ -59,7 +59,7 @@
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
@ -119,6 +119,10 @@
}
],
"references": [
{
"url": "https://access.redhat.com/errata/RHSA-2025:0115",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2024-50312",
"source": "secalert@redhat.com",

56
CVE-2024/CVE-2024-505xx/CVE-2024-50564.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-50564",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:33.490",
"lastModified": "2025-01-14T14:15:33.490",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A use of hard-coded cryptographic key in Fortinet FortiClientWindows version 7.4.0, 7.2.x all versions, 7.0.x all versions, and 6.4.x all versions may allow a low-privileged user to decrypt interprocess communication via monitoring named piped."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 3.3,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-321"
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-216",
"source": "psirt@fortinet.com"
}
]
}

56
CVE-2024/CVE-2024-505xx/CVE-2024-50566.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-50566",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:33.650",
"lastModified": "2025-01-14T14:15:33.650",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiManager versions 7.6.0 through 7.6.1, versions 7.4.5 through 7.4.0, and versions 7.2.1 through 7.2.8, FortiManager Cloud versions 7.6.0 through 7.6.1, versions 7.4.0 through 7.4.4, and versions 7.2.2 through 7.2.7 may allow an authenticated remote attacker to execute unauthorized code via FGFM crafted requests."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-463",
"source": "psirt@fortinet.com"
}
]
}

56
CVE-2024/CVE-2024-529xx/CVE-2024-52963.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-52963",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:33.807",
"lastModified": "2025-01-14T14:15:33.807",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A out-of-bounds write in Fortinet FortiOS versions 7.6.0, 7.4.0 through 7.4.6, 7.2.0 through 7.2.10, 7.0.0 through 7.0.16, 6.4.0 through 6.4.15 allows attacker to trigger a denial of service via specially crafted packets."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 3.7,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-373",
"source": "psirt@fortinet.com"
}
]
}

56
CVE-2024/CVE-2024-529xx/CVE-2024-52967.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-52967",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:33.967",
"lastModified": "2025-01-14T14:15:33.967",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper neutralization of script-related html tags in a web page (basic xss) in Fortinet FortiPortal 6.0.0 through 6.0.14 allows attacker to execute unauthorized code or commands via html injection."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N",
"baseScore": 3.5,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 0.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-80"
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-211",
"source": "psirt@fortinet.com"
}
]
}

56
CVE-2024/CVE-2024-529xx/CVE-2024-52969.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-52969",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:34.123",
"lastModified": "2025-01-14T14:15:34.123",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability [CWE-89] in FortiSIEM ersion 7.1.7 and below, version 7.1.0, version 7.0.3 and below, version 6.7.9 and below, 6.7.8, version 6.6.5 and below, version 6.5.3 and below, version 6.4.4 and below Update/Create Case feature may allow an authenticated attacker to extract database information via crafted requests."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-417",
"source": "psirt@fortinet.com"
}
]
}

56
CVE-2024/CVE-2024-540xx/CVE-2024-54021.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-54021",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:34.287",
"lastModified": "2025-01-14T14:15:34.287",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper neutralization of crlf sequences in http headers ('http response splitting') in Fortinet FortiOS 7.2.0 through 7.6.0, FortiProxy 7.2.0 through 7.4.5 allows attacker to execute unauthorized code or commands via crafted HTTP header."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-113"
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-282",
"source": "psirt@fortinet.com"
}
]
}

56
CVE-2024/CVE-2024-555xx/CVE-2024-55591.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-55591",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:34.450",
"lastModified": "2025-01-14T14:15:34.450",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An\u00a0Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS version 7.0.0 through 7.0.16 and FortiProxy version 7.0.0 through 7.0.19 and 7.2.0 through 7.2.12 allows a remote attacker to gain super-admin privileges via crafted requests to\u00a0Node.js websocket module."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-288"
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-535",
"source": "psirt@fortinet.com"
}
]
}

56
CVE-2024/CVE-2024-555xx/CVE-2024-55593.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-55593",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:34.610",
"lastModified": "2025-01-14T14:15:34.610",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiWeb versions 6.3.17 through 7.6.1 allows attacker to gain information disclosure via crafted SQL queries"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 2.7,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.2,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-465",
"source": "psirt@fortinet.com"
}
]
}

56
CVE-2024/CVE-2024-564xx/CVE-2024-56497.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-56497",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:34.760",
"lastModified": "2025-01-14T14:15:34.760",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiMail versions 7.2.0 through 7.2.4 and 7.0.0 through 7.0.6 and 6.4.0 through 6.4.7, FortiRecorder versions 7.0.0 and 6.4.0 through 6.4.4 allows attacker to execute unauthorized code or commands via the CLI."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-23-170",
"source": "psirt@fortinet.com"
}
]
}

33
CVE-2024/CVE-2024-73xx/CVE-2024-7344.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-7344",
"sourceIdentifier": "cret@cert.org",
"published": "2025-01-14T14:15:34.930",
"lastModified": "2025-01-14T14:15:34.930",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Howyar UEFI Application \"Reloader\" (32-bit and 64-bit) is vulnerable to execution of unsigned software in a hardcoded path."
}
],
"metrics": {},
"references": [
{
"url": "https://uefi.org/revocationlistfile",
"source": "cret@cert.org"
},
{
"url": "https://uefi.org/specs/UEFI/2.10/03_Boot_Manager.html",
"source": "cret@cert.org"
},
{
"url": "https://uefi.org/specs/UEFI/2.10/32_Secure_Boot_and_Driver_Signing.html",
"source": "cret@cert.org"
},
{
"url": "https://www.eset.com/blog/enterprise/preparing-for-uefi-bootkits-eset-discovery-shows-the-importance-of-cyber-intelligence/",
"source": "cret@cert.org"
}
]
}

80
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2025-01-14T13:00:28.856460+00:00
2025-01-14T15:00:40.394190+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2025-01-14T11:15:17.020000+00:00
2025-01-14T14:58:40.580000+00:00
```
### Last Data Feed Release
@ -33,39 +33,69 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
277015
277066
```
### CVEs added in the last Commit
Recently added CVEs: `5`
Recently added CVEs: `51`
- [CVE-2024-12240](CVE-2024/CVE-2024-122xx/CVE-2024-12240.json) (`2025-01-14T11:15:15.137`)
- [CVE-2024-45385](CVE-2024/CVE-2024-453xx/CVE-2024-45385.json) (`2025-01-14T11:15:15.750`)
- [CVE-2024-47100](CVE-2024/CVE-2024-471xx/CVE-2024-47100.json) (`2025-01-14T11:15:16.573`)
- [CVE-2024-53649](CVE-2024/CVE-2024-536xx/CVE-2024-53649.json) (`2025-01-14T11:15:16.820`)
- [CVE-2024-56841](CVE-2024/CVE-2024-568xx/CVE-2024-56841.json) (`2025-01-14T11:15:17.020`)
- [CVE-2024-45326](CVE-2024/CVE-2024-453xx/CVE-2024-45326.json) (`2025-01-14T14:15:31.183`)
- [CVE-2024-46664](CVE-2024/CVE-2024-466xx/CVE-2024-46664.json) (`2025-01-14T14:15:31.330`)
- [CVE-2024-46665](CVE-2024/CVE-2024-466xx/CVE-2024-46665.json) (`2025-01-14T14:15:31.490`)
- [CVE-2024-46666](CVE-2024/CVE-2024-466xx/CVE-2024-46666.json) (`2025-01-14T14:15:31.647`)
- [CVE-2024-46667](CVE-2024/CVE-2024-466xx/CVE-2024-46667.json) (`2025-01-14T14:15:31.797`)
- [CVE-2024-46668](CVE-2024/CVE-2024-466xx/CVE-2024-46668.json) (`2025-01-14T14:15:31.950`)
- [CVE-2024-46669](CVE-2024/CVE-2024-466xx/CVE-2024-46669.json) (`2025-01-14T14:15:32.100`)
- [CVE-2024-46670](CVE-2024/CVE-2024-466xx/CVE-2024-46670.json) (`2025-01-14T14:15:32.243`)
- [CVE-2024-47566](CVE-2024/CVE-2024-475xx/CVE-2024-47566.json) (`2025-01-14T14:15:32.400`)
- [CVE-2024-47571](CVE-2024/CVE-2024-475xx/CVE-2024-47571.json) (`2025-01-14T14:15:32.560`)
- [CVE-2024-47572](CVE-2024/CVE-2024-475xx/CVE-2024-47572.json) (`2025-01-14T14:15:32.717`)
- [CVE-2024-48884](CVE-2024/CVE-2024-488xx/CVE-2024-48884.json) (`2025-01-14T14:15:32.873`)
- [CVE-2024-48886](CVE-2024/CVE-2024-488xx/CVE-2024-48886.json) (`2025-01-14T14:15:33.027`)
- [CVE-2024-48890](CVE-2024/CVE-2024-488xx/CVE-2024-48890.json) (`2025-01-14T14:15:33.187`)
- [CVE-2024-48893](CVE-2024/CVE-2024-488xx/CVE-2024-48893.json) (`2025-01-14T14:15:33.333`)
- [CVE-2024-50564](CVE-2024/CVE-2024-505xx/CVE-2024-50564.json) (`2025-01-14T14:15:33.490`)
- [CVE-2024-50566](CVE-2024/CVE-2024-505xx/CVE-2024-50566.json) (`2025-01-14T14:15:33.650`)
- [CVE-2024-52963](CVE-2024/CVE-2024-529xx/CVE-2024-52963.json) (`2025-01-14T14:15:33.807`)
- [CVE-2024-52967](CVE-2024/CVE-2024-529xx/CVE-2024-52967.json) (`2025-01-14T14:15:33.967`)
- [CVE-2024-52969](CVE-2024/CVE-2024-529xx/CVE-2024-52969.json) (`2025-01-14T14:15:34.123`)
- [CVE-2024-54021](CVE-2024/CVE-2024-540xx/CVE-2024-54021.json) (`2025-01-14T14:15:34.287`)
- [CVE-2024-55591](CVE-2024/CVE-2024-555xx/CVE-2024-55591.json) (`2025-01-14T14:15:34.450`)
