admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-08-12 02:57:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-02-11T23:00:32.112139+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-02-11 23:03:57 +00:00
parent 3dfbb27fb4
commit 9782e4fcca
85 changed files with 3688 additions and 402 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
CVE-2021/CVE-2021-468xx/CVE-2021-46878.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-46878",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-11T18:15:58.340",
"lastModified": "2024-11-21T06:34:50.340",
"lastModified": "2025-02-11T21:15:08.843",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-843"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-843"
}
]
}
],
"configurations": [

6
CVE-2022/CVE-2022-248xx/CVE-2022-24810.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-24810",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-04-16T20:15:09.227",
"lastModified": "2025-02-10T19:05:07.470",
"lastModified": "2025-02-11T21:56:27.290",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -138,7 +138,7 @@
"url": "https://github.com/net-snmp/net-snmp/commit/ce66eb97c17aa9a48bc079be7b65895266fa6775",
"source": "security-advisories@github.com",
"tags": [
"Patch"
"Release Notes"
]
},
{
@ -190,7 +190,7 @@
"url": "https://github.com/net-snmp/net-snmp/commit/ce66eb97c17aa9a48bc079be7b65895266fa6775",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
"Release Notes"
]
},
{

37
CVE-2022/CVE-2022-31xx/CVE-2022-3180.json Normal file
View File

@ -0,0 +1,37 @@
{
"id": "CVE-2022-3180",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-02-11T22:15:24.180",
"lastModified": "2025-02-11T22:15:24.180",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The WPGateway Plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 3.5. This allows unauthenticated attackers to create arbitrary malicious administrator accounts."
}
],
"metrics": {},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-290"
}
]
}
],
"references": [
{
"url": "https://www.wordfence.com/blog/2022/09/psa-zero-day-vulnerability-in-wpgateway-actively-exploited-in-the-wild/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/wpgateway/wpgateway-35-unauthenticated-privilege-escalation",
"source": "security@wordfence.com"
}
]
}

32
CVE-2022/CVE-2022-386xx/CVE-2022-38604.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-38604",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-11T01:15:06.927",
"lastModified": "2024-11-21T07:16:48.210",
"lastModified": "2025-02-11T21:15:09.120",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-59"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-59"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-432xx/CVE-2022-43293.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-43293",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-11T01:15:06.987",
"lastModified": "2024-11-21T07:26:13.630",
"lastModified": "2025-02-11T21:15:09.413",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 0.7,
"impactScore": 5.2
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.7,
"impactScore": 5.2
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-59"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-59"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-433xx/CVE-2022-43309.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-43309",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-07T21:15:06.827",
"lastModified": "2024-11-21T07:26:14.937",
"lastModified": "2025-02-11T21:15:09.697",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-732"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-732"
}
]
}
],
"configurations": [

22
CVE-2023/CVE-2023-01xx/CVE-2023-0157.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-0157",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-04-10T14:15:08.157",
"lastModified": "2024-11-21T07:36:39.593",
"lastModified": "2025-02-11T22:15:24.310",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},

22
CVE-2023/CVE-2023-04xx/CVE-2023-0423.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-0423",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-04-10T14:15:08.350",
"lastModified": "2024-11-21T07:37:09.223",
"lastModified": "2025-02-11T22:15:24.473",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},

22
CVE-2023/CVE-2023-05xx/CVE-2023-0546.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-0546",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-04-10T14:15:08.423",
"lastModified": "2024-11-21T07:37:22.843",
"lastModified": "2025-02-11T21:15:10.067",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},

22
CVE-2023/CVE-2023-06xx/CVE-2023-0605.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-0605",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-04-10T14:15:08.487",
"lastModified": "2024-11-21T07:37:28.437",
"lastModified": "2025-02-11T22:15:24.637",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},

22
CVE-2023/CVE-2023-08xx/CVE-2023-0874.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-0874",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-04-10T14:15:08.553",
"lastModified": "2024-11-21T07:38:00.990",
"lastModified": "2025-02-11T22:15:24.793",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},

22
CVE-2023/CVE-2023-09xx/CVE-2023-0983.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-0983",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-04-10T14:15:08.677",
"lastModified": "2024-11-21T07:38:13.977",
"lastModified": "2025-02-11T22:15:24.950",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},

22
CVE-2023/CVE-2023-11xx/CVE-2023-1120.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-1120",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-04-10T14:15:08.743",
"lastModified": "2024-11-21T07:38:29.910",
"lastModified": "2025-02-11T22:15:25.103",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},

22
CVE-2023/CVE-2023-11xx/CVE-2023-1121.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-1121",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-04-10T14:15:08.837",
"lastModified": "2024-11-21T07:38:30.020",
"lastModified": "2025-02-11T22:15:25.260",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},

22
CVE-2023/CVE-2023-14xx/CVE-2023-1406.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-1406",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-04-10T14:15:09.250",
"lastModified": "2024-11-21T07:39:07.680",
"lastModified": "2025-02-11T22:15:25.410",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},

22
CVE-2023/CVE-2023-14xx/CVE-2023-1425.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-1425",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-04-10T14:15:09.387",
"lastModified": "2024-11-21T07:39:09.797",
"lastModified": "2025-02-11T22:15:25.583",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},

22
CVE-2023/CVE-2023-14xx/CVE-2023-1426.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-1426",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-04-10T14:15:09.517",
"lastModified": "2024-11-21T07:39:09.920",
"lastModified": "2025-02-11T22:15:25.740",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},

60
CVE-2023/CVE-2023-205xx/CVE-2023-20507.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2023-20507",
"sourceIdentifier": "psirt@amd.com",
"published": "2025-02-11T21:15:10.620",
"lastModified": "2025-02-11T21:15:10.620",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An integer overflow in the ASP could allow a privileged attacker to perform an out-of-bounds write, potentially resulting in loss of data integrity."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@amd.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 2.3,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 0.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@amd.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
],
"references": [
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4008.html",
"source": "psirt@amd.com"
},
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-5004.html",
"source": "psirt@amd.com"
}
]
}

60
CVE-2023/CVE-2023-205xx/CVE-2023-20515.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2023-20515",
"sourceIdentifier": "psirt@amd.com",
"published": "2025-02-11T22:15:26.087",
"lastModified": "2025-02-11T22:15:26.087",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper access control in the fTPM driver in the trusted OS could allow a privileged attacker to corrupt system memory, potentially leading to loss of integrity, confidentiality, or availability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@amd.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.5,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "psirt@amd.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1284"
}
]
}
],
"references": [
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4008.html",
"source": "psirt@amd.com"
},
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-5004.html",
"source": "psirt@amd.com"
}
]
}

60
CVE-2023/CVE-2023-205xx/CVE-2023-20581.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2023-20581",
"sourceIdentifier": "psirt@amd.com",
"published": "2025-02-11T22:15:26.223",
"lastModified": "2025-02-11T22:15:26.223",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper access control in the IOMMU may allow a privileged attacker to bypass RMP checks, potentially leading to a loss of guest memory integrity."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@amd.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:N",
"baseScore": 2.5,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 0.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@amd.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1284"
}
]
}
],
"references": [
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3009.html",
"source": "psirt@amd.com"
},
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-5004.html",
"source": "psirt@amd.com"
}
]
}

60
CVE-2023/CVE-2023-205xx/CVE-2023-20582.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2023-20582",
"sourceIdentifier": "psirt@amd.com",
"published": "2025-02-11T22:15:26.347",
"lastModified": "2025-02-11T22:15:26.347",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper handling of invalid nested page table entries in the IOMMU may allow a privileged attacker to induce page table entry (PTE) faults to bypass RMP checks in SEV-SNP, potentially leading to a loss of guest memory integrity."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@amd.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 0.8,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "psirt@amd.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1284"
}
]
}
],
"references": [
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3009.html",
"source": "psirt@amd.com"
},
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-5004.html",
"source": "psirt@amd.com"
}
]
}

32
CVE-2023/CVE-2023-226xx/CVE-2023-22615.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-22615",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-11T21:15:17.733",
"lastModified": "2024-11-21T07:45:03.790",
"lastModified": "2025-02-11T21:15:10.803",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.0,
"impactScore": 5.8
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.0,
"impactScore": 5.8
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-228xx/CVE-2023-22808.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-22808",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-11T21:15:17.780",
"lastModified": "2024-11-21T07:45:27.613",
"lastModified": "2025-02-11T21:15:11.070",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 3.3,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-125"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-265xx/CVE-2023-26555.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-26555",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-11T21:15:21.830",
"lastModified": "2024-11-21T07:51:44.487",
"lastModified": "2025-02-11T21:15:11.330",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 0.5,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "PHYSICAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.5,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-265xx/CVE-2023-26588.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-26588",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-04-11T09:15:08.020",
"lastModified": "2024-11-21T07:51:48.657",
"lastModified": "2025-02-11T21:15:11.567",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-668"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-668"
}
]
}
],
"configurations": [