- [CVE-2024-55593](CVE-2024/CVE-2024-555xx/CVE-2024-55593.json) (`2025-01-14T14:15:34.610`)
- [CVE-2024-56497](CVE-2024/CVE-2024-564xx/CVE-2024-56497.json) (`2025-01-14T14:15:34.760`)
- [CVE-2024-7344](CVE-2024/CVE-2024-73xx/CVE-2024-7344.json) (`2025-01-14T14:15:34.930`)
### CVEs modified in the last Commit
Recently modified CVEs: `15`
Recently modified CVEs: `29`
- [CVE-2022-34821](CVE-2022/CVE-2022-348xx/CVE-2022-34821.json) (`2025-01-14T11:15:10.343`)
- [CVE-2022-46140](CVE-2022/CVE-2022-461xx/CVE-2022-46140.json) (`2025-01-14T11:15:10.960`)
- [CVE-2022-46142](CVE-2022/CVE-2022-461xx/CVE-2022-46142.json) (`2025-01-14T11:15:11.407`)
- [CVE-2022-46143](CVE-2022/CVE-2022-461xx/CVE-2022-46143.json) (`2025-01-14T11:15:11.840`)
- [CVE-2022-46144](CVE-2022/CVE-2022-461xx/CVE-2022-46144.json) (`2025-01-14T11:15:12.270`)
- [CVE-2023-32736](CVE-2023/CVE-2023-327xx/CVE-2023-32736.json) (`2025-01-14T11:15:12.847`)
- [CVE-2023-44317](CVE-2023/CVE-2023-443xx/CVE-2023-44317.json) (`2025-01-14T11:15:13.027`)
- [CVE-2023-44318](CVE-2023/CVE-2023-443xx/CVE-2023-44318.json) (`2025-01-14T11:15:13.360`)
- [CVE-2023-44319](CVE-2023/CVE-2023-443xx/CVE-2023-44319.json) (`2025-01-14T11:15:13.777`)
- [CVE-2023-44374](CVE-2023/CVE-2023-443xx/CVE-2023-44374.json) (`2025-01-14T11:15:14.157`)
- [CVE-2023-49069](CVE-2023/CVE-2023-490xx/CVE-2023-49069.json) (`2025-01-14T11:15:14.827`)
- [CVE-2023-50821](CVE-2023/CVE-2023-508xx/CVE-2023-50821.json) (`2025-01-14T11:15:14.980`)
- [CVE-2024-33698](CVE-2024/CVE-2024-336xx/CVE-2024-33698.json) (`2025-01-14T11:15:15.373`)
- [CVE-2024-35783](CVE-2024/CVE-2024-357xx/CVE-2024-35783.json) (`2025-01-14T11:15:15.557`)
- [CVE-2025-20620](CVE-2025/CVE-2025-206xx/CVE-2025-20620.json) (`2025-01-14T10:15:07.860`)
- [CVE-2021-47218](CVE-2021/CVE-2021-472xx/CVE-2021-47218.json) (`2025-01-14T14:44:55.610`)
- [CVE-2022-48648](CVE-2022/CVE-2022-486xx/CVE-2022-48648.json) (`2025-01-14T14:52:07.293`)
- [CVE-2022-48663](CVE-2022/CVE-2022-486xx/CVE-2022-48663.json) (`2025-01-14T14:53:12.910`)
- [CVE-2023-52643](CVE-2023/CVE-2023-526xx/CVE-2023-52643.json) (`2025-01-14T14:58:40.580`)
- [CVE-2023-52662](CVE-2023/CVE-2023-526xx/CVE-2023-52662.json) (`2025-01-14T14:55:24.477`)
- [CVE-2024-12147](CVE-2024/CVE-2024-121xx/CVE-2024-12147.json) (`2025-01-14T14:15:28.163`)
- [CVE-2024-12988](CVE-2024/CVE-2024-129xx/CVE-2024-12988.json) (`2025-01-14T14:15:28.347`)
- [CVE-2024-13131](CVE-2024/CVE-2024-131xx/CVE-2024-13131.json) (`2025-01-14T14:15:28.490`)
- [CVE-2024-26829](CVE-2024/CVE-2024-268xx/CVE-2024-26829.json) (`2025-01-14T14:58:05.850`)
- [CVE-2024-26839](CVE-2024/CVE-2024-268xx/CVE-2024-26839.json) (`2025-01-14T14:56:47.140`)
- [CVE-2024-26868](CVE-2024/CVE-2024-268xx/CVE-2024-26868.json) (`2025-01-14T14:45:52.020`)
- [CVE-2024-26871](CVE-2024/CVE-2024-268xx/CVE-2024-26871.json) (`2025-01-14T14:46:37.293`)
- [CVE-2024-26878](CVE-2024/CVE-2024-268xx/CVE-2024-26878.json) (`2025-01-14T14:49:44.283`)
- [CVE-2024-26892](CVE-2024/CVE-2024-268xx/CVE-2024-26892.json) (`2025-01-14T14:34:50.407`)
- [CVE-2024-26895](CVE-2024/CVE-2024-268xx/CVE-2024-26895.json) (`2025-01-14T14:33:40.417`)
- [CVE-2024-26941](CVE-2024/CVE-2024-269xx/CVE-2024-26941.json) (`2025-01-14T14:37:37.710`)
- [CVE-2024-26944](CVE-2024/CVE-2024-269xx/CVE-2024-26944.json) (`2025-01-14T14:29:21.517`)
- [CVE-2024-27059](CVE-2024/CVE-2024-270xx/CVE-2024-27059.json) (`2025-01-14T14:36:42.747`)
- [CVE-2024-27388](CVE-2024/CVE-2024-273xx/CVE-2024-27388.json) (`2025-01-14T14:56:08.617`)
- [CVE-2024-27395](CVE-2024/CVE-2024-273xx/CVE-2024-27395.json) (`2025-01-14T14:27:22.167`)
- [CVE-2024-27396](CVE-2024/CVE-2024-273xx/CVE-2024-27396.json) (`2025-01-14T14:26:09.117`)
- [CVE-2024-35811](CVE-2024/CVE-2024-358xx/CVE-2024-35811.json) (`2025-01-14T14:23:38.660`)
- [CVE-2024-35828](CVE-2024/CVE-2024-358xx/CVE-2024-35828.json) (`2025-01-14T14:54:31.167`)
- [CVE-2024-35968](CVE-2024/CVE-2024-359xx/CVE-2024-35968.json) (`2025-01-14T14:41:00.457`)
- [CVE-2024-50312](CVE-2024/CVE-2024-503xx/CVE-2024-50312.json) (`2025-01-14T13:15:19.733`)
## Download and Usage

149
_state.csv
View File

@ -187394,23 +187394,23 @@ CVE-2021-47198,0,0,b993f750c37c4c38f432a1fa687c613c700df27bc966490e10b5bbb5b658e
CVE-2021-47199,0,0,156f51d5a11adb42866210cbf1fd4c5bab73e4e3a6e1ce374d8f5e2ced68ce10,2024-11-21T06:35:36.887000
CVE-2021-47200,0,0,f7d0a9f6d9d00fe034547827f9d38362c4dd747ef6c9609a6880de97be1ec3ee,2025-01-07T17:12:06.773000
CVE-2021-47201,0,0,95dca28d1aec2043b14c4b3d34caf8b5c6cf58f315fe66aad9fdae98e9727b41,2024-11-21T06:35:37.100000
CVE-2021-47202,0,0,a628118a2bcd86097b64a32a6575f766823194503c974f84f61048c0ba9fd763,2024-11-21T06:35:37.220000
CVE-2021-47202,0,1,f71fdf699570077845ea4020f7dda9b1b42ec5830520d11735bde0982f5ac699,2025-01-14T14:42:43.193000
CVE-2021-47203,0,0,9564d820cb2d93da0a0ae7eda2757d5eef2fa0adaa3776421915d06aab3e590c,2024-11-21T06:35:37.340000
CVE-2021-47204,0,0,0807d36e06039a60390844a27b9c29f575861e7c311ab45fd65648923120e6f2,2024-11-21T06:35:37.460000
CVE-2021-47204,0,1,d855ea7a1c34fec98e08b6ec6fc4b87aa056a23800ca368fb608f86f4465fa84,2025-01-14T14:35:39.270000
CVE-2021-47205,0,0,18551c172472e25239345747128ada0ccd7cc6fe471b57ef495541cf1516fa26,2024-11-21T06:35:37.577000
CVE-2021-47206,0,0,6c20cc18955b069ca564695979ba4d69e50258ddcc033c348c73d4096f845cb1,2025-01-07T17:12:26.390000
CVE-2021-47207,0,0,be89cb642a87a43cfb086c29deaea9f168d7b93104889775861d4b914bc2974c,2025-01-13T20:42:37.580000
CVE-2021-47208,0,0,0aedc6593001cbe298d9e706064e1d980e47bb2fd7444fd7cad250e7521e5eb1,2024-11-21T06:35:37.923000
CVE-2021-47209,0,0,1536c1bef2c14e12d373ca6bd92154342840694d5f784ecde3999106c390f9bf,2024-11-21T06:35:38.130000
CVE-2021-47210,0,0,6f92e3d2c3c1a5d96775ad98a3288fba55e822f3f6095cf6048826173f313db7,2024-11-21T06:35:38.243000
CVE-2021-47211,0,0,6ea5f31caae1bffb13cb2d37ba316c5a03313283cbc143d4800a6d800012733c,2024-11-21T06:35:38.357000
CVE-2021-47211,0,1,c3bfb66ece2fcfaecd7a9c09b11fb23218079e6a89ad9ae3b4e7290a749fa7ef,2025-01-14T14:43:27.637000
CVE-2021-47212,0,0,6a45e3dd8ea67cd6bd96a1783c03eb0d0cb9dd577cd77e8c7f9bbd0ae288de98,2024-11-21T06:35:38.460000
CVE-2021-47213,0,0,245ac7a9225a365f5c662ae6caf0adb8cd59aebebb5b4d7c789ce306b6d785a3,2024-04-15T09:15:07.570000
CVE-2021-47214,0,0,0f59d9eb8ddd0de137bac6f9a3bbd8e6a9a2c091edb7603b11c134ce165d7562,2024-11-21T06:35:38.583000
CVE-2021-47215,0,0,cfdefaf9b029543f16aac32420ba933dec7095dbd6f0caf21f6b7dae971c2b10,2024-11-21T06:35:38.693000
CVE-2021-47216,0,0,b9923a9bb40b309501da4df280ea3daae9d799fc68ae86aeac9aec8067d1b429,2024-11-21T06:35:38.797000
CVE-2021-47217,0,0,f2f51612c5c4199b3003b6404cd8aa4b5fc9389d777ab07990f7d3521c76078e,2024-11-21T06:35:38.900000
CVE-2021-47218,0,0,3167a34266a6ccff18d8f25759753920f30125c8f5cff71d229fe1cbb33166a0,2024-11-21T06:35:39.020000
CVE-2021-47217,0,1,0a489705239b1608b1dac0f9ef137450310d629ac310e04d5fbc0878960cf64a,2025-01-14T14:44:11.917000
CVE-2021-47218,0,1,cdeb5c7e6dbdcca4a12e7f3fd8c0c1023ff2d2f036ea1b66236860ff4b09a050,2025-01-14T14:44:55.610000
CVE-2021-47219,0,0,9ad9b10f09fd1a84fa498833738613ddb8e64487ca1b0852da8e62176003f093,2024-11-21T06:35:39.137000
CVE-2021-47220,0,0,3b5282a5a78ae38dd9afefd942320359b1e71d1f67c1eff9fa622a893f6cd809,2024-10-03T15:15:13.703000
CVE-2021-47221,0,0,7afbe582defa95f34b58ec3b4d10fc6db91ded7409ab2f1fde46bee521aabd80,2024-11-21T06:35:39.267000
@ -202308,7 +202308,7 @@ CVE-2022-34818,0,0,29b737f11fe2ef548f4d8bb6e1f4c3f1804d2c189bb853999218e4fb1a0fd
CVE-2022-34819,0,0,17d7be023baae61b6368de74b91df36310924fd4b6d4e5cda1f642e9ec8011a2,2024-11-21T07:10:14.917000
CVE-2022-3482,0,0,f2b0e728823ab0983ae46ccc0f2f5c417ca6187da187a90bfacb9d5d82019491,2024-11-21T07:19:37.557000
CVE-2022-34820,0,0,b0cd8903a339d60c797766f8c0184643570737952e552ea0a0797aedc101427c,2024-11-21T07:10:15.080000
CVE-2022-34821,0,1,fe3a2b0f5e4838a0accb793a3670e349a143072904f9e01c78e75cc2206e992b,2025-01-14T11:15:10.343000
CVE-2022-34821,0,0,fe3a2b0f5e4838a0accb793a3670e349a143072904f9e01c78e75cc2206e992b,2025-01-14T11:15:10.343000
CVE-2022-34822,0,0,18dcffcd54884b0cb08bb90eabd875e0b96d24c3c554a5f12a43ff763ce481b1,2024-11-21T07:10:15.440000
CVE-2022-34823,0,0,0545f066d01d26a1466efb9beaefaca6ce66688ceee33b2dc28e911bf755e164,2024-11-21T07:10:15.557000
CVE-2022-34824,0,0,c288a5af99db4cb7304e20be603441acb2c1d900db701a2adc6a5d8370bfed79,2024-11-21T07:10:15.670000
@ -210886,11 +210886,11 @@ CVE-2022-46135,0,0,634d8b6cd7aae9fdad643b2b7a4ac731289a6a884c872b0de36e1ec61ae82
CVE-2022-46137,0,0,993a065d055cf1614cc31334b5a427321f80c170ac781a17bfdbe28686d480f8,2024-11-21T07:30:10.233000
CVE-2022-46139,0,0,552021b6918488adaa9adf9e5a0a1baec5f48ba7e97eb40943403bea150949b0,2024-11-21T07:30:10.370000
CVE-2022-4614,0,0,aa347227c1cb2a8317d94d41d3f7c69ad55279871720d36a489acf11ebc70546,2024-11-21T07:35:36.133000
CVE-2022-46140,0,1,64266eb5cda70ded3d57f1b8ff53ce886eabc84c878b83f5ac89ccad855d7ca3,2025-01-14T11:15:10.960000
CVE-2022-46140,0,0,64266eb5cda70ded3d57f1b8ff53ce886eabc84c878b83f5ac89ccad855d7ca3,2025-01-14T11:15:10.960000
CVE-2022-46141,0,0,0de5aa29c707908ab4db17d2412ae0953f4f660138caa36cbd0a2d5ff259c142,2024-11-21T07:30:10.817000
CVE-2022-46142,0,1,725b244903e0f0acaedecb4dcc254fe948f7e5f59caf63934d6b8f871525356d,2025-01-14T11:15:11.407000
CVE-2022-46143,0,1,0409a2ae2e4005ff038c0191aab04a08b5952e7318fadc9ec3f59c55ee3726d1,2025-01-14T11:15:11.840000
CVE-2022-46144,0,1,e691377a4171fcf7d9b216729355bb25f0549d9822630479dec9174b622b0d39,2025-01-14T11:15:12.270000
CVE-2022-46142,0,0,725b244903e0f0acaedecb4dcc254fe948f7e5f59caf63934d6b8f871525356d,2025-01-14T11:15:11.407000
CVE-2022-46143,0,0,0409a2ae2e4005ff038c0191aab04a08b5952e7318fadc9ec3f59c55ee3726d1,2025-01-14T11:15:11.840000
CVE-2022-46144,0,0,e691377a4171fcf7d9b216729355bb25f0549d9822630479dec9174b622b0d39,2025-01-14T11:15:12.270000
CVE-2022-46145,0,0,e66f37d6cf48aaa50ea00b2c5ff6f59eb97d61ad3a5e98cf903ef9002f453ad3,2024-11-21T07:30:11.823000
CVE-2022-46146,0,0,fe094c95381ce5568620d743cd91c3e41fd585224cf22d52591a9b33c032d2ca,2024-11-21T07:30:11.987000
CVE-2022-46147,0,0,60d1153f2ef8f0f43a39d30a99036e71585da44cb9f4a1e2c8be6ba6d2344bd2,2024-11-21T07:30:12.140000
@ -212622,7 +212622,7 @@ CVE-2022-48644,0,0,c5039b46b0d136554ba427d83c4470091587ebeb56eef158e382b1a908e7e
CVE-2022-48645,0,0,4d8ec773eaf2c6a6981744ed20ef9fe75b117903e4fb588c647780c2e96ceca6,2024-11-21T07:33:40.933000
CVE-2022-48646,0,0,9e9b16cae9443a1a8f7fd4df9deccab6cb495e92598824862ef68bc74e753d97,2024-11-21T07:33:41.050000
CVE-2022-48647,0,0,9356088bad86dcb5c020a4acaf97bba79e700c947a479268e7d0dfcd6db83a36,2024-11-21T07:33:41.237000
CVE-2022-48648,0,0,b65c26b4ac587cd7ee774a5fbc7f49a94e99c23f5acf39ca7fe598f3d340dbbc,2024-11-21T07:33:41.353000
CVE-2022-48648,0,1,9a846fbdbad309d97836e69fabd5197db1c3b2910cc6f57468045df41e3f2876,2025-01-14T14:52:07.293000
CVE-2022-48649,0,0,2ab33e79ca9b4194d6d75677c978f0f9883b10a83b196d871b3a9d72b7c8b216,2025-01-10T17:49:53.747000
CVE-2022-4865,0,0,18e0a04c007aee1df9befeaf56e83e037df0050950a376d12b247ab05acba711,2024-11-21T07:36:05.920000
CVE-2022-48650,0,0,a5821d878ab1650afccfbad666d927d4460eab14be7fd7264a6423acfdea9623,2024-11-21T07:33:41.570000
@ -212639,7 +212639,7 @@ CVE-2022-4866,0,0,2b3d553bfd2711b634dfd0462efa70df9a6f87dff1bfc24057de57bec293ff
CVE-2022-48660,0,0,518169dbb207acc37c182be641bad0d71ffbed2f84a7b4770e750e28cb281550,2024-11-21T07:33:43.200000
CVE-2022-48661,0,0,94c13e365643a5d9040a31d1e4eea8f613f702a030a6610cd26fd8caacb1f27b,2024-11-21T07:33:43.400000
CVE-2022-48662,0,0,75edba33f99be87a3ec236061e56838d7aed46dc4f6625d858676ad5d26dd960,2024-11-21T07:33:43.523000
CVE-2022-48663,0,0,e53b981ec37d7376bc26fc7d733efe19b1f0ba36fa84fc360c931102095cc02e,2024-11-21T07:33:43.727000
CVE-2022-48663,0,1,8f56fbd2f2681c688d4bb0648692f2f15f38837513977faebd870611b3e66851,2025-01-14T14:53:12.910000
CVE-2022-48664,0,0,0296ec528f99a30bc8a1409f955b52981ac595ef8b55d8a9605d9b7a23656df6,2024-11-21T07:33:43.840000
CVE-2022-48665,0,0,4cdb6b337ea1021d4626bec78d7a4fa0316ede88a6a1eb36b9a3e96f2bef5059,2024-11-21T07:33:43.953000
CVE-2022-48666,0,0,6bfc4573b076329d425640124c941dd47658b95e569165673a4d60c3e8e0c73a,2024-11-21T07:33:44.053000
@ -225463,7 +225463,7 @@ CVE-2023-32731,0,0,3f73c3ab16945717efd6fc795e32d5368f02993df998102cdf4602e18e028
CVE-2023-32732,0,0,411c0ac6618c11623d9bd8f003400076844ed6354e96b4ee168e3a7db6728c5b,2024-11-21T08:03:55.950000
CVE-2023-32734,0,0,9ceb39fb535d2d99423200ac730088f88075177cb622ae47c79425d04303f49d,2024-11-21T08:03:56.110000
CVE-2023-32735,0,0,16230de63062d69122972d13aa27dd354039cb527e96535d9d06058cfbe0f622,2024-11-21T08:03:56.237000
CVE-2023-32736,0,1,904d413938e50f5e4b49a8b45d153cd0fd042a4ade21542e79a83749769af34a,2025-01-14T11:15:12.847000
CVE-2023-32736,0,0,904d413938e50f5e4b49a8b45d153cd0fd042a4ade21542e79a83749769af34a,2025-01-14T11:15:12.847000
CVE-2023-32737,0,0,b249d785a5896d54d320f3a26bbdc7f65c471427f6dc9e09dde05905137058f2,2024-11-21T08:03:56.490000
CVE-2023-32738,0,0,82c581fa0c3c3273726a6402cfcde575390d6c73c1cd34da9c0b73c1020ccfdf,2024-11-21T08:03:56.613000
CVE-2023-32739,0,0,9874756eef1d5bdf68d6d936207ad994f5a7be287b03095be4396ff748fdaee4,2024-11-21T08:03:56.747000
@ -229266,9 +229266,12 @@ CVE-2023-37927,0,0,91c985b74b4cf0c20cf9ee2e34abb6e9d5e5bc09f1967cdc6aacd97f6165b
CVE-2023-37928,0,0,dec776d364ef37b6e291aec9a18f90850b125ef62937fdd2b294a62c2fd46954,2024-11-21T08:12:29.503000
CVE-2023-37929,0,0,011bb9e7d58d16b19d04566442236b3df9072ac9a89827895b435ccc7008da47,2024-11-21T08:12:29.643000
CVE-2023-3793,0,0,e9ede59406bf67af7b0914c618fd7187696ca61b0cb1dc2d5985173c262f0733,2024-11-21T08:18:04.660000
CVE-2023-37931,1,1,cc0719a57fb4fc10cd70b4c23ee3d0104887fd9daa43fd8faa7e294930f9dcec,2025-01-14T14:15:26.623000
CVE-2023-37932,0,0,f0df6819630bb22aa824d7b6acf6b4dd3a2036be6cce60c742b53c8d1d382fd2,2024-11-21T08:12:29.797000
CVE-2023-37934,0,0,4e265b9ab5d64a68f77d4af970245395e5cadba01a90f14cccc92367afbeed0f,2024-11-21T08:12:29.930000
CVE-2023-37935,0,0,e2680834b672fa8ed2fa3700d283e20af31e71aaa863e0a1bb6357a666cbb04b,2024-11-21T08:12:30.057000
CVE-2023-37936,1,1,4d1bda336c23c74ec8906c59511da48fa45a47e8c6b8805364ae7a81d5bdb9f8,2025-01-14T14:15:26.790000
CVE-2023-37937,1,1,c3da49b12f83696a8955b90c7c5fe1257e64d4289776609f188aa20bca9391d9,2025-01-14T14:15:26.940000
CVE-2023-37939,0,0,d3b772421f93766dd5d56ed8a17336460359db9420b069ecd7dc476dd713d5ac,2024-11-21T08:12:30.200000
CVE-2023-3794,0,0,927c15dbb6ac6053f144e81718d1e10b00b61d9e23d4cd5797afe957900c37b5,2024-11-21T08:18:04.807000
CVE-2023-37940,0,0,047021639e76af7b35157c12ff0afa1b906590a238eefc242a6a5cc5dab05f2b,2024-12-17T22:15:05.080000
@ -233181,6 +233184,8 @@ CVE-2023-42780,0,0,cdd093383de8ac80b2dd603c4cd8b5fb12111fdfaea151dda39675c869053
CVE-2023-42781,0,0,e6266811e943f5b3219ef0407d2b4114a945fd77347810cc844cb61ed53dc644,2024-11-21T08:23:08.683000
CVE-2023-42782,0,0,da0c83cbed17a04613b39ce2336362e43c1e910e28a92e71a36daf2e58e858be,2024-11-21T08:23:08.817000
CVE-2023-42783,0,0,98b628fd4937ef156152a20479ae772c8ff5e58950f81df1627766b6fb5ac59b,2024-11-21T08:23:08.960000
CVE-2023-42785,1,1,3d9ece452e34687f5329530909c65c326e945d40402bdb0c210ed91811ba5b63,2025-01-14T14:15:27.083000
CVE-2023-42786,1,1,d087b8777cd3e45012b1ae4792645d3810bf081664a0217ce1a70382125b0e04,2025-01-14T14:15:27.237000
CVE-2023-42787,0,0,9495dbf34a13c743d9a5e135b36546505b91d005fdd69c84cafbd04056c07414,2024-11-21T08:23:09.100000
CVE-2023-42788,0,0,0c30b35d8520306a2f83f71d70c6e59375e6c5852cdeb5813f843ade4b3abedb,2024-11-21T08:23:09.237000
CVE-2023-42789,0,0,eebbac5c484c3f93b2be647e7bb4c1bcdda0e75aa8868e3a113ae482b9f36f7e,2024-11-21T08:23:09.387000
@ -234262,9 +234267,9 @@ CVE-2023-44311,0,0,b491a6644768c419531cd2686d12c6b28e55f6ee59631bad8acdf026c6c67
CVE-2023-44312,0,0,6e13af31b3c5403cb1f8af32d244cfb2bca734d3108887b6626be7dde486b488,2024-11-21T08:25:38.763000
CVE-2023-44313,0,0,5b0539dc3155f9747e122039f5b7d6a608fcd39ca5aff5a5e43cdb62c3f0e4c3,2024-11-21T08:25:38.913000
CVE-2023-44315,0,0,75c2b7539e4de2f4917d1f34bfa248aba4d0594d88f8d44c071be8a20d2a88ed,2024-11-21T08:25:39.047000
CVE-2023-44317,0,1,252903586afca40c30b5f02df9bf966a801e9eaf3803e50aaa52f09e041a5251,2025-01-14T11:15:13.027000
CVE-2023-44318,0,1,c8108182e77fecd6ba290850d5f589b4aa48ca032f328dc4803ebed343e40a05,2025-01-14T11:15:13.360000
CVE-2023-44319,0,1,c6f88099b85be13d59aea00f3c7c4d2a2693142dc4c4594797a437491647fee4,2025-01-14T11:15:13.777000
CVE-2023-44317,0,0,252903586afca40c30b5f02df9bf966a801e9eaf3803e50aaa52f09e041a5251,2025-01-14T11:15:13.027000
CVE-2023-44318,0,0,c8108182e77fecd6ba290850d5f589b4aa48ca032f328dc4803ebed343e40a05,2025-01-14T11:15:13.360000
CVE-2023-44319,0,0,c6f88099b85be13d59aea00f3c7c4d2a2693142dc4c4594797a437491647fee4,2025-01-14T11:15:13.777000
CVE-2023-4432,0,0,788427dbeb34e26335020469a1276cd43a884f59b9af661fc13b42605fb9e6a2,2024-11-21T08:35:08.317000
CVE-2023-44320,0,0,4d2ae9325a25623d48b470b51039d4ef00f65d477520d92af4e8921306b7e5b8,2024-11-21T08:25:40.010000
CVE-2023-44321,0,0,15e8a0616ed83135ae192e573d335e5297864dde5a1ab6878a86d3f8f4e23d47,2024-11-21T08:25:40.227000
@ -234318,7 +234323,7 @@ CVE-2023-4437,0,0,d799133c7f4d4ed119a68e52f64a38a07b87120074d4a7950c2a3da8df48a7
CVE-2023-44371,0,0,08ed75157f855f061fbc754bcf86c9f18faddbf23563105e3515c14b23016dc1,2024-11-21T08:25:45.983000
CVE-2023-44372,0,0,d68bcb236f0db00a725c73d58fb01f39bc215ae9800b1c3ec3bc1bec55145f08,2024-11-21T08:25:46.107000
CVE-2023-44373,0,0,d996ef030580458c73f740354c4b743796ff872bbb1ff1aa1e4f2e37bc14ce69,2024-11-21T08:25:46.240000
CVE-2023-44374,0,1,1f5a5e8c0750c6a5df2a75bd0d5021a92fed9b5ea97189cbf95a459ddf83cd6a,2025-01-14T11:15:14.157000
CVE-2023-44374,0,0,1f5a5e8c0750c6a5df2a75bd0d5021a92fed9b5ea97189cbf95a459ddf83cd6a,2025-01-14T11:15:14.157000
CVE-2023-44375,0,0,48b5cc51553000a2cfa67cea7f8a951d3659b6e093f2df35e76499db8afb9eef,2024-01-02T19:15:10.480000
CVE-2023-44376,0,0,03f27121c4f8ffca1841f5abcc6f000d7525e270077c8b212bbafd4e41d1bb9e,2024-01-02T19:15:10.550000
CVE-2023-44377,0,0,960eac8de781cbaac5ac605f1641529954ab7d1adeca62e37948b52710054780,2024-01-02T19:15:10.630000
@ -235882,6 +235887,7 @@ CVE-2023-46711,0,0,10461e3199ca74c0551a32116631ff9e2136d0c732f728f9ed6f949c7cf46
CVE-2023-46712,0,0,fdf304acb640d6c5c9b27fb14d1c1f950387e795ef7592ee75fefc3ca09147b0,2024-11-21T08:29:08.037000
CVE-2023-46713,0,0,7ec948e1197bfd8e51899d82f0712028840dbf3cba1b2aed7e6646afcea7270a,2024-11-21T08:29:08.233000
CVE-2023-46714,0,0,ce18037b36677f2816f54477a037a4b84221f3eae040dc2e14897e192dcc0255,2024-11-21T08:29:08.413000
CVE-2023-46715,1,1,f9696c467f8f797e696f1f2ad723b9b0f8a430d65b542ef7afdaffa44ee9c774,2025-01-14T14:15:27.387000
CVE-2023-46717,0,0,1f36867e76f044e23cc25eb25fb4f43d162c6cd99285a154e9a8c2369700b343,2024-11-21T08:29:08.597000
CVE-2023-4672,0,0,1d76ac05ce5b5babe10629a223016fb95a73366a13d7ac98420609b090cf2b39,2024-11-21T08:35:39.357000
CVE-2023-46720,0,0,78c156e18431d5e3d721b08abf3277e6716e1b8c318d85959bda17346eee6727,2024-11-21T08:29:08.810000
@ -237639,7 +237645,7 @@ CVE-2023-49060,0,0,4c0d752f52234ac5b2c5afa73fa3bd5f4d490c81b175ad6b9dd8f7509e06e
CVE-2023-49061,0,0,7af406d30b2caa1b6fd7c257680f774d6fb0a30f02df3c6d99ace0a0c64683ce,2024-11-21T08:32:45.193000
CVE-2023-49062,0,0,3f72bcc43e8d39618a32732cc6fdb32aa26187117eb8dbf2cde612d2322c6a42,2024-11-21T08:32:45.310000
CVE-2023-49068,0,0,f934d451589c0486639c7452250c50f87bff70e169120c3b6e2d48b968d911f7,2024-11-21T08:32:45.430000
CVE-2023-49069,0,1,d5da5ea9c386cddba16f2cf91dc700b7766ad25ab428c205432beaa763afaecb,2025-01-14T11:15:14.827000
CVE-2023-49069,0,0,d5da5ea9c386cddba16f2cf91dc700b7766ad25ab428c205432beaa763afaecb,2025-01-14T11:15:14.827000
CVE-2023-4907,0,0,90be30672dd3ea93872990567976373933c812f92a368cb35abe26c70cc23ea6,2024-11-21T08:36:14.203000
CVE-2023-49070,0,0,7d32f96f04703e2a198f9c064db7c84899ca0e6dd06b4377be69d1bca8fe769d,2024-11-21T08:32:45.697000
CVE-2023-49073,0,0,a59c7f971c52a4d5004cf2ba397f8b1bff7a40aa00abdd575b19a18ae50de0c5,2024-11-21T08:32:45.843000
@ -238790,7 +238796,7 @@ CVE-2023-5081,0,0,9dcd735fc6d031ccd70a81f328a28ba4aed170bc4cf606667764daab41dc00
CVE-2023-50810,0,0,6dcaf0b38d14bf0da270503225efec303fb69579cb09c8f8e59be057bed6dcb0,2024-08-23T15:35:03.107000
CVE-2023-50811,0,0,0221ffb33b4cdd55c38ae7edad4ec46bdc093e9aa29e8785fbef12f94412394b,2024-11-21T08:37:20.580000