22
CVE-2023/CVE-2023-271xx/CVE-2023-27192.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-27192",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-11T15:15:10.630",
"lastModified": "2024-11-21T07:52:26.157",
"lastModified": "2025-02-11T21:15:11.790",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},

32
CVE-2023/CVE-2023-277xx/CVE-2023-27730.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-27730",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-09T20:15:56.780",
"lastModified": "2024-11-21T07:53:23.977",
"lastModified": "2025-02-11T22:15:26.463",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-125"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [

60
CVE-2023/CVE-2023-313xx/CVE-2023-31331.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2023-31331",
"sourceIdentifier": "psirt@amd.com",
"published": "2025-02-11T22:15:26.643",
"lastModified": "2025-02-11T22:15:26.643",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper access control in the DRTM firmware could allow a privileged attacker to perform multiple driver initializations, resulting in stack memory corruption that could potentially lead to loss of integrity or availability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@amd.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:L",
"baseScore": 3.0,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 0.5,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "psirt@amd.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1284"
}
]
}
],
"references": [
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4008.html",
"source": "psirt@amd.com"
},
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-5004.html",
"source": "psirt@amd.com"
}
]
}

14
CVE-2023/CVE-2023-313xx/CVE-2023-31361.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-31361",
"sourceIdentifier": "psirt@amd.com",
"published": "2025-02-11T20:15:33.120",
"lastModified": "2025-02-11T20:15:33.120",
"lastModified": "2025-02-11T21:15:12.160",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
@ -35,6 +35,18 @@
}
]
},
"weaknesses": [
{
"source": "psirt@amd.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
}
],
"references": [
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-9012.html",

34
CVE-2023/CVE-2023-322xx/CVE-2023-32295.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-32295",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-11T12:15:07.707",
"lastModified": "2024-11-21T08:03:03.640",
"lastModified": "2025-02-11T22:15:26.777",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -36,13 +36,43 @@
},
"exploitabilityScore": 1.8,
"impactScore": 4.0
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Primary",
"description": [
{
"lang": "en",

47
CVE-2023/CVE-2023-402xx/CVE-2023-40203.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-40203",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-12-13T15:15:21.450",
"lastModified": "2024-12-13T15:15:21.450",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-11T21:14:25.977",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -51,10 +71,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mailmunch:mailchimp_forms:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.1.5",
"matchCriteriaId": "7FD1C4EC-6F5F-4169-B882-55291BD09E33"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/mailchimp-forms-by-mailmunch/vulnerability/wordpress-mailchimp-forms-by-mailmunch-plugin-3-1-4-broken-access-control?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

14
CVE-2023/CVE-2023-43xx/CVE-2023-4308.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-4308",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-08-15T08:15:09.717",
"lastModified": "2024-11-21T08:34:49.717",
"lastModified": "2025-02-11T22:15:26.973",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -59,6 +59,18 @@
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [

62
CVE-2023/CVE-2023-515xx/CVE-2023-51546.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51546",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-05-17T09:15:19.853",
"lastModified": "2024-11-21T08:38:21.220",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-11T21:44:12.493",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
@ -49,16 +69,50 @@
"value": "CWE-269"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:webtoffee:woocommerce_pdf_invoices\\,_packing_slips\\,_delivery_notes_and_shipping_labels:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.3.0",
"matchCriteriaId": "1B6B77DC-56B2-46C4-B78F-A1C181C42927"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/print-invoices-packing-slip-labels-for-woocommerce/wordpress-woocommerce-pdf-invoices-packing-slips-delivery-notes-and-shipping-labels-plugin-4-2-1-privilege-escalation-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://patchstack.com/database/vulnerability/print-invoices-packing-slip-labels-for-woocommerce/wordpress-woocommerce-pdf-invoices-packing-slips-delivery-notes-and-shipping-labels-plugin-4-2-1-privilege-escalation-vulnerability?_s_id=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

119
CVE-2023/CVE-2023-63xx/CVE-2023-6321.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6321",
"sourceIdentifier": "cve-requests@bitdefender.com",
"published": "2024-05-15T13:15:25.230",
"lastModified": "2024-11-21T08:43:37.223",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-11T21:32:39.830",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -49,16 +69,107 @@
"value": "CWE-78"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:owletcare:cam_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2.11",
"matchCriteriaId": "9C11F124-BEE1-4FAF-9BD6-CA0BC81AF56C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:owletcare:cam:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8A54D2C-9F78-4B06-B5CD-3DBE54F031BF"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:owletcare:cam_2_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2.10",
"matchCriteriaId": "167A51A1-6B23-45B2-9038-A8A65966EB83"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:owletcare:cam_2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9E25B26-657F-4953-B06E-E70F9D397888"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:throughtek:kalay_platform:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4176E066-18DF-47D7-8604-2596C2F37EB6"
}
]
}
]
}
],
"references": [
{
"url": "https://bitdefender.com/blog/labs/notes-on-throughtek-kalay-vulnerabilities-and-their-impact/",
"source": "cve-requests@bitdefender.com"
"source": "cve-requests@bitdefender.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://bitdefender.com/blog/labs/notes-on-throughtek-kalay-vulnerabilities-and-their-impact/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

117
CVE-2023/CVE-2023-63xx/CVE-2023-6322.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6322",
"sourceIdentifier": "cve-requests@bitdefender.com",
"published": "2024-05-15T13:15:25.543",
"lastModified": "2024-11-21T08:43:37.363",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-11T21:32:42.377",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -49,16 +69,105 @@
"value": "CWE-121"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:wyze:cam_v3_firmware:4.36.11.5859:*:*:*:*:*:*:*",
"matchCriteriaId": "4FE4DD58-8A90-43ED-B613-AB7D0BBA63A4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:wyze:cam_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C96BD4E4-F38A-4D78-851D-0F879B4D3A16"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:roku:indoor_camera_se_firmware:3.0.2.4679:*:*:*:*:*:*:*",
"matchCriteriaId": "B79DA37F-D435-470A-812C-5DB730F91A85"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:roku:indoor_camera_se:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF28236D-4618-4E8A-A8A5-60DD6104D9CD"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:throughtek:kalay_platform:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4176E066-18DF-47D7-8604-2596C2F37EB6"
}
]
}
]
}
],
"references": [
{
"url": "https://bitdefender.com/blog/labs/notes-on-throughtek-kalay-vulnerabilities-and-their-impact/",
"source": "cve-requests@bitdefender.com"
"source": "cve-requests@bitdefender.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://bitdefender.com/blog/labs/notes-on-throughtek-kalay-vulnerabilities-and-their-impact/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

163
CVE-2023/CVE-2023-63xx/CVE-2023-6323.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6323",
"sourceIdentifier": "cve-requests@bitdefender.com",
"published": "2024-05-15T13:15:25.780",
"lastModified": "2024-11-21T08:43:37.493",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-11T21:32:45.037",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
@ -51,14 +71,149 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:wyze:cam_v3_firmware:4.36.11.5859:*:*:*:*:*:*:*",
"matchCriteriaId": "4FE4DD58-8A90-43ED-B613-AB7D0BBA63A4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:wyze:cam_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C96BD4E4-F38A-4D78-851D-0F879B4D3A16"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:roku:indoor_camera_se_firmware:3.0.2.4679:*:*:*:*:*:*:*",
"matchCriteriaId": "B79DA37F-D435-470A-812C-5DB730F91A85"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:roku:indoor_camera_se:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF28236D-4618-4E8A-A8A5-60DD6104D9CD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:owletcare:cam_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2.11",
"matchCriteriaId": "9C11F124-BEE1-4FAF-9BD6-CA0BC81AF56C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:owletcare:cam:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8A54D2C-9F78-4B06-B5CD-3DBE54F031BF"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:owletcare:cam_2_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2.10",
"matchCriteriaId": "167A51A1-6B23-45B2-9038-A8A65966EB83"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:owletcare:cam_2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9E25B26-657F-4953-B06E-E70F9D397888"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:throughtek:kalay_platform:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4176E066-18DF-47D7-8604-2596C2F37EB6"
}
]
}
]
}
],
"references": [
{
"url": "https://bitdefender.com/blog/labs/notes-on-throughtek-kalay-vulnerabilities-and-their-impact/",
"source": "cve-requests@bitdefender.com"
"source": "cve-requests@bitdefender.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://bitdefender.com/blog/labs/notes-on-throughtek-kalay-vulnerabilities-and-their-impact/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

173
CVE-2023/CVE-2023-63xx/CVE-2023-6324.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6324",
"sourceIdentifier": "cve-requests@bitdefender.com",
"published": "2024-05-15T13:15:26.010",
"lastModified": "2024-11-21T08:43:37.627",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-11T21:32:50.220",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -49,16 +69,161 @@
"value": "CWE-457"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-908"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:wyze:cam_v3_firmware:4.36.11.5859:*:*:*:*:*:*:*",
"matchCriteriaId": "4FE4DD58-8A90-43ED-B613-AB7D0BBA63A4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:wyze:cam_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C96BD4E4-F38A-4D78-851D-0F879B4D3A16"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:roku:indoor_camera_se_firmware:3.0.2.4679:*:*:*:*:*:*:*",
"matchCriteriaId": "B79DA37F-D435-470A-812C-5DB730F91A85"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:roku:indoor_camera_se:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF28236D-4618-4E8A-A8A5-60DD6104D9CD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:owletcare:cam_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2.11",
"matchCriteriaId": "9C11F124-BEE1-4FAF-9BD6-CA0BC81AF56C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:owletcare:cam:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8A54D2C-9F78-4B06-B5CD-3DBE54F031BF"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:owletcare:cam_2_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2.10",
"matchCriteriaId": "167A51A1-6B23-45B2-9038-A8A65966EB83"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:owletcare:cam_2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9E25B26-657F-4953-B06E-E70F9D397888"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:throughtek:kalay_platform:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4176E066-18DF-47D7-8604-2596C2F37EB6"
}
]
}
]
}
],
"references": [
{
"url": "https://bitdefender.com/blog/labs/notes-on-throughtek-kalay-vulnerabilities-and-their-impact/",
"source": "cve-requests@bitdefender.com"
"source": "cve-requests@bitdefender.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://bitdefender.com/blog/labs/notes-on-throughtek-kalay-vulnerabilities-and-their-impact/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

56
CVE-2024/CVE-2024-01xx/CVE-2024-0179.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-0179",
"sourceIdentifier": "psirt@amd.com",
"published": "2025-02-11T21:15:12.280",
"lastModified": "2025-02-11T21:15:12.280",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SMM Callout vulnerability within the AmdCpmDisplayFeatureSMM driver could allow locally authenticated attackers to overwrite SMRAM, potentially resulting in arbitrary code execution."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@amd.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.5,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "psirt@amd.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7027.html",
"source": "psirt@amd.com"
}
]
}

54
CVE-2024/CVE-2024-09xx/CVE-2024-0957.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0957",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-22T02:15:07.747",
"lastModified": "2024-11-21T08:47:52.707",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-11T21:43:26.183",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -39,22 +39,64 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:webtoffee:woocommerce_pdf_invoices\\,_packing_slips\\,_delivery_notes_and_shipping_labels:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.4.2",
"matchCriteriaId": "81598D07-B753-4565-B94E-E8A873A8D839"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3050923%40print-invoices-packing-slip-labels-for-woocommerce&new=3050923%40print-invoices-packing-slip-labels-for-woocommerce&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c7ba4218-5b60-4e72-b98d-7c95c9fc3d59?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3050923%40print-invoices-packing-slip-labels-for-woocommerce&new=3050923%40print-invoices-packing-slip-labels-for-woocommerce&sfp_email=&sfph_mail=",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c7ba4218-5b60-4e72-b98d-7c95c9fc3d59?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

105
CVE-2024/CVE-2024-109xx/CVE-2024-10979.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-10979",
"sourceIdentifier": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007",
"published": "2024-11-14T13:15:04.407",
"lastModified": "2025-01-10T13:15:08.790",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-11T21:27:49.273",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -49,20 +69,95 @@
"value": "CWE-15"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-610"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0",
"versionEndExcluding": "12.21",
"matchCriteriaId": "433D59A0-8811-4DDB-A9F7-D85C62F905CC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.17",
"matchCriteriaId": "380F8048-FBE5-4606-93A3-915CFD229317"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.14",
"matchCriteriaId": "FACF31C7-3B20-4BAE-A596-9C59D67406D8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0",
"versionEndExcluding": "15.9",
"matchCriteriaId": "DF12F1A2-3179-4DAC-B728-038B94954DC7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0",
"versionEndExcluding": "16.5",
"matchCriteriaId": "353CBD91-FC28-4DA3-B79A-F4F4DC80FA93"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.0",
"versionEndExcluding": "17.1",
"matchCriteriaId": "DCEB2049-EB8A-4703-B3FF-FC641623ED2C"
}
]
}
]
}
],
"references": [
{
"url": "https://www.postgresql.org/support/security/CVE-2024-10979/",
"source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007"
"source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/fmora50591/postgresql-env-vuln/blob/main/README.md",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mitigation",
"Third Party Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20250110-0003/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

61
CVE-2024/CVE-2024-111xx/CVE-2024-11128.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-11128",
"sourceIdentifier": "cve-requests@bitdefender.com",
"published": "2025-01-13T22:15:13.680",
"lastModified": "2025-01-13T22:15:13.680",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-11T21:38:28.860",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -59,24 +59,77 @@
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "cve-requests@bitdefender.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bitdefender:virus_scanner:*:*:*:*:*:macos:*:*",
"versionEndExcluding": "3.18",
"matchCriteriaId": "4E101785-80D3-425E-9D84-0EE152660BDB"
}
]
}
]
}
],
"references": [
{
"url": "https://www.bitdefender.com/support/security-advisories/insufficient-hardened-runtime-or-library-validation-signing-in-bitdefender-virus-scanner-for-macos/",
"source": "cve-requests@bitdefender.com"
"source": "cve-requests@bitdefender.com",
"tags": [
"Vendor Advisory"
]
}
]
}

16
CVE-2024/CVE-2024-118xx/CVE-2024-11831.json
View File

@ -2,20 +2,24 @@
"id": "CVE-2024-11831",
"sourceIdentifier": "secalert@redhat.com",
"published": "2025-02-10T16:15:37.080",
"lastModified": "2025-02-10T16:15:37.080",
"vulnStatus": "Received",
"lastModified": "2025-02-11T22:15:27.167",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in npm-serialize-javascript. The vulnerability occurs because the serialize-javascript module does not properly sanitize certain inputs, such as regex or other JavaScript object types, allowing an attacker to inject malicious code. This code could be executed when deserialized by a web browser, causing Cross-site scripting (XSS) attacks. This issue is critical in environments where serialized data is sent to web clients, potentially compromising the security of the website or web application using this package."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una falla en npm-serialize-javascript. La vulnerabilidad ocurre porque el m\u00f3dulo serialize-javascript no depura correctamente ciertas entradas, como expresiones regulares u otros tipos de objetos JavaScript, lo que permite que un atacante inyecte c\u00f3digo malicioso. Este c\u00f3digo podr\u00eda ejecutarse cuando un navegador web lo deserialice, lo que causa ataques de cross site scripting (XSS). Este problema es cr\u00edtico en entornos donde se env\u00edan datos serializados a clientes web, lo que potencialmente compromete la seguridad del sitio web o la aplicaci\u00f3n web que utiliza este paquete."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secalert@redhat.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
@ -38,7 +42,7 @@
"weaknesses": [
{
"source": "secalert@redhat.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -48,6 +52,10 @@
}
],
"references": [
{
"url": "https://access.redhat.com/errata/RHSA-2025:1334",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2024-11831",
"source": "secalert@redhat.com"

44
CVE-2024/CVE-2024-123xx/CVE-2024-12370.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-12370",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-17T09:15:07.810",
"lastModified": "2025-01-17T09:15:07.810",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-11T21:42:23.220",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -42,23 +42,57 @@
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:thimpress:wp_hotel_booking:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.1.6",
"matchCriteriaId": "6A7B33CA-8E63-4149-B390-B0D8B267259F"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3210798%40wp-hotel-booking%2Ftags%2F2.1.5&new=3214765%40wp-hotel-booking%2Ftags%2F2.1.6",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5df32365-5381-48e0-9313-7e83c4c6c440?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

42
CVE-2024/CVE-2024-134xx/CVE-2024-13472.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-13472",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-31T10:15:07.630",
"lastModified": "2025-01-31T10:15:07.630",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-11T21:06:13.237",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,22 +51,52 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wcproducttable:woocommerce_product_table:*:*:*:*:lite:wordpress:*:*",
"versionEndExcluding": "3.9.5",
"matchCriteriaId": "4A36BC9B-21C7-4E46-827B-38CD3391BCF8"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/wc-product-table-lite/trunk/main.php#L1843",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3231930/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://wordpress.org/plugins/wc-product-table-lite/#developers",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4f1a1171-3d7b-46a4-982e-fe318e3017b7?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