CVE-2023-5082,0,0,6541097524817ed2d54d4b0beb327d1a43ca1598ea63be87178fd58605a3847d,2024-11-21T08:41:01.900000
CVE-2023-50821,0,1,929c2a9fa3523fe9e55d60bf69d848ee42df7d3248192dffc0985a5cce08b2fe,2025-01-14T11:15:14.980000
CVE-2023-50821,0,0,929c2a9fa3523fe9e55d60bf69d848ee42df7d3248192dffc0985a5cce08b2fe,2025-01-14T11:15:14.980000
CVE-2023-50822,0,0,7cfaac4a512a0ba09ee6f153ec1de3a0dcd0ae5d1b7e901346252c674fc8d725,2024-11-21T08:37:20.907000
CVE-2023-50823,0,0,9b1f69e106cc946632f0578eb4b321a30b14b999bc72fa3d457beab7cbbe1845,2024-11-21T08:37:21.030000
CVE-2023-50824,0,0,12df8d623c7c22f9990f74f6c76f4b1851b1f00ff184f81df8e31075a56c8fe1,2024-11-21T08:37:21.153000
@ -240188,7 +240194,7 @@ CVE-2023-5264,0,0,3e616cabf1a089b6e6cdd95ca27e570fd2ac3366b640b4e1c4e5769bd4fd0c
CVE-2023-52640,0,0,708b1b04581c76bbcca2f83a78734877c6b33f6cded25f181b3a228af75a749a,2024-11-21T08:40:15.817000
CVE-2023-52641,0,0,592af7f4c429865af31c53495a7c752ac71766466d99208a5aded5501f7c7deb,2025-01-07T20:18:38.497000
CVE-2023-52642,0,0,05d60fedf578d1ba56385f5513e46bbdf0600669e68de5121a528e674c343d1c,2024-11-21T08:40:16.077000
CVE-2023-52643,0,0,a052e4860e296c0ee05d86ba39ef967c09f91349f04358ad0c2d31e70cf765ee,2024-11-21T08:40:16.210000
CVE-2023-52643,0,1,d50d31e5bb6a9cdf07b3e088fc3b5fda79f9ea816bd8b6d8c44559eebb408f0c,2025-01-14T14:58:40.580000
CVE-2023-52644,0,0,c34c6ce67f7bd1744e5ffb2bc7e1ab174b24b6c795ada11f0160dd6a25188de3,2024-11-21T08:40:16.333000
CVE-2023-52645,0,0,b7243e0650448847f32080e14db91cf203d54c57d7b28acbe818fbd2b13c53f4,2024-11-21T08:40:16.490000
CVE-2023-52646,0,0,139aee8a121c8d7a2a15bab8da8b6e42f6d1800d9c6146dd3e1fb095deeb5cfc,2024-11-21T08:40:16.687000
@ -240209,7 +240215,7 @@ CVE-2023-52659,0,0,12014b1e0c02fea24ca1ce52074272db691cfe6ae39ed530e006a5540be4d
CVE-2023-5266,0,0,36a025257ca1a5a01d1722477c5cdddc95c4c243398db33d451514cf043d9aad,2024-11-21T08:41:24.657000
CVE-2023-52660,0,0,358e8dc47410610b9f9672166cf82c0f3b48f9a136624210ebe4beaef46e7ab7,2024-11-21T08:40:18.393000
CVE-2023-52661,0,0,0db12b4ae9b466f647d72616423afc1e5dd602ae3df1ae15ad3bd6d59fb9c4be,2024-11-21T08:40:18.493000
CVE-2023-52662,0,0,71b7d56d340dab206fb48342916ff0b200957de03180e9c58fa9a030a0275af4,2024-11-21T08:40:18.603000
CVE-2023-52662,0,1,1505a0f052bc5e81abe77b427bfb604609858a2554981b82e79c669585efebe3,2025-01-14T14:55:24.477000
CVE-2023-52663,0,0,aefc7fb34e639ac7685e30d0b290105bfc4363d7a68f57c98b607c4c70ad7ba4,2025-01-07T16:58:24.913000
CVE-2023-52664,0,0,53dda01e84d35fa34f80702d177af01142220912b2b78efcb2f400625fec3ee0,2025-01-07T17:00:00.897000
CVE-2023-52665,0,0,791f31a412c848c4b6b18dc59ee81ece8b7e34e43416814b97f8d3b507c03dd4,2024-05-21T07:15:08.063000
@ -244482,6 +244488,7 @@ CVE-2024-11493,0,0,d49eb92c8c562ba2101f389cdd764449ac518734f087aed95f5fe12a18b9a
CVE-2024-11494,0,0,120185b1f5452b090fd317862ca91721f9197720b68abdbed625f37e80933fbd,2024-11-22T00:16:41.223000
CVE-2024-11495,0,0,9c4e4a6f33e735c288ef4e55e53a3e0727ff8f6642201545ed0c9f418349e2e2,2024-11-21T13:57:24.187000
CVE-2024-11496,0,0,43ea7dbd5a3dc8b24d5b87bfdc0e0bfa9c873f8eb1655750b06676344c313b9a,2025-01-07T05:15:13.480000
CVE-2024-11497,1,1,ea8bb0e7311b90f6021b27100b07d2c0ca28551085fa537eff4f62faa14ca35b,2025-01-14T14:15:27.720000
CVE-2024-11498,0,0,7272009b792fcdecf70fc17a50bede0518cbaf4c2694bef021eda391707cdede,2024-11-25T14:15:06.607000
CVE-2024-1150,0,0,1edff0fc21d5f22172836448fdcc7da772ab8a792f462f53ba0bc1c0fbae9271,2024-11-21T08:49:54.780000
CVE-2024-11501,0,0,6aa155b5e971a466b4f7473002330671c6add4e056433a95089c7dc638a9cf0a,2024-12-07T12:15:19.783000
@ -244827,6 +244834,8 @@ CVE-2024-11858,0,0,73fd067f9f80a3fe9add2844a0fc8b12fbc4555aad7446ed909f2e6252e70
CVE-2024-1186,0,0,2e273a7149091b295fd44850226681809150a1697d95b70cddb9945c7f5d2c46,2024-11-21T08:49:59.387000
CVE-2024-11860,0,0,3a70209f793392595a3a51a4d60b0579da591107f99f2af8b8ca46fce7a60e47,2024-12-04T21:08:39.133000
CVE-2024-11862,0,0,7712aab25e9f815f730578195e7a4831741702c7ef40dfbc871d5c94d52129b1,2024-11-27T15:15:25.393000
CVE-2024-11863,1,1,2a4ef3cebd8a70c9376a25155496f4fea09b39fb81ac537f5388878ca8a77515,2025-01-14T14:15:27.927000
CVE-2024-11864,1,1,eddb51b4ceec4d4cf789c3cd278862c24df4709fe53bbdbd01b7cb90195f96dc,2025-01-14T14:15:28.053000
CVE-2024-11865,0,0,42a8c32e42c8481cd421b33152335a9be7ed2d851fbfbce47808d03a397b663a,2024-12-14T05:15:08.150000
CVE-2024-11866,0,0,f98849df3d1b11c4a74b976ef8b2271c79a4b31b45f414582e51d5b7f2d3bff7,2024-12-03T09:15:05.487000
CVE-2024-11867,0,0,f6acb417b5c25ca0787745f2bd6aa4f31f6cfd5553556db6c5bd027949960f0f,2024-12-14T05:15:08.343000
@ -245033,7 +245042,7 @@ CVE-2024-12132,0,0,80a7c8d496b1886913eb9109e260df5ae2c0aa6f78d2c4d5ff0aee7f1f0cf
CVE-2024-12138,0,0,8d975d6d21268c978bf38e4ecd10070b486d972f9cb2bde16883c51e239ae6fa,2024-12-04T14:15:19.413000
CVE-2024-1214,0,0,006edfeb44add0513d6df0049d407da5a783feee7b6e41af090a449d9f26b334,2024-11-21T08:50:03.383000
CVE-2024-12140,0,0,c2add199266b1c986c32a034700db286963405079b6f69910eeedd64a6ce0f35,2025-01-07T05:15:14.730000
CVE-2024-12147,0,0,0ebd2d9e73219a39fb6777c8b0dc3255058db7114ec6ee0c20c337fec7f9520f,2024-12-04T18:15:11.803000
CVE-2024-12147,0,1,a60a326d5e97949b76dd4b6bfe3685435b958d0b913ec9ae9ab905066656d093,2025-01-14T14:15:28.163000
CVE-2024-12148,0,0,2d82ecdcd1ae8b06b2bbc4387f4ec8d5588d3a1672ec54422fedc0a9fcb34bf5,2024-12-05T19:15:07.473000
CVE-2024-12149,0,0,6cea541fb8390eb73924fcce3986b6c54a0134049e02ebc343dd9227319eb6b2,2024-12-05T19:15:07.627000
CVE-2024-1215,0,0,4329416f300d2c475797311e08de13347ae9dc69f951944050207e3d4abf36b5,2024-11-21T08:50:03.560000
@ -245115,7 +245124,7 @@ CVE-2024-12237,0,0,bc9c0d4c537bace6ba73f5084a4978adc8d5b928619c3c4d0e52cb7bef9d5
CVE-2024-12238,0,0,0b2506120279c72470fe6ced119aba981e066d08bdac68bd9b96e39e9d942dde,2024-12-29T06:15:05.487000
CVE-2024-12239,0,0,6402c790bc7203c11dca14fab5982d0c29c8034f8baef3a6d7c350a55d38d141,2024-12-17T03:15:06.710000
CVE-2024-1224,0,0,cbfbaa5b4f0e1c410530412d727d5bf58dfe126bd3d740f330bf5c6e93a0658e,2024-11-21T08:50:05.487000
CVE-2024-12240,1,1,da234d125bab02f32b25b5e43ff7fe4ebb93d6e8868ab7cdfaa9e75f89be7500,2025-01-14T11:15:15.137000
CVE-2024-12240,0,0,da234d125bab02f32b25b5e43ff7fe4ebb93d6e8868ab7cdfaa9e75f89be7500,2025-01-14T11:15:15.137000
CVE-2024-12247,0,0,ad117a7da5529073984608210b9ebf0c8357341e47d0f7a47c01f4275cf4ac25,2024-12-05T16:15:25.243000
CVE-2024-12249,0,0,e2547863ff0e51895fdd9ac079296565876947375b7269d971dfde5e35972170,2025-01-09T11:15:12.683000
CVE-2024-1225,0,0,1335eabc5dc5752fbd7f31a11bdeda2f1be9be2c21abaca809140eabb8940f2a,2024-11-21T08:50:05.673000
@ -245628,7 +245637,7 @@ CVE-2024-12984,0,0,f0a40bfb4434122b7dd8ba661c6c69bf64d3d6f43bb0e348d606e1d5197ac
CVE-2024-12985,0,0,6531cd927cf23f31fa55a97e93021ae992bc51e6aa4997700dc1a3f1c1bbe3bc,2024-12-27T16:15:23.807000
CVE-2024-12986,0,0,9fe6763e6eaae8601cf98cfafc9a1a86fa65061195b84f986c70f384863d74a7,2024-12-30T15:15:08.390000
CVE-2024-12987,0,0,88eb7e923d5d7a4cf0f7e7d11fe92e10cd0691a931c33700e34eae909cc4cb3a,2024-12-27T21:15:07.510000
CVE-2024-12988,0,0,c594a4e936c1c4ca5228618246aca4c8ec6e5eafcd7d1a90db07420fe624d753,2024-12-27T19:15:08.260000
CVE-2024-12988,0,1,9436c36281befeb1cac2efa51e2b3b5b17935e2caad4832857798d8fea30b6ca,2025-01-14T14:15:28.347000
CVE-2024-12989,0,0,33fd61b2109762e88dcc5e09bc6c744e5b6c24b2b8866869053bb4fe1f13d8f6,2024-12-27T18:15:24.777000
CVE-2024-1299,0,0,c7f245e662ec35ddd87c48ae29ff03e74531f9ba7973bf15293ed4e82f111599,2024-12-11T20:23:27.497000
CVE-2024-12990,0,0,f5b782d9dc1296a073e6572b42dc4c6e0569ced9955dbc4828874227d5043cc1,2024-12-27T19:15:08.453000
@ -245734,7 +245743,7 @@ CVE-2024-1312,0,0,d16b3ecc82cd74d4071dc20055eab0a36b43013bc6757c1d62cda1a87b890d
CVE-2024-13129,0,0,c8465ea9fafd80ae001698785c09dec31df42294cc4a62b87a1aaef854b51892,2025-01-03T22:15:06.677000
CVE-2024-1313,0,0,cad1078661641c2022e5f0188a431d9a70908db5ab4b61d98e0389abbba8b680,2024-11-21T08:50:18.207000
CVE-2024-13130,0,0,11faf417785d12b2b829d9b6bcccc37fdbc1730d9810cb9c4f93c832649c2012,2025-01-10T14:15:27.740000
CVE-2024-13131,0,0,b2e61750ac10a0f0335a98de23f2a0f4134c4b67b2d954e7edfaed8137694b3e,2025-01-10T14:15:28.793000
CVE-2024-13131,0,1,37e9e5f47f4bbb5563e0abcd91356d09acb74457b68fc9d78a9e9f1fd366a24c,2025-01-14T14:15:28.490000
CVE-2024-13132,0,0,594571502108d1bbe5e2eea9ba980d95a2fa434713b832f566b58ef0a91c4dfa,2025-01-05T05:15:06.400000
CVE-2024-13133,0,0,e47f60b53979830f63f2a82ea9286fe0a882be09d003097342682dcb8cf9204a,2025-01-05T05:15:07.507000
CVE-2024-13134,0,0,cfa8d5a9a0d9f46619da3acacfcfd078e2a961f271cc9aaaab38523ffadcc77f,2025-01-05T08:15:05.443000
@ -248097,6 +248106,7 @@ CVE-2024-21754,0,0,6726148c9c00979954f8e0e43980573889b19508b76c8b84b92cd601e38d1
CVE-2024-21755,0,0,3db688cacd77dd473c848be3e1117c1b29b56eeefd4b3b05f3fefc4fcada771b,2024-12-23T14:58:10.797000
CVE-2024-21756,0,0,55671466161da604c39db4e12f80a3997fbb2c1ad8da690a7c82c7bcf4da8114,2024-12-23T15:02:00.357000
CVE-2024-21757,0,0,2977bcabeb1633cac10a5d2b68ce6f1b718f97760675ba593569c66c881c2f72,2024-08-22T14:34:54.550000
CVE-2024-21758,1,1,e713bbad39e7b247b7a459c55702191de3f7d64d4c77edeeacac36fafec474bc,2025-01-14T14:15:28.597000
CVE-2024-21759,0,0,c7b87faa73119d13eeff29f1fcc441192710ec05905507e64f7a792b951b9ab6,2024-11-21T08:54:57.347000
CVE-2024-2176,0,0,1aeee7ae52b7f70f1b987c126ac25fd385f727623c97d4e6f5fec3aa0f1aa936,2024-12-19T20:23:37.707000
CVE-2024-21761,0,0,82642bae2920dd7ff8b514e57bc1c1f5d6d71d9ec15a1b10f21b90ef60b69c46,2024-11-21T08:54:57.477000
@ -248968,6 +248978,7 @@ CVE-2024-23091,0,0,ac809bd19f7e627635a79d83b5695bf1c2fb09ece061006c0f1815b6022ec
CVE-2024-23094,0,0,39856c4da401f038553ce13c83297dd603ae7bf5ca4cf6ae32992dbd89dce5ce,2024-11-21T08:56:56.250000
CVE-2024-2310,0,0,b6f8a00e8715d4b3b60be0214b575fc22e21dc1cce049eb25d1bfde853925611,2024-11-21T09:09:28.823000
CVE-2024-23105,0,0,cc92d5b7f0e64822efb2303bf788a510716bf4a22d1dd8fe4f1ced2ca7c2db73,2024-11-21T08:56:56.483000
CVE-2024-23106,1,1,0f5c4218ea98af41b237014ca5ec2b68d4cffa29cd00f77fd5e4397dac7805ba,2025-01-14T14:15:28.747000
CVE-2024-23107,0,0,fb9f269ff9a1721dc70633ce33277322f1dbc0036fc8172640447e4431712b1e,2024-12-17T16:51:35.250000
CVE-2024-23108,0,0,9d659a0c56266d107dd050234c8418f99361db23121c8ca000992c1044ae9639,2024-11-21T08:56:56.783000