70
CVE-2024/CVE-2024-216xx/CVE-2024-21697.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21697",
"sourceIdentifier": "security@atlassian.com",
"published": "2024-11-19T19:15:07.937",
"lastModified": "2024-11-19T21:56:45.533",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-11T21:24:33.417",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "security@atlassian.com",
@ -39,14 +61,54 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:sourcetree:3.4.19:*:*:*:*:windows:*:*",
"matchCriteriaId": "B839C817-5C4C-4A68-A443-7DB09B8C837B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:sourcetree:4.2.8:*:*:*:*:macos:*:*",
"matchCriteriaId": "F04FBDBD-B558-4576-9D2D-3FE0860B4125"
}
]
}
]
}
],
"references": [
{
"url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1456179091",
"source": "security@atlassian.com"
"source": "security@atlassian.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://jira.atlassian.com/browse/SRCTREE-8168",
"source": "security@atlassian.com"
"source": "security@atlassian.com",
"tags": [
"Vendor Advisory"
]
}
]
}

56
CVE-2024/CVE-2024-219xx/CVE-2024-21924.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-21924",
"sourceIdentifier": "psirt@amd.com",
"published": "2025-02-11T21:15:12.437",
"lastModified": "2025-02-11T21:15:12.437",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SMM callout vulnerability within the AmdPlatformRasSspSmm driver could allow a ring 0 attacker to modify boot services handlers, potentially resulting in arbitrary code execution."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@amd.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.5,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "psirt@amd.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-250"
}
]
}
],
"references": [
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7028.html",
"source": "psirt@amd.com"
}
]
}

56
CVE-2024/CVE-2024-219xx/CVE-2024-21925.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-21925",
"sourceIdentifier": "psirt@amd.com",
"published": "2025-02-11T21:15:12.577",
"lastModified": "2025-02-11T21:15:12.577",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper input validation within the AmdPspP2CmboxV2 driver may allow a privileged attacker to overwrite SMRAM, leading to arbitrary code execution."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@amd.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.5,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "psirt@amd.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7027.html",
"source": "psirt@amd.com"
}
]
}

45
CVE-2024/CVE-2024-245xx/CVE-2024-24583.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-24583",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2024-05-28T14:15:11.380",
"lastModified": "2024-11-21T08:59:28.243",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-11T22:25:31.757",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,22 +51,55 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:libigl:libigl:2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "91BC184E-2C02-40C5-BA95-B2ADCF16C366"
}
]
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1928",
"source": "talos-cna@cisco.com"
"source": "talos-cna@cisco.com",
"tags": [
"Mitigation",
"Third Party Advisory"
]
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1928",
"source": "talos-cna@cisco.com"
"source": "talos-cna@cisco.com",
"tags": [
"Mitigation",
"Third Party Advisory"
]
},
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1928",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Third Party Advisory"
]
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1928",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Third Party Advisory"
]
}
]
}

45
CVE-2024/CVE-2024-245xx/CVE-2024-24584.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-24584",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2024-05-28T14:15:11.623",
"lastModified": "2024-11-21T08:59:28.360",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-11T22:29:21.440",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,22 +51,55 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:libigl:libigl:2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "91BC184E-2C02-40C5-BA95-B2ADCF16C366"
}
]
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1928",
"source": "talos-cna@cisco.com"
"source": "talos-cna@cisco.com",
"tags": [
"Technical Description",
"Third Party Advisory"
]
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1928",
"source": "talos-cna@cisco.com"
"source": "talos-cna@cisco.com",
"tags": [
"Technical Description",
"Third Party Advisory"
]
},
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1928",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description",
"Third Party Advisory"
]
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1928",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description",
"Third Party Advisory"
]
}
]
}

55
CVE-2024/CVE-2024-246xx/CVE-2024-24685.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-24685",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2024-05-28T14:15:12.043",
"lastModified": "2024-11-21T08:59:30.443",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-11T22:29:31.567",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -49,24 +49,67 @@
"value": "CWE-121"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:libigl:libigl:2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "91BC184E-2C02-40C5-BA95-B2ADCF16C366"
}
]
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1929",
"source": "talos-cna@cisco.com"
"source": "talos-cna@cisco.com",
"tags": [
"Technical Description",
"Third Party Advisory"
]
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1929",
"source": "talos-cna@cisco.com"
"source": "talos-cna@cisco.com",
"tags": [
"Technical Description",
"Third Party Advisory"
]
},
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1929",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description",
"Third Party Advisory"
]
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1929",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description",
"Third Party Advisory"
]
}
]
}

55
CVE-2024/CVE-2024-246xx/CVE-2024-24686.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-24686",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2024-05-28T14:15:12.270",
"lastModified": "2024-11-21T08:59:30.570",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-11T22:29:42.443",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -49,24 +49,67 @@
"value": "CWE-121"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:libigl:libigl:2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "91BC184E-2C02-40C5-BA95-B2ADCF16C366"
}
]
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1929",
"source": "talos-cna@cisco.com"
"source": "talos-cna@cisco.com",
"tags": [
"Technical Description",
"Third Party Advisory"
]
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1929",
"source": "talos-cna@cisco.com"
"source": "talos-cna@cisco.com",
"tags": [
"Technical Description",
"Third Party Advisory"
]
},
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1929",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description",
"Third Party Advisory"
]
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1929",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description",
"Third Party Advisory"
]
}
]
}

78
CVE-2024/CVE-2024-282xx/CVE-2024-28277.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-28277",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-14T15:14:18.617",
"lastModified": "2024-11-21T09:06:07.910",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-11T21:39:53.903",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,23 +15,87 @@
"value": "En Sourcecodester School Task Manager v1.0, se identific\u00f3 una vulnerabilidad dentro del par\u00e1metro sujeto_nombre=, lo que permite ataques de Cross-Site Scripting Almacenado (XSS). Esta vulnerabilidad permite a los atacantes manipular el nombre del sujeto, lo que podr\u00eda conducir a la ejecuci\u00f3n de payloads de JavaScript maliciosos."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:remyandrade:school_task_manager:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "912FFDF4-5A9C-4E91-AD6F-3AA762CE409E"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/unrealjbr/CVE-2024-28277",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "https://www.sourcecodester.com/download-code?nid=16877&title=School+Task+Manager+Using+PHP+with+Source+Code",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://github.com/unrealjbr/CVE-2024-28277",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
]
},
{
"url": "https://www.sourcecodester.com/download-code?nid=16877&title=School+Task+Manager+Using+PHP+with+Source+Code",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
}
]
}

68
CVE-2024/CVE-2024-320xx/CVE-2024-32037.json Normal file
View File

@ -0,0 +1,68 @@
{
"id": "CVE-2024-32037",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-02-11T22:15:27.930",
"lastModified": "2025-02-11T22:15:27.930",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "GeoNetwork is a catalog application to manage spatially referenced resources. In versions prior to 4.2.10 and 4.4.5, the search end-point response headers contain information about Elasticsearch software in use. This information is valuable from a security point of view because it allows software used by the server to be easily identified. GeoNetwork 4.4.5 and 4.2.10 fix this issue. No known workarounds are available."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N",
"baseScore": 0.0,
"baseSeverity": "NONE",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 0.0
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://docs.geonetwork-opensource.org/4.4/api/search",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/geonetwork/core-geonetwork/releases/tag/4.2.10",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/geonetwork/core-geonetwork/releases/tag/4.4.5",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/geonetwork/core-geonetwork/security/advisories/GHSA-52rf-25hq-5m33",
"source": "security-advisories@github.com"
}
]
}

34
CVE-2024/CVE-2024-320xx/CVE-2024-32085.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-32085",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-04-15T09:15:08.660",
"lastModified": "2024-11-21T09:14:26.423",
"lastModified": "2025-02-11T22:15:28.073",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -36,13 +36,43 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Primary",
"description": [
{
"lang": "en",

62
CVE-2024/CVE-2024-379xx/CVE-2024-37944.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-37944",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T09:15:06.017",
"lastModified": "2024-11-21T09:24:33.680",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-11T21:44:38.993",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -49,16 +69,50 @@
"value": "CWE-79"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wptravelengine:wp_travel_engine:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "5.9.2",
"matchCriteriaId": "4753BB0B-7B6D-466A-87EF-56E6A46632ED"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-travel-engine/wordpress-wp-travel-engine-tour-booking-plugin-tour-operator-software-plugin-5-9-1-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://patchstack.com/database/vulnerability/wp-travel-engine/wordpress-wp-travel-engine-tour-booking-plugin-tour-operator-software-plugin-5-9-1-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

21
CVE-2024/CVE-2024-513xx/CVE-2024-51324.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-51324",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-11T22:15:28.440",
"lastModified": "2025-02-11T22:15:28.440",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue in the BdApiUtil driver of Baidu Antivirus v5.2.3.116083 allows attackers to terminate arbitrary process via executing a BYOVD (Bring Your Own Vulnerable Driver) attack."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/magicsword-io/LOLDrivers/issues/204",
"source": "cve@mitre.org"
}
]
}

12
CVE-2024/CVE-2024-526xx/CVE-2024-52612.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-52612",
"sourceIdentifier": "psirt@solarwinds.com",
"published": "2025-02-11T08:15:31.433",
"lastModified": "2025-02-11T08:15:31.433",
"vulnStatus": "Received",
"lastModified": "2025-02-11T22:15:28.570",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -15,7 +15,7 @@
"cvssMetricV31": [
{
"source": "psirt@solarwinds.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
@ -38,7 +38,7 @@
"weaknesses": [
{
"source": "psirt@solarwinds.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -51,6 +51,10 @@
{
"url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2025-1_release_notes.htm",
"source": "psirt@solarwinds.com"
},
{
"url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2024-52612",
"source": "psirt@solarwinds.com"
}
]
}

4
CVE-2024/CVE-2024-539xx/CVE-2024-53996.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-53996",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-01-14T18:15:29.780",
"lastModified": "2025-01-14T18:15:29.780",
"lastModified": "2025-02-11T22:15:28.677",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Rejected reason: Unused spare CVE"
"value": "Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2024. Notes: none."
}
],
"metrics": {},

41
CVE-2024/CVE-2024-549xx/CVE-2024-54909.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-54909",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-06T22:15:38.250",
"lastModified": "2025-02-06T22:15:38.250",
"vulnStatus": "Received",
"lastModified": "2025-02-11T22:15:28.733",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -15,7 +15,42 @@
"value": "Se ha identificado una vulnerabilidad en el servidor eva v4.1.0 de GoldPanKit. Afecta al par\u00e1metro path del endpoint /api/resource/local/download, donde la manipulaci\u00f3n de este par\u00e1metro puede provocar la descarga de archivos arbitrarios."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://github.com/goldpankit/eva-springboot2/issues/2",

4
CVE-2024/CVE-2024-550xx/CVE-2024-55062.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-55062",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-31T22:15:10.463",
"lastModified": "2025-02-03T18:15:37.110",
"lastModified": "2025-02-11T22:15:28.900",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "EasyVirt DCScope 8.6.0 and earlier and co2Scope 1.3.0 and earlier are vulnerable to Command injection."
"value": "Code Injection vulnerability in EasyVirt DCScope <= 8.6.0 and CO2Scope <= 1.3.0 allows remote unauthenticated attackers to execute arbitrary code to /api/license/sendlicense/."
},
{
"lang": "es",

21
CVE-2024/CVE-2024-552xx/CVE-2024-55212.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-55212",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-11T22:15:29.063",
"lastModified": "2025-02-11T22:15:29.063",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "DNNGo xBlog v6.5.0 was discovered to contain a SQL injection vulnerability via the Categorys parameter at /DNNGo_xBlog/Resource_Service.aspx."
}
],
"metrics": {},
"references": [
{
"url": "https://www.invokesec.com/2025/01/13/a-real-world-example-of-blind-sqli/",
"source": "cve@mitre.org"
}
]
}

21
CVE-2024/CVE-2024-572xx/CVE-2024-57241.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-57241",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-11T22:15:29.233",
"lastModified": "2025-02-11T22:15:29.233",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Dedecms 5.71sp1 and earlier is vulnerable to URL redirect. In the web application, a logic error does not judge the input GET request resulting in URL redirection."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/woshidaheike/dedecms-url-redirection",
"source": "cve@mitre.org"
}
]
}

41
CVE-2024/CVE-2024-574xx/CVE-2024-57426.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-57426",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-06T20:15:39.923",
"lastModified": "2025-02-06T20:15:39.923",
"vulnStatus": "Received",
"lastModified": "2025-02-11T22:15:29.347",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -15,7 +15,42 @@
"value": "NetMod VPN Client 5.3.1 es vulnerable a la inyecci\u00f3n de DLL, lo que permite a un atacante ejecutar c\u00f3digo arbitrario colocando una DLL maliciosa en un directorio donde la aplicaci\u00f3n carga dependencias. Esta vulnerabilidad surge debido a la validaci\u00f3n incorrecta de librer\u00edas cargadas din\u00e1micamente."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
}
],
"references": [
{
"url": "https://github.com/iamsinghmanish/My-CVEs/tree/main/CVE-2024-57426",

6
CVE-2024/CVE-2024-576xx/CVE-2024-57686.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-57686",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-10T14:15:29.140",
"lastModified": "2025-01-10T15:15:16.003",
"lastModified": "2025-02-11T22:15:29.520",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -55,6 +55,10 @@
{
"url": "https://github.com/Santoshcyber1/CVE-wirteup/blob/main/Phpgurukul/Land%20record/Reflected%20Cross%20Site%20Scripting.pdf",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/lhRaMk7/notebook/blob/main/phar_rce",
"source": "cve@mitre.org"
}
]
}

21
CVE-2024/CVE-2024-577xx/CVE-2024-57777.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-57777",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-11T22:15:29.680",
"lastModified": "2025-02-11T22:15:29.680",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory Traversal vulnerability in Ianproxy v.0.1 and before allows a remote attacker to obtain sensitive information"
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/ffay/lanproxy/issues/192",
"source": "cve@mitre.org"
}
]
}

75
CVE-2024/CVE-2024-58xx/CVE-2024-5812.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5812",
"sourceIdentifier": "13061848-ea10-403d-bd75-c83a022c2891",
"published": "2024-06-11T16:15:29.207",
"lastModified": "2024-11-21T09:48:22.850",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-11T21:36:43.423",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 0.7,
"impactScore": 2.5
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 2.7,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.2,
"impactScore": 1.4
}
]
},
@ -49,16 +69,63 @@
"value": "CWE-290"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-290"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:beyondtrust:beyondinsight_password_safe:*:*:*:*:*:*:*:*",
"versionStartIncluding": "23.2",
"versionEndExcluding": "23.2.0.1293",
"matchCriteriaId": "D2FCF255-E458-4711-954F-32670810AED5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:beyondtrust:beyondinsight_password_safe:*:*:*:*:*:*:*:*",
"versionStartIncluding": "23.3",
"versionEndExcluding": "23.3.0.959",
"matchCriteriaId": "6B11F38B-D19C-4A46-91E0-22512C10FFAE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:beyondtrust:beyondinsight_password_safe:24.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FFC9B4D8-DCF1-4E5A-BB34-CA64B559BA4B"
}
]
}
]
}
],
"references": [
{
"url": "https://www.beyondtrust.com/trust-center/security-advisories/bt24-07",
"source": "13061848-ea10-403d-bd75-c83a022c2891"
"source": "13061848-ea10-403d-bd75-c83a022c2891",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.beyondtrust.com/trust-center/security-advisories/bt24-07",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

63
CVE-2024/CVE-2024-58xx/CVE-2024-5813.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5813",
"sourceIdentifier": "13061848-ea10-403d-bd75-c83a022c2891",
"published": "2024-06-11T16:15:29.480",
"lastModified": "2024-11-21T09:48:22.970",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-11T21:36:40.947",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 0.7,
"impactScore": 5.2
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
]
},
@ -49,16 +69,51 @@
"value": "CWE-200"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:beyondtrust:beyondinsight_password_safe:*:*:*:*:*:*:*:*",
"versionStartIncluding": "23.3",
"versionEndExcluding": "23.3.0.929",
"matchCriteriaId": "16A3910D-694D-47F7-B068-7B2089358D73"
}
]
}
]
}
],
"references": [
{
"url": "https://www.beyondtrust.com/trust-center/security-advisories/bt24-08",
"source": "13061848-ea10-403d-bd75-c83a022c2891"
"source": "13061848-ea10-403d-bd75-c83a022c2891",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.beyondtrust.com/trust-center/security-advisories/bt24-08",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