CVE-2024-23109,0,0,c8b681856326059919d7eca87f263b10c76f30a97cdf3c7093cdd3ba11934f09,2024-11-21T08:56:56.940000
@ -251100,6 +251111,7 @@ CVE-2024-26005,0,0,ab8dec86b835a1025d9007a91813d1fb4ad91c2949fe7b6a778b69a8a5e19
CVE-2024-26007,0,0,5566a1952f2701dd4149a375a6c93e3c6434006ebc54211b6a50bcacb2b01156,2024-12-11T19:55:59.830000
CVE-2024-26010,0,0,aa94400b6d9b88521b847077f70baf8416af93283c6afed0d9452bca0e3c5cd0,2024-12-11T19:54:35.323000
CVE-2024-26011,0,0,c11541fdad772e94b22af8e91bceb09116d56319f79d2943860d22ca66673a67,2024-12-12T19:33:58.833000
CVE-2024-26012,1,1,7643cdf3fff5394f6b847987ffcd78802404787b2d7068c3292d6b9f572e0545,2025-01-14T14:15:28.893000
CVE-2024-26015,0,0,61e1ee285e159a140490fe9bac1615210ace2b02df5e5f1a9d7b48836125a67e,2024-11-21T09:01:45.940000
CVE-2024-26016,0,0,2610bd296695018d3e38024798d9b1b7a39a4da11d75be17fe8b8abc7a84b7e3,2024-12-31T16:27:58.487000
CVE-2024-26017,0,0,11d040a25f5c2d5c2e1e2401973b3159ea6e8ba153c9a2238d873c2f164fc160,2024-11-15T14:00:09.720000
@ -251766,7 +251778,7 @@ CVE-2024-26825,0,0,2feb155c5efa06f486698a360c335e005f63fc9c52454f52650f2ab570e7e
CVE-2024-26826,0,0,8a76cca28c3c2d413800dd144db2d6b32acef4b31f42545b0b8cce3f9e697a32,2024-11-21T09:03:09.463000
CVE-2024-26827,0,0,4cc514efbe22ca04935a47f409b758351113d51b04fbbf02df44e27fcf8c06d7,2024-04-18T15:15:28.957000
CVE-2024-26828,0,0,bd00e52c625d709e58fad6c68a7b5a17f577546fe0f6a4f902334be57e619af3,2024-11-21T09:03:09.600000
CVE-2024-26829,0,0,ab2ebb8b0a4a4331a20639e64a0f4d6262660fa23e28f26bf823e359afd52db9,2024-11-21T09:03:09.783000
CVE-2024-26829,0,1,33b858020b676d55d8dbfd0b8da63d045ba99285dcf6c6b1575c915b01f21130,2025-01-14T14:58:05.850000
CVE-2024-2683,0,0,c666bc0f8d4f99c33749c0e66ad30a4fb205835cded4157d2383c256488564ce,2024-11-21T09:10:17.113000
CVE-2024-26830,0,0,79942d49d5f2eb06b207a086e5327469b8f22e82ed05e882883226083eef8816,2024-11-21T09:03:09.897000
CVE-2024-26831,0,0,6571b4816f74c1ad7263d31c34d0dfe7efca4bf7da100dedb1dd929fef02110e,2024-11-21T09:03:10.007000
@ -251777,7 +251789,7 @@ CVE-2024-26835,0,0,835030cc1d535a21663a5d77b99df1febce90a20bd2caee76203fbcaedc89
CVE-2024-26836,0,0,4ad3e2a9dcf9d2db56d93279f59d5b475a06711095747d2d93b4c8b1a17e4c49,2024-11-21T09:03:10.607000
CVE-2024-26837,0,0,d7cf0d497a1934810d8d36e7cad91f83f8ba7a4fc7f73dc96f665ed0bb4f9c8e,2024-11-21T09:03:10.730000
CVE-2024-26838,0,0,4aa246ce2481b80eb12cfbdfe842d038f2f45b2a62604835a6ac9fb8a19802f5,2024-11-21T09:03:10.853000
CVE-2024-26839,0,0,94831cb58e8ca8a43716949ef42ec744b2bef3a31caad721b703815d66491641,2024-11-21T09:03:10.980000
CVE-2024-26839,0,1,86fe097dcbf1f910ddfbdc3d002b0e89833c44044f118c1ed9d8f2af583392e9,2025-01-14T14:56:47.140000
CVE-2024-2684,0,0,2addc2ca38f6caafae58093a53a83a40b02f9350a4d9c9280dc3fac70a7a6d56,2024-11-21T09:10:17.277000
CVE-2024-26840,0,0,184a6898c218b037239b30da9b8ff36296b7dddccc7007005850bd631f698139,2025-01-07T17:13:19.863000
CVE-2024-26841,0,0,595c74555dc4b25e8ea88566fd859ea64ec149ad165f7c91a511ba37a9b2ffc6,2024-11-21T09:03:11.233000
@ -251809,18 +251821,18 @@ CVE-2024-26864,0,0,eb2f6d1cc842168692d58368c5385a125dd9b538c58507cdba23f5736373b
CVE-2024-26865,0,0,425ec1e666ffd707bf5be9f39ce33453ce0f57a20ff8f1bd74eaf4b15ccb3949,2025-01-07T17:14:10.927000
CVE-2024-26866,0,0,5a4c4e85054f22132b72e870bf4ca5192ad00542c720bff41708d831fa0c657a,2024-11-21T09:03:15
CVE-2024-26867,0,0,f4c3e98cf18f5362ba9d8cbace769954683f72425fbef623fdb1cff3c29bca91,2024-11-21T09:03:15.117000
CVE-2024-26868,0,0,055bdae3e7e29d3f52563d5563ba9980e87a61b4ffd69a55f8c0e79220a94325,2024-11-21T09:03:15.243000
CVE-2024-26868,0,1,470780f3eedbe54e0715c09aacacd15d602e690928f9f1f3cc056aa7f149c140,2025-01-14T14:45:52.020000
CVE-2024-26869,0,0,02922038ad2af42246888c4202e00a6e69990dd39e8a7ee4b0bde6c82bbc6099,2024-11-21T09:03:15.370000
CVE-2024-2687,0,0,f3005cbf6cb1868a431d78446860642964c1a1aa641da1c01d62b7f2a08b7274,2024-11-21T09:10:17.693000
CVE-2024-26870,0,0,2bd6a183ad1975d0b6c0de2939cb199738c8340cd55c7843614845b5df49e754,2024-11-21T09:03:15.490000
CVE-2024-26871,0,0,64b5d5a81109d5902e56c2f78cef2a8344b94c0325e98bc7087e8715476a105f,2024-11-21T09:03:15.620000
CVE-2024-26871,0,1,869aa89d9c16dccb1fc19ae6f3deafd10c976839580428434667c5b886257213,2025-01-14T14:46:37.293000
CVE-2024-26872,0,0,773bd0049df3a502bc881bea139866eb1ac745c3ead80bada6bc450bdf539b7a,2024-11-21T09:03:15.740000
CVE-2024-26873,0,0,65d9833100a12a05ec6dd2cea519a8e619a52464806ebff7909cd8d25bbed206,2025-01-10T18:28:25.100000
CVE-2024-26874,0,0,b0997e2574bc5dea0efb25a69db38ec2a1c52a8e5820fc2c5eef17510669d092,2024-11-21T09:03:16.010000
CVE-2024-26875,0,0,94239f41f42b905c954bc6edc97b0cf15f6dec0d8fdfb2fd1b19e8e24e9c863c,2024-11-21T09:03:16.137000
CVE-2024-26876,0,0,cae97524862d4115e788a327d03cf0da2acf0edba8249dc998aedc8a21a3f2d4,2024-11-21T09:03:16.380000
CVE-2024-26877,0,0,54721b8ba6c7b4d0a18ed9c595e6136296498a569bd20bfeb4ea6cc3920631ea,2024-11-21T09:03:16.520000
CVE-2024-26878,0,0,11ab35a3fb8ca18e8c636a1de49a408c1da401e7928031e6cc0f6285ff8b6bf7,2024-11-21T09:03:16.660000
CVE-2024-26878,0,1,2c398350514fb54f2342aa6342ce493830beeb75951d27f14bae83050dc81b26,2025-01-14T14:49:44.283000
CVE-2024-26879,0,0,9704d8839b75b0e854eec4c51359697b6a4476f2d785619c7296d3dff7e0f239,2024-11-21T09:03:16.793000
CVE-2024-2688,0,0,93325ede5335c7cfe6caa2a8077a03a339fd6598ac72c158a197fc34644bc992,2025-01-07T17:17:38.673000
CVE-2024-26880,0,0,b775bc30b873c71ce0741bd89eb501a0811ff9c595ceddd964535015994b3d7e,2024-11-21T09:03:16.923000
@ -251836,10 +251848,10 @@ CVE-2024-26889,0,0,0a87ef24881e5a1013b327bce78ea618038475fe9f273fcf03f83972360f5
CVE-2024-2689,0,0,efd9c698169d4dc6b507d633d5c5bca5635fd88f4fbab04c5f54592266ffc962,2024-11-21T09:10:17.947000
CVE-2024-26890,0,0,d28148780134fe9d4fd26b89472d475a8cd9fd94507e1d0beb5192c2d01a8c30,2024-11-21T09:03:18.677000
CVE-2024-26891,0,0,18ef1231e3dab94fd46bd51769a57b4742af39b60702f0ac393cf1e3791be7b3,2024-11-21T09:03:18.877000
CVE-2024-26892,0,0,18746dd475c481f144c90b8e68299886bc74ab8ea3983a4031def8377fe6186d,2024-11-21T09:03:19.010000
CVE-2024-26892,0,1,dff3724f39f4f7d27824ec776eef6bd6154cf578f200db90d4aaf7ae8dcb96a7,2025-01-14T14:34:50.407000
CVE-2024-26893,0,0,d7693c4e9fe752b465cf2d288069a1e2bf4fb0527edf72a830b5a88405414f0a,2024-11-21T09:03:19.143000
CVE-2024-26894,0,0,a0a3505846084c5b38d2ae3c10f78c77094fefe62fef76a336ba2b60789b1f16,2024-11-21T09:03:19.273000
CVE-2024-26895,0,0,862c3c7e2fb467307ac5e9f6bee5fe1363e7b613c415b8df9d329e026c699616,2024-11-21T09:03:19.490000
CVE-2024-26895,0,1,c7dae02178f516d4283340a4f7cce896c92a3602b8fb81a9ffba367ad09ef0ce,2025-01-14T14:33:40.417000
CVE-2024-26896,0,0,c6e43fd686585240ffa18e62a933c3ad899a2ecd05bffcaba7c10cff96b5c484,2024-11-21T09:03:19.633000
CVE-2024-26897,0,0,99a4a65c4d2cf2952c1beef32b5c14c24ca683dfde6ce0996f5012d6d08130fd,2024-11-21T09:03:19.780000
CVE-2024-26898,0,0,59064cab5402bdde52c986a7bd49e55f19dd21c4edcf6601694e90d218d8ee73,2024-11-21T09:03:19.907000
@ -251890,10 +251902,10 @@ CVE-2024-26938,0,0,0c70fb2feb140bdbececb331d09112c041df234a19fd4b8b218a2ac066b95
CVE-2024-26939,0,0,c3fb2db696e04ae1904b668515e0031ce50a5de2baf1f29a140797ebf4ff5018,2024-11-21T09:03:26.017000
CVE-2024-2694,0,0,4d728e1d04ebd874b9753d4251373dca1c8d4686a42dcbe990217886910977cf,2024-09-03T15:10:54.557000
CVE-2024-26940,0,0,d30d92f81d3759151961c208b8359740afa7da7c58e7ddc1f671b87559059ac7,2024-11-21T09:03:26.170000
CVE-2024-26941,0,0,cadeff2a3df91773dcc45aea1b6f150892f0797adf8c2ee27d0d75f1e01c5223,2024-11-21T09:03:26.373000
CVE-2024-26941,0,1,e5ae6d1a3983ec93dbc1ebb0a1587dda9da5ac8274be6169e8d6e3064e41052a,2025-01-14T14:37:37.710000
CVE-2024-26942,0,0,39f881a4e4cb31695225028db7c03542160cc9b05d12914f25d1ff64ba466f9e,2024-11-21T09:03:26.500000
CVE-2024-26943,0,0,16dd90efed42e45678ccacbd406baa89e1f909d5f0edf94ce4fd707ce6158956,2024-11-21T09:03:26.737000
CVE-2024-26944,0,0,4e6fdbbe0d24c6263dd198ce6f2bbfb3a16d01dd7d2b8da581c1cc336233dbb5,2024-11-21T09:03:26.850000
CVE-2024-26944,0,1,5173c263c20ff41500d77cd506c0a135055112f78a2020af9be2ee11c60b3759,2025-01-14T14:29:21.517000
CVE-2024-26945,0,0,ae6f96764324a673726732b05b955bd355f5976653ec8b043463e0baff11019d,2024-11-21T09:03:26.990000
CVE-2024-26946,0,0,42cd5cabd74c9173279dd3289adfb70a8262c89e7ffe80862a160dea1859eae9,2024-11-21T09:03:27.650000
CVE-2024-26947,0,0,bf0732699f635e430480999388946ed3c52fc60cc1e2e21486bd1b152f39863a,2024-11-21T09:03:27.780000
@ -252017,7 +252029,7 @@ CVE-2024-27055,0,0,567532cde91599899067f455d5c7b87fb6bd7d422556d36a861d5078f328e
CVE-2024-27056,0,0,0c46f13676f36e598862e1367000c5f83b6f006bf4cfa76fa723d92a467f92b1,2024-11-21T09:03:45.980000
CVE-2024-27057,0,0,59020acf3ab82c0eef52cab6667be5665e673c02ff7c385265b72e8eb5c4ebf2,2024-11-21T09:03:46.097000
CVE-2024-27058,0,0,e8e18c8efb56c2ad87995b6dc7ebbe8c01bb5c8a51c8ae719afbfa612893fc4d,2024-11-21T09:03:46.217000
CVE-2024-27059,0,0,12162d50eed4060c0ec19988202d1d5d7cefce6ae46d436b40a3dec4c213dafb,2024-11-21T09:03:46.410000
CVE-2024-27059,0,1,b8d358dc987b94bc06e49be13c99ba48022e2070d952b9bca9d47418a24f172e,2025-01-14T14:36:42.747000
CVE-2024-2706,0,0,ec4b783f22cb2952cae8bff1153eed6be7a282f6f994a45b7c4840589cd8711c,2024-12-12T17:27:56.637000
CVE-2024-27060,0,0,22bda1115b48ba58b7256e3896819cc9078fb8284ee48e35606dd5d9241e5131,2024-12-23T14:22:29.173000
CVE-2024-27061,0,0,36106eed528d548d97b156ede779488bb9a7ed8362c8cd75e4e522528c004492,2024-11-21T09:03:46.663000
@ -252345,7 +252357,7 @@ CVE-2024-27383,0,0,72e70359f0f73aeb1e6b8c0368d83827211bcfc295c5402bfd5cfdee6cfd7
CVE-2024-27385,0,0,e1a41ce9dd72dcc7e74fb02b5b7a34d75ee1fd10edb45ea10c35a3afe68bad13,2024-11-21T09:04:30.110000
CVE-2024-27386,0,0,1b64d665730a7687a332bebc6b1e44f0548d458eb827204a2ee1cc939a731c55,2024-11-21T09:04:30.280000
CVE-2024-27387,0,0,74d76ecfd4c7d0eda3830292dd6b42737cfbe9975269ec377e98fccc5293c5ca,2024-09-11T15:23:58.743000
CVE-2024-27388,0,0,30e5824152c56cda9e5c7845ecfcf456d2790a858698fc40939a829169d3e9f9,2024-11-21T09:04:30.540000
CVE-2024-27388,0,1,98453ba7ddab0d75275ebcbe2cf9adcd01c61d4c18396a578a59da147f49ad6d,2025-01-14T14:56:08.617000
CVE-2024-27389,0,0,c217d6184563415f226e9a80f037b8d7514915a86c3207640b24918bb7cb55bd,2024-11-21T09:04:30.670000