37
CVE-2024/CVE-2024-78xx/CVE-2024-7855.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7855",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-02T05:15:11.843",
"lastModified": "2024-10-04T13:50:43.727",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-11T21:42:45.820",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,18 +51,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:thimpress:wp_hotel_booking:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.1.3",
"matchCriteriaId": "8013D993-5CA2-48C2-80DD-D8C7158FDF19"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/wp-hotel-booking/trunk/includes/class-wphb-comments.php#L150",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3157905%40wp-hotel-booking&new=3157905%40wp-hotel-booking&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/784593ec-b635-4f59-9afb-ab506f786d21?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

37
CVE-2024/CVE-2024-87xx/CVE-2024-8735.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-8735",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-11-22T06:15:20.013",
"lastModified": "2024-11-22T06:15:20.013",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-11T21:23:08.700",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,18 +51,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mailmunch:mailmunch:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.1.8",
"matchCriteriaId": "C7F8E3E2-E8D4-4644-BF6E-17B151E0E8C0"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/mailmunch/tags/3.1.8/admin/partials/mailmunch-admin-display.php#L16",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3193789%40mailmunch&new=3193789%40mailmunch&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b1e45860-16c4-4d13-aad9-c742a8eced37?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

57
CVE-2025/CVE-2025-02xx/CVE-2025-0218.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-0218",
"sourceIdentifier": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007",
"published": "2025-01-07T20:15:30.710",
"lastModified": "2025-01-07T20:15:30.710",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-02-11T21:11:36.480",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
}
]
},
@ -49,12 +69,43 @@
"value": "CWE-340"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-330"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pgadmin:pgagent:*:*:*:*:*:postgresql:*:*",
"versionEndExcluding": "4.2.3",
"matchCriteriaId": "CC0AB842-1447-46E4-8845-B222B09EF4A2"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/pgadmin-org/pgagent/commit/1ecd193a2be3a3dc9e98f369495e1a792e6d508c",
"source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007"
"source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007",
"tags": [
"Patch"
]
}
]
}

16
CVE-2025/CVE-2025-09xx/CVE-2025-0989.json Normal file
View File

@ -0,0 +1,16 @@
{
"id": "CVE-2025-0989",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-02-11T21:15:12.823",
"lastModified": "2025-02-11T21:15:12.823",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-12315. Reason: This candidate is a reservation duplicate of CVE-2024-12315. Notes: All CVE users should reference CVE-2024-12315 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
],
"metrics": {},
"references": []
}

56
CVE-2025/CVE-2025-12xx/CVE-2025-1240.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-1240",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2025-02-11T22:15:29.800",
"lastModified": "2025-02-11T22:15:29.800",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "WinZip 7Z File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of WinZip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of 7Z files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24986."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "zdi-disclosures@trendmicro.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-047/",
"source": "zdi-disclosures@trendmicro.com"
}
]
}

52
CVE-2025/CVE-2025-211xx/CVE-2025-21177.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-21177",
"sourceIdentifier": "secure@microsoft.com",
"published": "2025-02-06T23:15:08.573",
"lastModified": "2025-02-06T23:15:08.573",
"vulnStatus": "Received",
"lastModified": "2025-02-11T22:19:45.057",
"vulnStatus": "Analyzed",
"cveTags": [
{
"sourceIdentifier": "secure@microsoft.com",
@ -16,13 +16,17 @@
{
"lang": "en",
"value": "Server-Side Request Forgery (SSRF) in Microsoft Dynamics 365 Sales allows an authorized attacker to elevate privileges over a network."
},
{
"lang": "es",
"value": "Server-Side Request Forgery (SSRF) en Microsoft Dynamics 365 Sales permite que un atacante autorizado eleve privilegios en una red."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N",
@ -39,6 +43,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 5.8
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -54,10 +78,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:dynamics_365_sales:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9C2775E0-D3AC-40AD-82E7-28BCC3F90907"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21177",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Vendor Advisory"
]
}
]
}

47
CVE-2025/CVE-2025-212xx/CVE-2025-21253.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-21253",
"sourceIdentifier": "secure@microsoft.com",
"published": "2025-02-06T23:15:08.737",
"lastModified": "2025-02-06T23:15:08.737",
"vulnStatus": "Received",
"lastModified": "2025-02-11T22:18:40.563",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Microsoft Edge for IOS and Android Spoofing Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de suplantaci\u00f3n de identidad en Microsoft Edge para iOS y Android"
}
],
"metrics": {
@ -38,19 +42,54 @@
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-451"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:edge:-:*:*:*:*:android:*:*",
"matchCriteriaId": "8336D506-F4DE-42AE-809A-ABA67C92079C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:edge:-:*:*:*:*:iphone_os:*:*",
"matchCriteriaId": "4BC5AD97-94AE-4F5C-8B41-B36D5A74B9BE"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21253",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Vendor Advisory"
]
}
]
}

43
CVE-2025/CVE-2025-212xx/CVE-2025-21267.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-21267",
"sourceIdentifier": "secure@microsoft.com",
"published": "2025-02-06T23:15:08.893",
"lastModified": "2025-02-06T23:15:08.893",
"vulnStatus": "Received",
"lastModified": "2025-02-11T22:16:55.863",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Microsoft Edge (Chromium-based) Spoofing Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de suplantaci\u00f3n de identidad en Microsoft Edge (basado en Chromium)"
}
],
"metrics": {
@ -38,19 +42,50 @@
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-358"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*",
"versionEndExcluding": "133.0.3065.51",
"matchCriteriaId": "DBE35BFE-750D-46EA-9540-4A317BB9247A"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21267",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Vendor Advisory"
]
}
]
}

65
CVE-2025/CVE-2025-212xx/CVE-2025-21279.json
View File

@ -2,20 +2,24 @@
"id": "CVE-2025-21279",
"sourceIdentifier": "secure@microsoft.com",
"published": "2025-02-06T23:15:09.043",
"lastModified": "2025-02-06T23:15:09.043",
"vulnStatus": "Received",
"lastModified": "2025-02-11T22:16:48.810",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en Microsoft Edge (basado en Chromium)"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
@ -32,25 +36,76 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-843"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*",
"versionEndExcluding": "133.0.3065.51",
"matchCriteriaId": "DBE35BFE-750D-46EA-9540-4A317BB9247A"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21279",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Vendor Advisory"
]
}
]
}

65
CVE-2025/CVE-2025-212xx/CVE-2025-21283.json
View File

@ -2,20 +2,24 @@
"id": "CVE-2025-21283",
"sourceIdentifier": "secure@microsoft.com",
"published": "2025-02-06T23:15:09.213",
"lastModified": "2025-02-06T23:15:09.213",
"vulnStatus": "Received",
"lastModified": "2025-02-11T22:14:16.607",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en Microsoft Edge (basado en Chromium)"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
@ -32,25 +36,76 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1222"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*",
"versionEndExcluding": "133.0.3065.51",
"matchCriteriaId": "DBE35BFE-750D-46EA-9540-4A317BB9247A"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21283",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Vendor Advisory"
]
}
]
}

43
CVE-2025/CVE-2025-213xx/CVE-2025-21342.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-21342",
"sourceIdentifier": "secure@microsoft.com",
"published": "2025-02-06T23:15:09.363",
"lastModified": "2025-02-06T23:15:09.363",
"vulnStatus": "Received",
"lastModified": "2025-02-11T22:13:09.940",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en Microsoft Edge (basado en Chromium)"
}
],
"metrics": {
@ -38,19 +42,50 @@
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-843"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*",
"versionEndExcluding": "133.0.3065.51",
"matchCriteriaId": "DBE35BFE-750D-46EA-9540-4A317BB9247A"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21342",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Vendor Advisory"
]
}
]
}

41
CVE-2025/CVE-2025-214xx/CVE-2025-21404.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-21404",
"sourceIdentifier": "secure@microsoft.com",
"published": "2025-02-06T23:15:09.700",
"lastModified": "2025-02-11T18:15:38.663",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-02-11T22:00:00.150",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -42,7 +42,7 @@
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -51,8 +51,18 @@
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -61,10 +71,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*",
"versionEndExcluding": "133.0.3065.51",
"matchCriteriaId": "DBE35BFE-750D-46EA-9540-4A317BB9247A"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21404",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Vendor Advisory"
]
}
]
}

27
CVE-2025/CVE-2025-223xx/CVE-2025-22389.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-22389",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-04T02:15:07.600",
"lastModified": "2025-01-04T03:15:07.580",
"lastModified": "2025-02-11T22:15:29.927",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "Se descubri\u00f3 un problema en Optimizely EPiServer.CMS.Core antes de la versi\u00f3n 12.32.0. Existe una vulnerabilidad de gravedad media en el CMS, donde la aplicaci\u00f3n no valida correctamente los archivos cargados. Esto permite la carga de tipos de archivos potencialmente maliciosos, incluidos .docm y .html. Cuando los usuarios de la aplicaci\u00f3n acceden a estos archivos, estos pueden usarse para ejecutar acciones maliciosas o comprometer los sistemas de los usuarios."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "cve@mitre.org",