CVE-2024-2739,0,0,f4d65d5336ee215a214a5da90ed0322790b7be3ef272f9615bf61860991305e8,2024-11-21T09:10:24.570000
CVE-2024-27390,0,0,7780428a286bfe2ad84944e0e3c56b2f0984a92e2b031a42317e22e477ac14fc,2024-11-21T09:04:30.793000
@ -252353,8 +252365,8 @@ CVE-2024-27391,0,0,74e7ba782a652174d6e44269cc22f7e3eae02e2f8b1404503a1469482e17c
CVE-2024-27392,0,0,51788877a716c0011203ead65a89d91afe3ce071b5d9cd963e34730d678899ad,2024-12-26T20:32:43.923000
CVE-2024-27393,0,0,7acb0ea1cd19fda4e5e2f41152272208ba891fcce16f238ba8adfdf815157c77,2024-11-21T09:04:31.160000
CVE-2024-27394,0,0,b26d808a796a57c43a2737a6a589c18d606c49ce4d9b02ac0d6935ec64645293,2024-11-21T09:04:31.353000
CVE-2024-27395,0,0,6842fb42e53d51c3654f6b6ebd209a39716d73e38e54d6de2b29fab32ebd174b,2024-11-21T09:04:31.553000
CVE-2024-27396,0,0,5eeae45667d4aab8e300e0bd0600148308ee4abb6b0f330c9d893b5a5d2ec620,2024-11-21T09:04:31.693000
CVE-2024-27395,0,1,574d9fe9b6861b86a67985da6f3829a04cbab7adac1a4f8c46394c30d29e001f,2025-01-14T14:27:22.167000
CVE-2024-27396,0,1,619052d7edfa2606a0df6550296e33629a00872a87588e2fdde8447ec8bbd43c,2025-01-14T14:26:09.117000
CVE-2024-27397,0,0,aa595a4f1af133353403fbda30ee2eba1c22c43a6d923ec09fbe34a915bc914a,2024-11-21T09:04:31.830000
CVE-2024-27398,0,0,5d668964db5f8581f993f825ac2b92d8b5b4a6d169822c73d205cf76d493b5f2,2024-11-30T08:15:05.417000
CVE-2024-27399,0,0,2441bead541c7f566e35edcc3bc5bc55c9b6f47a2e4593c9316c027e34d9505e,2024-11-21T09:04:32.110000
@ -252569,6 +252581,7 @@ CVE-2024-27773,0,0,9937f907ae86df124158e0d3d02b2f6a356bd36428cea000a9bdb98a6113f
CVE-2024-27774,0,0,307f48a7716a730e60d75be64dea775aaf45a608fbb3ab8fba2c3652139b9ebe,2024-11-21T09:05:02.147000
CVE-2024-27775,0,0,468f4bdeb691bac934a90af6b47335beff0a01310cc0f12046ca31ea2abc0fb4,2024-11-21T09:05:02.297000
CVE-2024-27776,0,0,ef49ef17c1210e0ed2c1ff489a27f0662db66dc8a6e90113cd624459aa34be3a,2024-11-21T09:05:02.433000
CVE-2024-27778,1,1,cc407cb1cc3a17c1f81a5a000d90559c967fc40caad20daa7846eed43a5ad2f6,2025-01-14T14:15:29.053000
CVE-2024-2778,0,0,da9799ba1a896260f3966e85cd8ba6bdf1155e8b3eb8fb7ffe9ea6d0361cc9d7,2024-11-21T09:10:29.870000
CVE-2024-27782,0,0,b01afce97382f5347b598b12017d99ef6ba8abe65ad6d5215e9994d037f58038,2024-11-21T09:05:02.573000
CVE-2024-27783,0,0,f4ab6f1bc78e2b58465d6941ea5ba1a40edd430586869d7f6403e5f08823a681,2024-11-21T09:05:02.727000
@ -255786,6 +255799,7 @@ CVE-2024-32111,0,0,121bcf9e03eb2023e507e49bca0f378abedab19bac9b9cac33fc8d7c3f599
CVE-2024-32112,0,0,3cc0cdd2e390858089e1a98f8ecf0a04851da7cfb00b76da57093ec0ffbb5739,2024-11-21T09:14:29.720000
CVE-2024-32113,0,0,b0416d14f21fbcfcb8bd0e4b14fa8754bf0dc777f677edb1f6cc939227329fa6,2024-12-20T16:51:57.577000
CVE-2024-32114,0,0,ec761db7a5ad46df257b60e3bffba3183bd48091e424b77fbddb80d44570b8c2,2024-11-21T09:14:30.127000
CVE-2024-32115,1,1,f24fbdd2966345220e2a31c6012b76bacd32faeb1bd2ec756e7f886ac602f960,2025-01-14T14:15:29.200000
CVE-2024-32116,0,0,f10f3c24dc00a2826d06434dd27b29c41c2c38d776ae02f6706b238c0f312734,2024-11-13T17:01:16.850000
CVE-2024-32117,0,0,6ced7b5df85b7cf270709040a6c78ad7915ac1694cdc1063e73cbc492ca11ee8,2024-11-13T17:01:16.850000
CVE-2024-32118,0,0,cbf2b7d4af864cda3454132db2a4b769a7af322c2b5759ac474995880a9c36b6,2024-11-13T17:01:16.850000
@ -256783,6 +256797,8 @@ CVE-2024-33498,0,0,50fe8de8bce7e48e620f0f169dde903b59c1e6db4dd10e5d366514fd61692
CVE-2024-33499,0,0,803dea18a502c032d7f43bfabb140fa02ca861ad18c39b77e542bf705c52768c,2024-11-21T09:17:02.293000
CVE-2024-3350,0,0,d4069f70c85c5408080c42132a37ca996283e73747386676dca3be3d2af545e9,2024-11-21T09:29:26.097000
CVE-2024-33500,0,0,746323f4fb4b9901ec2db4b5c0fb0d198abd8dc5a220cdbb454eaf0948907ee7,2024-11-21T09:17:02.433000
CVE-2024-33502,1,1,d0674e8636083af5f3a783257cf74bc32f732f29257bf89f109ce4ef4feaa7fd,2025-01-14T14:15:29.360000
CVE-2024-33503,1,1,4ef2e20a85c689ebcd4a284c2f4342090764795d94a628b568a80e00b4a93cd7,2025-01-14T14:15:29.517000
CVE-2024-33505,0,0,1225fe0735434c0168b96035a87d6bbc53cb961ca66ce6e44cbf0ac8c7a1fdd0,2024-11-13T17:01:16.850000
CVE-2024-33506,0,0,ebc73da9186542bc574ff2ffa1bd0018ebfe9872b5e96093b78710739d042a79,2024-10-10T12:56:30.817000
CVE-2024-33508,0,0,3b76b0d03aba3d39a9333effe55dda5557e5f1c6adb532df7c6b80bfe8c854e4,2024-09-20T19:48:06.197000
@ -256978,7 +256994,7 @@ CVE-2024-33694,0,0,554cda33f2ad13bcadbc01849cf469ac8ff064b4e1bee4e0466ecd3f969a7
CVE-2024-33695,0,0,7c0d52f6fed184c071349de7a110b2489ccfa063e9c908af4c30ab33960e9006,2024-11-21T09:17:25.403000
CVE-2024-33696,0,0,bdeaca3b241fa5fb17935c438f79c2a6f73150b89aaaa02b7434d83372bcbc5e,2024-11-21T09:17:25.527000
CVE-2024-33697,0,0,ac9288454572e0a0ceafea8bbe01c8243777a17b68b31358e3f9c1206fc342a7,2024-11-21T09:17:25.647000
CVE-2024-33698,0,1,4ea57f0cc8a312f87370897367d94743d3e8e2246a2e22a1152a2d834ffce2ef,2025-01-14T11:15:15.373000
CVE-2024-33698,0,0,4ea57f0cc8a312f87370897367d94743d3e8e2246a2e22a1152a2d834ffce2ef,2025-01-14T11:15:15.373000
CVE-2024-33699,0,0,458e7a7b3d1333ee5c45aaa1189ebfd93e764aed965cf8534dfc556b9d953918,2024-11-21T09:17:25.897000
CVE-2024-3370,0,0,4977c8af342ca5e43bc003b305e8d121bc66eb96b01495a3eae5208891dcba00,2024-11-18T17:11:17.393000
CVE-2024-33700,0,0,407022dfdd24550f293ac6fd28c96f8309930375ca8392caa396c0d28c47198e,2024-11-21T09:17:26.020000
@ -258133,7 +258149,12 @@ CVE-2024-35267,0,0,9ddea27617f038237b3128d4e75fc5102d056540871869cdbf937fd02f76a
CVE-2024-35270,0,0,54fc0aef882c68b0af36e2a2e87ea567a3f0433770da6d3701c29cb540de6659,2024-11-21T09:20:03.357000
CVE-2024-35271,0,0,53435ea3e84efa467a9bdfc22250170e3299e5610ce3c91fa1af50680f120201,2024-11-21T09:20:03.527000
CVE-2024-35272,0,0,7c25fd9425a5925ce7b680ae430dc4c99441fca7143b7504eaba903c26bfba9b,2024-11-21T09:20:03.667000
CVE-2024-35273,1,1,9ab858ebb346d630e6bbf8da2157e41f0d8e42e4a4c1d3d1d26beda7fb4bf411,2025-01-14T14:15:29.663000
CVE-2024-35274,0,0,9a6beae4bfe35b0b8aee9a3d653759bf728b408106a661c475615a0bb6353472,2024-11-13T17:01:16.850000
CVE-2024-35275,1,1,db920a4838b9e37c71b9bc6fd6d2d69f628712cc99e5de16479c022646ccb044,2025-01-14T14:15:29.817000
CVE-2024-35276,1,1,4c959b5ba1a33576ed209445d5bbc58fbac65866e46c0631f77c80bdc2461b2f,2025-01-14T14:15:29.973000
CVE-2024-35277,1,1,1f41c5934d010de66ad104c6e38cd26c146e0cb4b1b59e8e833cdfbc61bc9a2c,2025-01-14T14:15:30.130000
CVE-2024-35278,1,1,dba5ee459729d0618f30372e7418d89fc2322b58b80fc5a2eaca09ea6cc469e1,2025-01-14T14:15:30.280000
CVE-2024-3528,0,0,73792362235e828bd56025419c83c67ec901a0e2b04dfa37d11c551a857b0238,2024-11-21T09:29:47.207000
CVE-2024-35282,0,0,174e154b42e127fa67b7958222015b753e479a85266f575b2e2ca4b3057942d7,2024-09-20T19:44:17.557000
CVE-2024-35283,0,0,fdb32a776c5efc323466eaba6c259cf3489c6c6ec5c750c58fec77f2eb007c63,2024-11-21T09:20:03.977000
@ -258489,7 +258510,7 @@ CVE-2024-35779,0,0,379e9188bf2eee0b63db1fbadf6625000842ff69691760967061fa8a6d4b9
CVE-2024-35780,0,0,6a6c86cac11c9e09ba89d794c1fb76158133fcd262b30e8dcf502eb12e81a2ac,2024-11-21T09:20:52.707000
CVE-2024-35781,0,0,420125c8934b01502d080ad6557e568191eb4f2ddc9a33532aeabff8c5179b91,2024-11-21T09:20:52.843000
CVE-2024-35782,0,0,6c483e8bc7721efa75f8db2f2d6f64613ae5c450037f618081a280a553a2c572,2024-11-21T09:20:53.013000
CVE-2024-35783,0,1,c048d37bf779a04696cbb12b5fbe4472a5cfa72c0d5da7c3687932cecb797cd6,2025-01-14T11:15:15.557000
CVE-2024-35783,0,0,c048d37bf779a04696cbb12b5fbe4472a5cfa72c0d5da7c3687932cecb797cd6,2025-01-14T11:15:15.557000
CVE-2024-35784,0,0,6a36ecbf216ecaf3512a6c5b2ee3703a250b459b4a7ecfacf4fe0e8fda312a85,2025-01-10T18:09:46.203000
CVE-2024-35785,0,0,77c21670bce798ec6fb6e30378d55b3c958574746063148d56c3b95ce96a48ea,2024-11-21T09:20:53.437000
CVE-2024-35786,0,0,77f89bb040cf765f6d9234d420731b7c23c63247ead02a0f8c0b8e4af33e99a9,2025-01-10T18:10:34.873000
@ -258520,7 +258541,7 @@ CVE-2024-35808,0,0,8cd0348e85e84afc85516e9508e28b368a1738ec259235e1ee14afd348ff6
CVE-2024-35809,0,0,47f3bd95a8279da81b1989e0d15fc58339b73402682851154c2828a34e185e75,2024-11-21T09:20:56.760000
CVE-2024-3581,0,0,93a459cabeb85870643801d1bff717bb88967edd8693d080ac01eb4c99cae97c,2024-11-21T09:29:55.307000
CVE-2024-35810,0,0,958005a5f063c06af5e802039d86259896a68546043fceb83b344e24e9933223,2024-11-21T09:20:56.973000
CVE-2024-35811,0,0,ac3030b7c23805ed73df3674fc0746d1a11c0db7e84d07534653d2b5c5116776,2024-11-21T09:20:57.097000
CVE-2024-35811,0,1,07bf29f6246072321203660edece51241e3f9dc6207fed7396aa997df3c1c0a5,2025-01-14T14:23:38.660000
CVE-2024-35812,0,0,88ab3c5388076701bc302df8ff295570e098a0e08ef335144c7c2c608124795d,2024-06-04T13:15:52.390000
CVE-2024-35813,0,0,d55ed165ea93f7a284698fda3dab49c6a62251de40b377ecee6122bd5051e8ff,2024-11-21T09:20:57.250000
CVE-2024-35814,0,0,ecfff0df086e37e64b9e59cc4d1488e80f1e052fe64ccbf325c70a844c28d260,2024-11-21T09:20:57.387000
@ -258538,7 +258559,7 @@ CVE-2024-35824,0,0,a403e4a74f7832cc37435f918cd1ca6ecfed4d6cf6bfefb710d0ad19aa9a4
CVE-2024-35825,0,0,27c9b17e71f5caab539149aa00cd74443946d243daa5adb95171a79fc4d7e861,2024-11-21T09:20:59.060000
CVE-2024-35826,0,0,ec8cbcfd63c65f59c0850cabf706bced87ffb9d4008267a7d11b9c8e318094a5,2024-11-21T09:20:59.207000
CVE-2024-35827,0,0,3fa793524e24dee4e9d6e935b987f9463c923c8accc7a3a52a7a4fee3204f5d0,2024-11-21T09:20:59.340000
CVE-2024-35828,0,0,de3f75129066fb9aea9e0e602df7010dd2929ac6b9ffb4fc7c9077264ef5e04a,2024-11-21T09:20:59.467000
CVE-2024-35828,0,1,c3ceb3a1c08559806a526755e1b45e46ac8c079d2fe6a16981b1b82f06abc41a,2025-01-14T14:54:31.167000
CVE-2024-35829,0,0,d8e26c284e6e13bbb526b60219f325c3261131a38492220166de44d7656d0f6b,2024-11-21T09:20:59.607000
CVE-2024-3583,0,0,d5bdb2e5af815aabe4f44a08098e593028e67339d15233bcfcda89371ddc7214,2024-11-21T09:29:55.547000
CVE-2024-35830,0,0,131b055f389f68373142dbdd992127723644363f1ce6f81502183d72e63e9fc0,2024-11-21T09:20:59.803000
@ -258690,7 +258711,7 @@ CVE-2024-35964,0,0,953ba8d598cdb2dd14f3e166e43811c72fca10a34dcbaed1f10ff61dddddf
CVE-2024-35965,0,0,cb355b9530201a0044356deee31fbe40daec64a92cd3106a492602304c2e825a,2024-11-21T09:21:18.773000
CVE-2024-35966,0,0,f33b546ca6fdfe8b921e8d93271b5fecf0ee3a484f643b806aa94ca117dd1c08,2024-11-21T09:21:18.900000
CVE-2024-35967,0,0,fdcaf1e3f97f3de5a1f0700c84f409c13f5b9f22d245fe13b8859ebfd436a328,2024-11-21T09:21:19.020000