41
CVE-2025/CVE-2025-229xx/CVE-2025-22936.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-22936",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-06T20:15:40.460",
"lastModified": "2025-02-06T20:15:40.460",
"vulnStatus": "Received",
"lastModified": "2025-02-11T22:15:30.207",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -15,7 +15,42 @@
"value": "Un problema en Smartcom Bulgaria AD Smartcom Ralink CPE/WiFi router SAM-4G1G-TT-W-VC, SAM-4F1F-TT-W-A1, permite a un atacante remoto obtener informaci\u00f3n confidencial a trav\u00e9s del algoritmo de generaci\u00f3n de contrase\u00f1a WiFi predeterminada d\u00e9bil en los enrutadores WiFi."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-327"
}
]
}
],
"references": [
{
"url": "http://smartcom.com",

41
CVE-2025/CVE-2025-230xx/CVE-2025-23093.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-23093",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-06T20:15:40.587",
"lastModified": "2025-02-06T20:15:40.587",
"vulnStatus": "Received",
"lastModified": "2025-02-11T22:15:30.427",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -15,7 +15,42 @@
"value": "El componente Plataforma de Mitel OpenScape 4000 y OpenScape 4000 Manager a trav\u00e9s de V10 R1.54.1 y V11 a trav\u00e9s de R0.22.1 podr\u00eda permitir que un atacante autenticado realice un ataque de escalada de privilegios debido a la ejecuci\u00f3n de un recurso con privilegios innecesarios. Una explotaci\u00f3n exitosa podr\u00eda permitir que un atacante ejecute comandos arbitrarios con privilegios elevados."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"references": [
{
"url": "https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-misa-2025-0001",

41
CVE-2025/CVE-2025-230xx/CVE-2025-23094.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-23094",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-06T21:15:23.477",
"lastModified": "2025-02-06T21:15:23.477",
"vulnStatus": "Received",
"lastModified": "2025-02-11T22:15:30.597",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -15,7 +15,42 @@
"value": "Platform component of Mitel OpenScape 4000 and OpenScape 4000 Manager V11 R0.22.0 through V11 R0.22.1, V10 R1.54.0 through V10 R1.54.1, and V10 R1.42.6 y anteriores podr\u00eda permitir que un atacante no autenticado realice un ataque de inyecci\u00f3n de comandos debido a una desinfecci\u00f3n insuficiente de los par\u00e1metros. Una explotaci\u00f3n exitosa podr\u00eda permitir que un atacante ejecute comandos arbitrarios dentro del mismo nivel de privilegio que el proceso de acceso web."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"references": [
{
"url": "https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-misa-2025-0001",