CVE-2024-35968,0,0,92d98da324370e6fdb54f550dae2cb91f4215a3ad40bee1d7ec1828a0a7a26c0,2024-11-21T09:21:19.147000
CVE-2024-35968,0,1,e78a949ee38e30bb945ea2f4ffb3a9d4de43a584980b899a912693da08777de5,2025-01-14T14:41:00.457000
CVE-2024-35969,0,0,57851844c3f9780d2c31b6b11a5445e3dbe88253ceef2f2aad7c8e0876c485ee,2024-11-21T09:21:19.273000
CVE-2024-3597,0,0,a7dc7cebce835d8c3ee68919fe17093c31b17b7ea549be292a4206aaf18b81c1,2024-11-21T09:29:57.300000
CVE-2024-35970,0,0,651df0a6cd6aab33f31b2420b0aa32337fa146329a73038046318f9bcd49ec05,2024-11-21T09:21:19.513000
@ -259143,11 +259164,15 @@ CVE-2024-36500,0,0,3749986292cf3f04be3ecd79c3eae7049cd48de8e666dbec442c9f3a4ab4e
CVE-2024-36501,0,0,9c0f9c29b1ea578ebce558d7100251055f7ba2e7147d4ca51f7dd8451082c4ab,2024-11-21T09:22:17.977000
CVE-2024-36502,0,0,fffafe10f0702323c26baccbe897485dd35ab633d4b0d89efe45f6d8d1e5c5e1,2024-11-21T09:22:18.110000
CVE-2024-36503,0,0,54ada8b9d8eed2c037238cccde3657d3a80dd1f98e801f7a69d977747c8040d6,2024-11-21T09:22:18.260000
CVE-2024-36504,1,1,e3e9292ee263333e72044609b9b47904abcd7e197e4a1bb7df09c7b82f9cd415,2025-01-14T14:15:30.433000
CVE-2024-36505,0,0,fb291dd94dce4e50449c9e877ac2ca2ff61e5da72ca7ade21bdb425debb63d84,2024-08-22T14:36:31.643000
CVE-2024-36506,1,1,9307fef39a0d7679f16b257ecae474a6c80b67726aa819bba669245d29657ec3,2025-01-14T14:15:30.590000
CVE-2024-36507,0,0,04a24cb7eb80c7ce5b0cd930e917054d877c6b282e7beecab850e0815de29b70,2024-11-14T20:31:45.367000
CVE-2024-36509,0,0,51a3ce39b65e0ccad621c0235a19da7b333d1a36b9c66eded9ef595731c58b4a,2024-11-14T20:33:44.727000
CVE-2024-3651,0,0,ccda00a280c38637cc17b638d5c91961891d001821e1052b9fc773bf82e39d71,2024-11-21T09:30:05.170000
CVE-2024-36510,1,1,a41b277a39087e0104fb0be8446732f86015fc66d966e8e2ecf87de1b3a9368e,2025-01-14T14:15:30.737000
CVE-2024-36511,0,0,c0da5dd4b7ff65370d60d13062a323a1aaf424bbb9ae24c4ffc8a28beb2751bb,2024-09-20T19:43:25.023000
CVE-2024-36512,1,1,3099e29a697b87ff75365698c76c26f315d2ce105ba904d851745cbc3c4fc648,2025-01-14T14:15:30.880000
CVE-2024-36513,0,0,ee921d2ae73d79a0555cae5621e49e24e34fdc6c7e4a1ff34a39def65fd8a7b7,2024-11-14T20:35:26.093000
CVE-2024-36514,0,0,dc8ca9154af7beb05da22020118383c29164d6220eeec3886ce7403901a1e1de,2024-08-27T13:28:33.090000
CVE-2024-36515,0,0,ae9f00a24ab36e0dd18f037c094f8dd91bd1052645f659af43e5a534764ff4c8,2024-08-27T13:28:09.360000
@ -262055,6 +262080,7 @@ CVE-2024-40579,0,0,da11a1c0f7825d9658796f4408f8973703e2e8887ee02d7fb06e9fa156da1
CVE-2024-4058,0,0,41bd13730a967fba6dfa98e0a473274805b3a9521fbf9427b1f8ca715400dc8e,2024-11-21T09:42:06.270000
CVE-2024-40582,0,0,dd0f2a6d540adec2bb9dbc707f94fc9dff9972da1e4d33c84f17f86b02c0ca18,2024-12-11T16:15:10.873000
CVE-2024-40583,0,0,060f59166f99bc729cca84acecd51bc3d35affc7058999b403ee573e24158633,2024-12-11T16:15:11.080000
CVE-2024-40587,1,1,38c5312a4c9238882bcb91fb2b3d2734ca1ffc9bc5b9ceca84014ea68da47d0d,2025-01-14T14:15:31.027000
CVE-2024-4059,0,0,a7395c4133ca68cf195a746536b2a10391759a1b7af0981398c03fdffb32f8d2,2024-12-19T18:56:45.140000
CVE-2024-40592,0,0,70d588c7e0dd63c3f30c565c48cdd17864cf3988f3b717bd753beb73e71e83a3,2024-11-14T20:37:06.040000
CVE-2024-40594,0,0,bf65899143a2f4c0e93f528c3b9a7873123db8d586300b13b7dc1af3be463ad0,2024-11-21T09:31:20.467000
@ -265624,6 +265650,7 @@ CVE-2024-45319,0,0,f54a68d148467026440ad15f341a6bfb542cacddb35ec8506cc4659fa4aa3
CVE-2024-4532,0,0,014dcf5f2708015805e201ab211b9cd9fe192f81599e256bd8dd0d34d23e73ac,2024-11-21T09:43:02.993000
CVE-2024-45321,0,0,7c76da4e7fbb2242661f83a4480b440b53d8e0cb0dfda635981d7f5cbb74ebaf,2024-12-05T18:47:30.633000
CVE-2024-45323,0,0,0b7a355a77d8731838f1cae0db38407098fd6b4582cf218a996117fa53bb1c18,2024-09-20T16:23:51.397000
CVE-2024-45326,1,1,86ebce8f30d55c1b2581cd9f16d3a4529cb04f091a99a26c0b2f7f2fa73b1005,2025-01-14T14:15:31.183000
CVE-2024-45327,0,0,42ce17a56d26e9f93c0428bdd57edccc07f542ef58a06cef469cef22c8286e63,2024-09-11T16:26:11.920000
CVE-2024-4533,0,0,565c4992f22cce399c7ec79b1c1f5241de1ceb51c7019357739f36b97aa0a0ff,2024-11-21T09:43:03.177000
CVE-2024-45330,0,0,e9c0a42cafd75c39cc2fb6322b0e3eb6100b15258e5462b4bef0ad15a3b44297,2024-10-19T00:41:09.717000
@ -265652,7 +265679,7 @@ CVE-2024-4538,0,0,5bd1ad90e973f76dc331cc98dd5010eac6153f7bd5c3f59bc15316bd99e49f
CVE-2024-45382,0,0,cd17bb10b42a7a52154b8f180f6a96138cbe671bc16e0955e6b9f0951bb6f705,2024-10-16T17:43:43.917000
CVE-2024-45383,0,0,18b2a12c0247f6bd404573e4f3025c14dad6c1dfae1f9cf4c31db12712f62634,2024-11-21T09:37:42.043000
CVE-2024-45384,0,0,cbfb50bafa8517a7944bff5db1df53c710c3eadab72436ecb1123d86217adad5,2024-11-21T09:37:42.190000
CVE-2024-45385,1,1,0ff36faa4890e68eda1f2926aab7ef6bfdfdd26ff04558ffd7c599d744ddd711,2025-01-14T11:15:15.750000
CVE-2024-45385,0,0,0ff36faa4890e68eda1f2926aab7ef6bfdfdd26ff04558ffd7c599d744ddd711,2025-01-14T11:15:15.750000
CVE-2024-45387,0,0,da4b0586d68c4f918b7336c262bd810eaac6fb06288260c72c637886e434ed76,2024-12-23T18:15:07.043000
CVE-2024-45388,0,0,5e8b5ccfdf2c3da6b5d7948eeb7403963fce2832acccafbcb71f9440d5a08c72,2024-09-19T15:18:32.007000
CVE-2024-45389,0,0,7edb5866be2f947d92ed825c273c577f4ddbd466128d69408c1eab72a19e26af,2024-09-12T20:17:31.767000
@ -266304,7 +266331,14 @@ CVE-2024-46655,0,0,619756e28facd4dcca44a3c94ed931cf61b4408f1c51eeb5eca49c9e1ace2
CVE-2024-46657,0,0,a5ced2fc9af0ce563815dae98d1fb612587af65b11df31ab1959075bb6481834,2024-12-11T16:15:11.770000
CVE-2024-46658,0,0,8759efef114d9b796a08c43f5fa85fe56a819964b257a73be81a7a6eec47c6d5,2024-10-07T19:37:30.467000
CVE-2024-4666,0,0,b7505f51131c566a65a04c854bf3da56137a32df8f67317652113aca5c7be8be,2024-11-21T09:43:20.073000
CVE-2024-46664,1,1,e5218d6b2c148dbf578051c94ba6f67a57c7c795fa44a41d0934f6272f8ab248,2025-01-14T14:15:31.330000
CVE-2024-46665,1,1,51bd9d8a8d10de7cb9b13827256a3212419a2fcd5cd656a056f5afa8f0b477d3,2025-01-14T14:15:31.490000
CVE-2024-46666,1,1,a91168f7bdb2c66289f2d18f1a857f5d82553dc0bcf1da79fcd73565750f87dc,2025-01-14T14:15:31.647000
CVE-2024-46667,1,1,720eb21744d167d36a40147a328aabebc6b9b3cd3d50995e14a58c6fa9720f82,2025-01-14T14:15:31.797000
CVE-2024-46668,1,1,67b0123ef714dcf5e7fcef0ddb8932a4d3a92d3294bec6da1ae3760a03a61dac,2025-01-14T14:15:31.950000
CVE-2024-46669,1,1,bdef86248ec7b557b3ba17ecc147870f48f5ccc58ebb3826e082c5281bc175d9,2025-01-14T14:15:32.100000
CVE-2024-4667,0,0,0ba4feb9061227f326b9f44983ec481dee587f64e4899bf77e538f69f9f74063,2024-11-21T09:43:20.190000
CVE-2024-46670,1,1,4504416ea77713541266a837baa7d90c2bfbc1e25606035675b447f096e61748,2025-01-14T14:15:32.243000
CVE-2024-46672,0,0,bc507e64d04ea5640093bd9a3ca6fe7f0c7a71643b79e70f9ab8ae27db60ca75,2024-09-13T16:29:17.123000
CVE-2024-46673,0,0,3f51c09e700b38d12ae33fe015bc01f6f75ee9c1181458b7ce2541d901e5897e,2024-09-13T16:51:39.117000
CVE-2024-46674,0,0,658c5615ef5104d2b41abc83d32329287f71abd731b08493051a521ab04d6ebc,2024-09-13T16:51:45.103000
@ -266704,7 +266738,7 @@ CVE-2024-47093,0,0,254373901b8fc660464b2e2de4e7fbfe56fe2ef0b4d8cc4ab6e7d7491a830
CVE-2024-47094,0,0,d24e1f292f7d19d40d32d967d3e72cc931ea886edc80358cb771de69f5f1ca5a,2024-12-03T20:01:52.610000
CVE-2024-47095,0,0,ab3ae5fb8cc2610821c1dec2e1fa7073f06cbe80c80fa571d8c05d61db95648f,2024-10-10T12:56:30.817000
CVE-2024-4710,0,0,9c507813f9fc80a7b0290c71ebb56c5cafbe3613f57bf93e1120a9c56f52904d,2024-11-21T09:43:25.600000
CVE-2024-47100,1,1,c07ce74430e20aa3d764f00bdb8922764a353dc3a99b907d7385c250814a1d30,2025-01-14T11:15:16.573000
CVE-2024-47100,0,0,c07ce74430e20aa3d764f00bdb8922764a353dc3a99b907d7385c250814a1d30,2025-01-14T11:15:16.573000
CVE-2024-47102,0,0,0864a20740f0de5ffc38497db2f0d4f8389b304278d9ae91ba201d1cd5b77740,2024-12-25T15:15:06.583000
CVE-2024-47104,0,0,9f2e725614bb591f1dee85b094aedf7e5ce884d4ec064c7905e6916502af1c82,2024-12-18T11:15:05.763000
CVE-2024-47107,0,0,cbccf574787d61b4f6ca0e02b243f9353763dfcf6f42da1d1ab7d0498a1d160e,2024-12-07T15:15:04.123000
@ -267088,7 +267122,10 @@ CVE-2024-47561,0,0,f17764695fbbc71bb6294f0150402374289bc95733ccefa47795f57080dc8
CVE-2024-47562,0,0,22d7aac266fa2bcc932f0f43047690776f5dbeae34fea86034497bd09b4b2170,2024-10-11T20:04:35.480000
CVE-2024-47563,0,0,ceef06dc2480b41957bf3bbf91f7572558ef123ada102fed1a77a39f26abdf49,2024-10-11T20:05:05.143000
CVE-2024-47565,0,0,36b5b2774ba0114a0b6b38d7c3f6e740ed1cceb643a386f25a7f0a47c87192f0,2024-10-11T20:05:59.237000
CVE-2024-47566,1,1,8415f1d3a43aebbe82674cdd93d5aedf8e9b361a4bd069fcba002a37d22f49b3,2025-01-14T14:15:32.400000
CVE-2024-4757,0,0,8725ef836161b110d22ecb4616862fd191a65a364176246ebd41f0c649a57c8e,2024-11-21T09:43:32.290000
CVE-2024-47571,1,1,f2f2772b43e2a9f9133636bff15d97165e8c9b10c29858f78088dd8510ba00d2,2025-01-14T14:15:32.560000
CVE-2024-47572,1,1,29de01da91866f177436341f1451b406eeef19eba11dc0c940dcd06d1a33e87c,2025-01-14T14:15:32.717000
CVE-2024-47574,0,0,b053f693b774c7953ae85400600819c5392a7ad8eccc8a3cd4089d5ddc67765d,2024-11-13T17:01:16.850000
CVE-2024-47575,0,0,8a9e09b118d95daf165d3ea923803180c001f61012a5c234044b57c730876d25,2024-11-08T21:16:28.987000
CVE-2024-47576,0,0,88f7e74dc57b5fa3165bca4e8de12361a68dd9037f9a61c6c1b0e979a41fbc7f,2024-12-10T01:15:05.340000
@ -267852,8 +267889,12 @@ CVE-2024-48878,0,0,61df8c716ea1a9423d8f98d007fe741d86381fb579c3442ef6d827deee3b2
CVE-2024-4888,0,0,133d57bae18b01966145fd4e4ce13e18e7959193dbb6b4323cb9d35593035efb,2024-11-21T09:43:47.830000
CVE-2024-48881,0,0,ebc6f1728ddca45a5c4c77e921d1ab1f076b9c09394d13101391d66674a8d76b,2025-01-11T13:15:23.437000
CVE-2024-48883,0,0,40a7c06416987571c8a8b08bd952b0491dd531f3479f503fba90cb6ed5c81613,2025-01-13T20:15:28.770000
CVE-2024-48884,1,1,d7531b7cb1135a3712a0535e6ddd9869708afc1b4a4e954957fc71e4dc4da04b,2025-01-14T14:15:32.873000
CVE-2024-48886,1,1,e66f6047d306aaedc1af3f50921854a8ed3741d3b76c9be2c96afcce2b1dd88b,2025-01-14T14:15:33.027000
CVE-2024-48889,0,0,8e1bac12eb50f3243e5ec10f0474e909f75dc6516eb6b1b6cee870377808ea68,2024-12-18T15:15:11.713000
CVE-2024-4889,0,0,54e41cd985dde0162870a1a62b42a9fd40bf90446677bc64ce2d3dd7fe90e1b1,2024-11-21T09:43:47.970000
CVE-2024-48890,1,1,4469bd7019e5860ff35434033c96f58dc6df56ea5261eeffe1e90439382296b3,2025-01-14T14:15:33.187000
CVE-2024-48893,1,1,57bd45a691616c93ba674432be2e4034ddd715b1a09af0f667c42fcf3300c76c,2025-01-14T14:15:33.333000