101
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2025-02-11T21:00:36.396524+00:00
2025-02-11T23:00:32.112139+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2025-02-11T20:57:42.027000+00:00
2025-02-11T22:29:42.443000+00:00
```
### Last Data Feed Release
@ -33,69 +33,60 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
280887
280903
```
### CVEs added in the last Commit
Recently added CVEs: `34`
Recently added CVEs: `16`
- [CVE-2024-21966](CVE-2024/CVE-2024-219xx/CVE-2024-21966.json) (`2025-02-11T20:15:34.210`)
- [CVE-2025-0899](CVE-2025/CVE-2025-08xx/CVE-2025-0899.json) (`2025-02-11T20:15:34.347`)
- [CVE-2025-0901](CVE-2025/CVE-2025-09xx/CVE-2025-0901.json) (`2025-02-11T20:15:34.480`)
- [CVE-2025-0902](CVE-2025/CVE-2025-09xx/CVE-2025-0902.json) (`2025-02-11T20:15:34.610`)
- [CVE-2025-0903](CVE-2025/CVE-2025-09xx/CVE-2025-0903.json) (`2025-02-11T20:15:34.737`)
- [CVE-2025-0904](CVE-2025/CVE-2025-09xx/CVE-2025-0904.json) (`2025-02-11T20:15:34.867`)
- [CVE-2025-0905](CVE-2025/CVE-2025-09xx/CVE-2025-0905.json) (`2025-02-11T20:15:34.997`)
- [CVE-2025-0906](CVE-2025/CVE-2025-09xx/CVE-2025-0906.json) (`2025-02-11T20:15:35.113`)
- [CVE-2025-0907](CVE-2025/CVE-2025-09xx/CVE-2025-0907.json) (`2025-02-11T20:15:35.240`)
- [CVE-2025-0908](CVE-2025/CVE-2025-09xx/CVE-2025-0908.json) (`2025-02-11T20:15:35.370`)
- [CVE-2025-0909](CVE-2025/CVE-2025-09xx/CVE-2025-0909.json) (`2025-02-11T20:15:35.500`)
- [CVE-2025-0910](CVE-2025/CVE-2025-09xx/CVE-2025-0910.json) (`2025-02-11T20:15:35.633`)
- [CVE-2025-0911](CVE-2025/CVE-2025-09xx/CVE-2025-0911.json) (`2025-02-11T20:15:35.770`)
- [CVE-2025-1044](CVE-2025/CVE-2025-10xx/CVE-2025-1044.json) (`2025-02-11T20:15:35.913`)
- [CVE-2025-1052](CVE-2025/CVE-2025-10xx/CVE-2025-1052.json) (`2025-02-11T20:15:36.070`)
- [CVE-2025-25202](CVE-2025/CVE-2025-252xx/CVE-2025-25202.json) (`2025-02-11T19:15:18.690`)
- [CVE-2025-25522](CVE-2025/CVE-2025-255xx/CVE-2025-25522.json) (`2025-02-11T19:15:18.883`)
- [CVE-2025-25523](CVE-2025/CVE-2025-255xx/CVE-2025-25523.json) (`2025-02-11T19:15:19.000`)
- [CVE-2025-25524](CVE-2025/CVE-2025-255xx/CVE-2025-25524.json) (`2025-02-11T19:15:19.110`)
- [CVE-2025-25525](CVE-2025/CVE-2025-255xx/CVE-2025-25525.json) (`2025-02-11T20:15:38.727`)
- [CVE-2025-25526](CVE-2025/CVE-2025-255xx/CVE-2025-25526.json) (`2025-02-11T20:15:38.850`)
- [CVE-2025-25527](CVE-2025/CVE-2025-255xx/CVE-2025-25527.json) (`2025-02-11T20:15:38.973`)
- [CVE-2025-25528](CVE-2025/CVE-2025-255xx/CVE-2025-25528.json) (`2025-02-11T20:15:39.090`)
- [CVE-2025-25529](CVE-2025/CVE-2025-255xx/CVE-2025-25529.json) (`2025-02-11T20:15:39.217`)
- [CVE-2025-25530](CVE-2025/CVE-2025-255xx/CVE-2025-25530.json) (`2025-02-11T20:15:39.327`)
- [CVE-2022-3180](CVE-2022/CVE-2022-31xx/CVE-2022-3180.json) (`2025-02-11T22:15:24.180`)
- [CVE-2023-20507](CVE-2023/CVE-2023-205xx/CVE-2023-20507.json) (`2025-02-11T21:15:10.620`)
- [CVE-2023-20515](CVE-2023/CVE-2023-205xx/CVE-2023-20515.json) (`2025-02-11T22:15:26.087`)
- [CVE-2023-20581](CVE-2023/CVE-2023-205xx/CVE-2023-20581.json) (`2025-02-11T22:15:26.223`)
- [CVE-2023-20582](CVE-2023/CVE-2023-205xx/CVE-2023-20582.json) (`2025-02-11T22:15:26.347`)
- [CVE-2023-31331](CVE-2023/CVE-2023-313xx/CVE-2023-31331.json) (`2025-02-11T22:15:26.643`)
- [CVE-2024-0179](CVE-2024/CVE-2024-01xx/CVE-2024-0179.json) (`2025-02-11T21:15:12.280`)
- [CVE-2024-21924](CVE-2024/CVE-2024-219xx/CVE-2024-21924.json) (`2025-02-11T21:15:12.437`)
- [CVE-2024-21925](CVE-2024/CVE-2024-219xx/CVE-2024-21925.json) (`2025-02-11T21:15:12.577`)
- [CVE-2024-32037](CVE-2024/CVE-2024-320xx/CVE-2024-32037.json) (`2025-02-11T22:15:27.930`)
- [CVE-2024-51324](CVE-2024/CVE-2024-513xx/CVE-2024-51324.json) (`2025-02-11T22:15:28.440`)
- [CVE-2024-55212](CVE-2024/CVE-2024-552xx/CVE-2024-55212.json) (`2025-02-11T22:15:29.063`)
- [CVE-2024-57241](CVE-2024/CVE-2024-572xx/CVE-2024-57241.json) (`2025-02-11T22:15:29.233`)
- [CVE-2024-57777](CVE-2024/CVE-2024-577xx/CVE-2024-57777.json) (`2025-02-11T22:15:29.680`)
- [CVE-2025-0989](CVE-2025/CVE-2025-09xx/CVE-2025-0989.json) (`2025-02-11T21:15:12.823`)
- [CVE-2025-1240](CVE-2025/CVE-2025-12xx/CVE-2025-1240.json) (`2025-02-11T22:15:29.800`)
### CVEs modified in the last Commit
Recently modified CVEs: `47`
Recently modified CVEs: `67`
- [CVE-2024-31378](CVE-2024/CVE-2024-313xx/CVE-2024-31378.json) (`2025-02-11T20:15:36.033`)
- [CVE-2024-37308](CVE-2024/CVE-2024-373xx/CVE-2024-37308.json) (`2025-02-11T20:16:37.487`)
- [CVE-2024-38761](CVE-2024/CVE-2024-387xx/CVE-2024-38761.json) (`2025-02-11T19:31:28.193`)
- [CVE-2024-43322](CVE-2024/CVE-2024-433xx/CVE-2024-43322.json) (`2025-02-11T19:32:20.650`)
- [CVE-2024-49311](CVE-2024/CVE-2024-493xx/CVE-2024-49311.json) (`2025-02-11T19:36:08.167`)
- [CVE-2024-49312](CVE-2024/CVE-2024-493xx/CVE-2024-49312.json) (`2025-02-11T19:35:40.277`)
- [CVE-2024-50664](CVE-2024/CVE-2024-506xx/CVE-2024-50664.json) (`2025-02-11T20:57:42.027`)
- [CVE-2024-50665](CVE-2024/CVE-2024-506xx/CVE-2024-50665.json) (`2025-02-11T20:51:48.500`)
- [CVE-2024-7356](CVE-2024/CVE-2024-73xx/CVE-2024-7356.json) (`2025-02-11T20:12:23.717`)
- [CVE-2024-7419](CVE-2024/CVE-2024-74xx/CVE-2024-7419.json) (`2025-02-11T19:25:14.023`)
- [CVE-2024-7425](CVE-2024/CVE-2024-74xx/CVE-2024-7425.json) (`2025-02-11T19:12:49.997`)
- [CVE-2024-7624](CVE-2024/CVE-2024-76xx/CVE-2024-7624.json) (`2025-02-11T20:13:25.027`)
- [CVE-2024-8787](CVE-2024/CVE-2024-87xx/CVE-2024-8787.json) (`2025-02-11T20:14:03.967`)
- [CVE-2024-9110](CVE-2024/CVE-2024-91xx/CVE-2024-9110.json) (`2025-02-11T20:43:02.223`)
- [CVE-2024-9664](CVE-2024/CVE-2024-96xx/CVE-2024-9664.json) (`2025-02-11T19:16:44.527`)
- [CVE-2025-0803](CVE-2025/CVE-2025-08xx/CVE-2025-0803.json) (`2025-02-11T19:48:06.860`)
- [CVE-2025-0806](CVE-2025/CVE-2025-08xx/CVE-2025-0806.json) (`2025-02-11T19:46:22.923`)
- [CVE-2025-21408](CVE-2025/CVE-2025-214xx/CVE-2025-21408.json) (`2025-02-11T19:36:51.360`)
- [CVE-2025-22303](CVE-2025/CVE-2025-223xx/CVE-2025-22303.json) (`2025-02-11T19:37:15.263`)
- [CVE-2025-24200](CVE-2025/CVE-2025-242xx/CVE-2025-24200.json) (`2025-02-11T19:15:17.037`)
- [CVE-2025-24559](CVE-2025/CVE-2025-245xx/CVE-2025-24559.json) (`2025-02-11T19:37:35.493`)
- [CVE-2025-24596](CVE-2025/CVE-2025-245xx/CVE-2025-24596.json) (`2025-02-11T19:57:43.547`)
- [CVE-2025-24598](CVE-2025/CVE-2025-245xx/CVE-2025-24598.json) (`2025-02-11T19:37:53.377`)
- [CVE-2025-24644](CVE-2025/CVE-2025-246xx/CVE-2025-24644.json) (`2025-02-11T19:53:56.887`)
- [CVE-2025-25160](CVE-2025/CVE-2025-251xx/CVE-2025-25160.json) (`2025-02-11T19:28:40.520`)
- [CVE-2024-28277](CVE-2024/CVE-2024-282xx/CVE-2024-28277.json) (`2025-02-11T21:39:53.903`)
- [CVE-2024-32085](CVE-2024/CVE-2024-320xx/CVE-2024-32085.json) (`2025-02-11T22:15:28.073`)
- [CVE-2024-37944](CVE-2024/CVE-2024-379xx/CVE-2024-37944.json) (`2025-02-11T21:44:38.993`)
- [CVE-2024-52612](CVE-2024/CVE-2024-526xx/CVE-2024-52612.json) (`2025-02-11T22:15:28.570`)
- [CVE-2024-53996](CVE-2024/CVE-2024-539xx/CVE-2024-53996.json) (`2025-02-11T22:15:28.677`)
- [CVE-2024-54909](CVE-2024/CVE-2024-549xx/CVE-2024-54909.json) (`2025-02-11T22:15:28.733`)
- [CVE-2024-55062](CVE-2024/CVE-2024-550xx/CVE-2024-55062.json) (`2025-02-11T22:15:28.900`)
- [CVE-2024-57426](CVE-2024/CVE-2024-574xx/CVE-2024-57426.json) (`2025-02-11T22:15:29.347`)
- [CVE-2024-57686](CVE-2024/CVE-2024-576xx/CVE-2024-57686.json) (`2025-02-11T22:15:29.520`)
- [CVE-2024-5812](CVE-2024/CVE-2024-58xx/CVE-2024-5812.json) (`2025-02-11T21:36:43.423`)
- [CVE-2024-5813](CVE-2024/CVE-2024-58xx/CVE-2024-5813.json) (`2025-02-11T21:36:40.947`)
- [CVE-2024-7855](CVE-2024/CVE-2024-78xx/CVE-2024-7855.json) (`2025-02-11T21:42:45.820`)
- [CVE-2024-8735](CVE-2024/CVE-2024-87xx/CVE-2024-8735.json) (`2025-02-11T21:23:08.700`)
- [CVE-2025-0218](CVE-2025/CVE-2025-02xx/CVE-2025-0218.json) (`2025-02-11T21:11:36.480`)
- [CVE-2025-21177](CVE-2025/CVE-2025-211xx/CVE-2025-21177.json) (`2025-02-11T22:19:45.057`)
- [CVE-2025-21253](CVE-2025/CVE-2025-212xx/CVE-2025-21253.json) (`2025-02-11T22:18:40.563`)
- [CVE-2025-21267](CVE-2025/CVE-2025-212xx/CVE-2025-21267.json) (`2025-02-11T22:16:55.863`)
- [CVE-2025-21279](CVE-2025/CVE-2025-212xx/CVE-2025-21279.json) (`2025-02-11T22:16:48.810`)
- [CVE-2025-21283](CVE-2025/CVE-2025-212xx/CVE-2025-21283.json) (`2025-02-11T22:14:16.607`)
- [CVE-2025-21342](CVE-2025/CVE-2025-213xx/CVE-2025-21342.json) (`2025-02-11T22:13:09.940`)
- [CVE-2025-21404](CVE-2025/CVE-2025-214xx/CVE-2025-21404.json) (`2025-02-11T22:00:00.150`)
- [CVE-2025-22389](CVE-2025/CVE-2025-223xx/CVE-2025-22389.json) (`2025-02-11T22:15:29.927`)
- [CVE-2025-22936](CVE-2025/CVE-2025-229xx/CVE-2025-22936.json) (`2025-02-11T22:15:30.207`)
- [CVE-2025-23093](CVE-2025/CVE-2025-230xx/CVE-2025-23093.json) (`2025-02-11T22:15:30.427`)
- [CVE-2025-23094](CVE-2025/CVE-2025-230xx/CVE-2025-23094.json) (`2025-02-11T22:15:30.597`)
## Download and Usage

310
_state.csv
View File

File diff suppressed because it is too large Load Diff