CVE-2024-48895,0,0,2619cbfc056db229022c601c361879a86e8ef7297a78db8864167658fcd89d44,2024-11-21T13:57:24.187000
CVE-2024-48896,0,0,68f9b7eee2d42fd99555582d831f186b3535e450fad14d101fd4d18eb273b831,2024-11-20T14:47:12.777000
CVE-2024-48897,0,0,f3182141722d6be3bdc9aba61fbb38fd1908803d90d823ef2ab33a0e64cdc49a,2024-11-20T14:48:25.373000
@ -269030,7 +269071,7 @@ CVE-2024-50307,0,0,effd6ec5b86bf22e86b034cf0d56aa80ef1054d58eddf4f4569fd5216a211
CVE-2024-5031,0,0,c308606af56c2c63972fb5c4124ab9d975213c17c216c9acc47e4e56bb8f8d42,2024-11-21T09:46:48.853000
CVE-2024-50310,0,0,0aa8bf92cb0c2ce72d2591b8a623d6ab248b2abe4cf7e33609877fe3cb7813d1,2024-11-13T23:15:38.657000
CVE-2024-50311,0,0,b0292ba610dd96aa55991ae2b3d8d9a3245ae7b245c406d2ccd4b978c4c63f18,2024-12-04T08:15:06.993000
CVE-2024-50312,0,0,a7c4b05d3d3f339ecdf585e78123d67608338d22201a07dc1ab4fe90abd45688,2025-01-09T07:15:26.893000
CVE-2024-50312,0,1,3cc5da6adb55fa8882e7ead9469de956a8282866e867afed1db3d9ff1d8509f9,2025-01-14T13:15:19.733000
CVE-2024-50313,0,0,64114bcba17ddbbd52304f776f5dd6f39dd07ae575272b42861ff4f8f52981bf,2024-11-15T17:12:44.410000
CVE-2024-50315,0,0,4cc2faf3d8c489bc195ea9b1b71e3db71fb7f18259f91c4f6bf82e911f7ad06a,2024-11-06T18:15:06.173000
CVE-2024-50317,0,0,bb18489d7989fbe06416c7902779e422cf61fac95f0d13f7e09c0b8e1bc37193,2024-11-18T15:06:49.627000
@ -269283,6 +269324,8 @@ CVE-2024-50559,0,0,dfa1c4cb23ceb2f70b4684ba6fc94ad535123e84e14b38239e2546f378ae5
CVE-2024-5056,0,0,8fffdd4127619c786aa0989407007469ff9a6aa73bf668207b4ad19c19de1531,2024-11-21T09:46:52.267000
CVE-2024-50560,0,0,849cbb22dc43c9735ca18b0189950c1e8b5ecac4d47888f5bcbc5715b936ca6b,2024-11-13T19:57:26.073000
CVE-2024-50561,0,0,6a51b1f26d5cf18987d57ec188dc14932c4d4312c95a1bfb0fba3e588b50e618,2024-11-13T19:57:56.313000
CVE-2024-50564,1,1,e7d7ba23b6b0bd993389dc5aa1693345829839ebf13dced1f3e6b06c0e9b8cb4,2025-01-14T14:15:33.490000
CVE-2024-50566,1,1,3bfb5a17edce1a8fb08ca6a9da44a890273e947e3c31fd7cc912e28d4fea9f0f,2025-01-14T14:15:33.650000
CVE-2024-5057,0,0,4e84b19a66dd237677e71f8f6b2954676ecae2fca742ad51c75df8e74bfe774e,2024-09-20T19:31:39.437000
CVE-2024-50570,0,0,2d9dc66724750d347def0458b21203e33f8d848938408b5276fa284db7ba2a64,2024-12-18T15:15:12.660000
CVE-2024-50572,0,0,87b1aa24f79c401027b600910fcd433cb81a62e025ef81c863f015edbd3acb6f,2024-11-13T19:59:16.777000
@ -270720,6 +270763,9 @@ CVE-2024-52951,0,0,88467df47cc32548afc6312c57f27d2a7d0655e1c934e59eb5eeea7c6be50
CVE-2024-52958,0,0,965d541bdaa048d08984be57ec6ff291abae1c702954dddd32ec7b0108549df9,2024-11-27T06:15:18.590000
CVE-2024-52959,0,0,2eb2157890632ca954f7c150a61a989fe40d967f91d0ca40fadb69eac73b6b64,2024-11-27T06:15:19.083000
CVE-2024-5296,0,0,f4668a62dc8d11409bf71e36f1f99bcc5881901b7026ad13be4beab222eb08c7,2024-11-21T09:47:22.827000
CVE-2024-52963,1,1,4d65ae9a0e936d9582d3eb41b8e0c41c745523171603fd5bdb53ac17d9891400,2025-01-14T14:15:33.807000
CVE-2024-52967,1,1,6223077f8a0a2ff718c0eb1c7cabde521405743774a581e8c0fdd7de5061fa66,2025-01-14T14:15:33.967000
CVE-2024-52969,1,1,8d77c8e05c53f2f4fc2a735cd22e03c6d83b18c43f947f3dc1496437db7a937d,2025-01-14T14:15:34.123000
CVE-2024-5297,0,0,4e7f74d9629bbb9b864fb76b28bd5d406dd3be0c174577372182a6d0a600d934,2024-11-21T09:47:22.990000
CVE-2024-5298,0,0,329feabae44ccd7ff86530cac1ce0ba86c416ea44126377af7ea7290b6d65a10,2024-11-21T09:47:23.103000
CVE-2024-52982,0,0,87ddbec0fddbec6a4eb61fd0607c77d31103b1dd9283c5a13ec4d5a36a8ccef0,2024-12-18T18:22:52.637000
@ -271104,7 +271150,7 @@ CVE-2024-5363,0,0,26d4875386ad8c3215b4c09e1b67dd8ce62939d9e762298e9b8ac4e18d0732
CVE-2024-53635,0,0,69eb99ebd3cc8f0f627f786197a00b6b987c88368caf03b14418ba15ea7b94e4,2024-11-27T18:15:18.130000
CVE-2024-5364,0,0,70608899f95aca150ea63ad11d46a4a5108c90127a7a301ace82188c2357f63e,2024-11-21T09:47:30.357000
CVE-2024-53647,0,0,cfcb346f723938ad054c8fdc72391827a75db16440dc5160efbbab2c409a3044,2024-12-31T16:15:26.437000
CVE-2024-53649,1,1,c4c6b955106a096e3730b531752c300c6d2c019faf872c25a38e43153658bc98,2025-01-14T11:15:16.820000
CVE-2024-53649,0,0,c4c6b955106a096e3730b531752c300c6d2c019faf872c25a38e43153658bc98,2025-01-14T11:15:16.820000
CVE-2024-5365,0,0,1cfce3a239d45132ff3721a342529a7c8292cbd269d61639965b045e1105a397,2024-11-21T09:47:30.490000
CVE-2024-5366,0,0,3d4708898dde8c46157274fab31aec2bb1d6d4355897d80e5ba83e77521494aa,2024-11-21T09:47:30.617000
CVE-2024-5367,0,0,a7221799367d103e649a718fec766a2c3243ad87477c7760cdab4ba0815d2580,2024-11-21T09:47:30.747000
@ -271384,6 +271430,7 @@ CVE-2024-54009,0,0,57a4bb8c66b26b4000e58cbef542e2f0e67be86fc478ee09e8a3296c8cd7f
CVE-2024-54010,0,0,55025b40a5b298b8a5e8aa969e96243fb05f1dc7d8c7c838522e5ec07eca40f1,2025-01-08T21:15:12.900000
CVE-2024-54014,0,0,fef0a2723f6d0eb99b08285b0e1281168729dd64327291d1bbdb15f503c04c5e,2024-12-05T03:15:14.530000
CVE-2024-5402,0,0,369141076231aa822f3b7e1a9c4a08753a10cb13fa106f65751574195737991f,2024-11-21T09:47:34.947000
CVE-2024-54021,1,1,eb34467909589e9ed378241f26b68d9b57aaa270e202ff278b5bef31a7fb90c0,2025-01-14T14:15:34.287000
CVE-2024-5403,0,0,f4e58d907f2a672c85e38960e3074ec1cb3261646ec2ccae3d1a32d0c95159be,2024-11-21T09:47:35.097000
CVE-2024-54030,0,0,07c84f217a6fa368622d2a223843d19c0c7e728e80537c7c260b676bb124b4cd,2025-01-07T08:15:25.760000
CVE-2024-54032,0,0,1ae7bed178388a8becc0b2310728246bc38710e9f7ad794feb179bb616babfd5,2024-12-19T19:03:15.563000
@ -272057,6 +272104,8 @@ CVE-2024-55582,0,0,8c7e64bb3acec7a473c6e65040db0fdec814405cb32a2dc0c98b336fe36f3
CVE-2024-55586,0,0,925f554fe1c6418481a3cd536be7ee8d09491d59c7f2a3844aeb8009a61c81a3,2024-12-12T02:08:22.247000
CVE-2024-55587,0,0,043360c021c66dd2c5a5e7aa976c02dd7134a3fcd9d370dcc05a2b2b78d778ba,2024-12-12T17:15:11.197000
CVE-2024-5559,0,0,da875044adc3709281edfed6e696b593f02a48923f7270d2350dbdeb9c3f0186,2024-11-21T09:47:55.840000
CVE-2024-55591,1,1,8a676da64de87fdff554350b8ede260af0b8d141fe727b890230144ba7de5713,2025-01-14T14:15:34.450000
CVE-2024-55593,1,1,7966b8c0c61f0e982eed66bcaeabb127b9928db85b43c7e5a46fdeafce2a85f4,2025-01-14T14:15:34.610000
CVE-2024-5560,0,0,201a92ce337d2fd4d85cefc5a8b186dd1f339de19f8ea6d91a69fddcd5fd3ef6,2024-11-21T09:47:55.983000
CVE-2024-55601,0,0,3b6016987278f61ded580e0e03402a0550929e4ad53cc1af6a73ada12213c6f3,2024-12-09T22:15:23.100000
CVE-2024-55602,0,0,396d72563ab4a374ac0c8980e8cee78cbdbdadbfbf983b79309109b631e68a0b,2024-12-10T18:15:43.500000
@ -272502,6 +272551,7 @@ CVE-2024-56456,0,0,ffa3e9a4f19018bcf11c859795308311b14e0895d36772f424432ee894d6d
CVE-2024-5646,0,0,c48b41c63e1dae6ddb1f5f69529911450f8300b5322652ac7b1465148b11ea55,2024-11-21T09:48:05.203000
CVE-2024-5648,0,0,bc73cf61a73f7ebbf93011e7f0eec24203116f4c2ab4460b3b361f438af2c397,2024-11-21T09:48:05.320000
CVE-2024-5649,0,0,92f21873e8ee5bd32fcc22cd04303aa3780b31222c125187737acc3fe33a1fe2,2024-11-21T09:48:05.430000
CVE-2024-56497,1,1,9e1301cea3ad51076f7a891451fc948078d213e3257e4f6d9b488956f6ddfcd1,2025-01-14T14:15:34.760000
CVE-2024-5650,0,0,e326c3216630004af5368334e17751b93c2144fc6e95ba439673319f24c5efbd,2024-11-21T09:48:05.557000
CVE-2024-56507,0,0,2fcd6aea186081b10138c7efdbe4c6828fb4bc2d016266039f2e51dacfa7b54c,2024-12-27T21:15:08.287000
CVE-2024-56508,0,0,62a7f3a0dfedbfdc727f7144b117b7a6dd3c469bd925b864f6c6e3be9baa32e4,2024-12-27T21:15:08.390000
@ -272816,7 +272866,7 @@ CVE-2024-56829,0,0,fb517ef6b7f51e566ba1e37004f2890737a0fef0bcdec303fd5ff6dcfac6c
CVE-2024-5683,0,0,881352e7cddbf9570cae104e43894ad6185c01dcb07cd1be33b2f8fea4b1c33b,2024-11-21T09:48:09.327000
CVE-2024-56830,0,0,79c85b0b070d5536c466f2e90f00cc426f8f9dfa98d4a97719c579eb1ffbed30,2025-01-02T05:15:07.967000
CVE-2024-5684,0,0,89fc556df6ea8323aa11fe4b3357624e27d83b832e2994b2f9ef28181d8fd16e,2024-11-21T09:48:09.440000
CVE-2024-56841,1,1,00e6b1866469faa47f0316ce82befa0216f19384ec02a27a0ba58da8ce558796,2025-01-14T11:15:17.020000
CVE-2024-56841,0,0,00e6b1866469faa47f0316ce82befa0216f19384ec02a27a0ba58da8ce558796,2025-01-14T11:15:17.020000
CVE-2024-5685,0,0,0c1a4251459dbb721b4f03df2fa84a864dbca3ca052d26de3db680c230fc2f87,2024-11-21T09:48:09.570000
CVE-2024-5686,0,0,494008cd50a5cb32ba05dd687e88d5cd5348379ce547e26ef1644b29c1645806,2024-11-21T09:48:09.690000
CVE-2024-5687,0,0,9369fec80d103c4a22eb73ec3506b871dd90ca5a0f07d3a11cd2907750f40445,2024-11-21T09:48:09.810000
@ -274393,6 +274443,7 @@ CVE-2024-7340,0,0,afceb6b3fac1138f8cb83e0f415cec5ebdcab90ac887ac6cc7416d04596c33
CVE-2024-7341,0,0,9879605967e8521e630e3508fca649ab0616466777cf91cc4c4478c8d606e537,2024-10-04T12:48:43.523000
CVE-2024-7342,0,0,bbab372366d62b7492fd885c0fd46da4598051b512f5991327f8cfce46915879,2024-08-15T18:40:22.537000
CVE-2024-7343,0,0,7f2632b50e9d4a4da19cdb31448eaac6640ad60d85ef9c956fde33f5c8956343,2024-08-15T18:40:52.707000
CVE-2024-7344,1,1,169954b6690d2f6aeef902690aa74d75c4836343156776b1d35bfc6a380de364,2025-01-14T14:15:34.930000
CVE-2024-7345,0,0,7689b50cbee63ee18ebf904fc91903644247462e42f3178c6191ec55402d6f73,2024-09-05T14:11:00.493000
CVE-2024-7346,0,0,25638c7d38cc54d22ba7fca216c7c1e04ae0c03279aa3b42c264161ca8172985,2024-09-05T14:03:24.040000
CVE-2024-7347,0,0,052850221e337731d4f88404cf83263003b44cf188813b50c9e6a1df4baaca23,2024-11-21T09:51:20.560000
@ -276732,7 +276783,7 @@ CVE-2025-20126,0,0,0fcc9383f8a59c5e0d551ae3c2ee7933f9c74701d79731c282030a0992412
CVE-2025-20166,0,0,188546bff78f1ed6c60c3dafa709981ac0aa7d116e226da5b14281c3f0f04183,2025-01-08T17:15:16.990000
CVE-2025-20167,0,0,ea01454738582257d8f0561c538bde2bc3fca79642eac6232d7fa05917ea3b87,2025-01-08T17:15:17.163000
CVE-2025-20168,0,0,f8a58ad4899086a228f10ada9d537b9205b9094ad2b0c298be3af0260ad230d2,2025-01-08T17:15:17.323000
CVE-2025-20620,0,1,1e8e0ac38b52cc7a57624834c34b6768518bcb15ec9ff959866d53e2714e094f,2025-01-14T10:15:07.860000
CVE-2025-20620,0,0,1e8e0ac38b52cc7a57624834c34b6768518bcb15ec9ff959866d53e2714e094f,2025-01-14T10:15:07.860000
CVE-2025-21102,0,0,8153781fb244bf502850065fab180d787cadc10df5675c4bfb3f0250244d97ce,2025-01-08T12:15:22.850000
CVE-2025-21111,0,0,ac99f23afec6fb5ea7aef333a4f2d14bc0359a06e3db388b0b698b212d2c1078,2025-01-08T18:15:20.157000
CVE-2025-21380,0,0,4c50921192674428f12ee9508d0865ca454638893a117ed6c41e0d9bb5aca2bc,2025-01-09T23:15:08.340000

Can't render this file because it is too large.