admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-21 17:41:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-02-23T17:01:13.176416+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-02-23 17:01:16 +00:00
parent 6766515da4
commit 9f50ac27e5
62 changed files with 1620 additions and 89 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
CVE-2021/CVE-2021-320xx/CVE-2021-32040.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2021-32040",
"sourceIdentifier": "cna@mongodb.com",
"published": "2022-04-12T15:15:07.707",
"lastModified": "2023-02-03T19:13:37.470",
"vulnStatus": "Analyzed",
"lastModified": "2024-02-23T16:15:46.120",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "It may be possible to have an extremely long aggregation pipeline in conjunction with a specific stage/operator and cause a stack overflow due to the size of the stack frames used by that stage. If an attacker could cause such an aggregation to occur, they could maliciously crash MongoDB in a DoS attack. This vulnerability affects MongoDB versions prior to 5.0.4, 4.4.11, 4.2.16."
"value": "It may be possible to have an extremely long aggregation pipeline in conjunction with a specific stage/operator and cause a stack overflow due to the size of the stack frames used by that stage. If an attacker could cause such an aggregation to occur, they could maliciously crash MongoDB in a DoS attack. This vulnerability affects MongoDB Server v4.4 versions prior to and including 4.4.28, MongoDB Server v5.0 versions prior to 5.0.4 and MongoDB Server v4.2 versions prior to 4.2.16.\n\nWorkaround:\u00a0>= v4.2.16 users and all v4.4 users can add the --setParameter internalPipelineLengthLimit=50 instead of the default 1000 to mongod at startup to prevent a crash.\n\n"
},
{
"lang": "es",

10
CVE-2021/CVE-2021-341xx/CVE-2021-34193.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2021-34193",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:16:20.913",
"lastModified": "2023-08-28T17:04:48.407",
"lastModified": "2024-02-23T16:07:24.660",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Stack overflow vulnerability in OpenSC smart card middleware before 0.23 via crafted responses to APDUs."
},
{
"lang": "es",
"value": "Vulnerabilidad de desbordamiento de pila en el middleware de tarjetas inteligentes OpenSC anterior a 0.23 a trav\u00e9s de respuestas a APDUs manipuladas."
}
],
"metrics": {
@ -56,8 +60,8 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:opensc_project:opensc:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.23.0",
"matchCriteriaId": "1B74AA73-8F23-4675-9206-1806EBE8BE23"
"versionEndExcluding": "0.22.0",
"matchCriteriaId": "B75A7FDD-CA09-46EF-8FAC-11732898B84B"
}
]
}

4
CVE-2023/CVE-2023-244xx/CVE-2023-24416.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-24416",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-02-23T12:15:45.990",
"lastModified": "2024-02-23T12:15:45.990",
"vulnStatus": "Received",
"lastModified": "2024-02-23T16:14:43.447",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

14
CVE-2023/CVE-2023-26xx/CVE-2023-2617.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2617",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-10T06:15:16.853",
"lastModified": "2023-11-07T04:12:57.800",
"vulnStatus": "Modified",
"lastModified": "2024-02-23T16:07:41.990",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -33,7 +33,7 @@
"impactScore": 3.6
},
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -55,7 +55,7 @@
],
"cvssMetricV2": [
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
@ -91,7 +91,7 @@
]
},
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
@ -111,9 +111,9 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:opencv:opencv:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0.0",
"versionStartIncluding": "4.5.2",
"versionEndIncluding": "4.7.0",
"matchCriteriaId": "2F329482-7377-4F5C-A4FE-1422E54D8BAA"
"matchCriteriaId": "C972C011-33EA-4902-BECD-9D822FECB047"
}
]
}

15
CVE-2023/CVE-2023-26xx/CVE-2023-2618.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2618",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-10T06:15:17.577",
"lastModified": "2023-11-07T04:12:58.110",
"vulnStatus": "Modified",
"lastModified": "2024-02-23T16:02:27.367",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -33,7 +33,7 @@
"impactScore": 3.6
},
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -55,7 +55,7 @@
],
"cvssMetricV2": [
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
@ -81,7 +81,7 @@
},
"weaknesses": [
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
@ -101,8 +101,9 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:opencv:opencv:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.0",
"matchCriteriaId": "1108CEC2-E3CC-4F9C-B772-3A9216B1E195"
"versionStartIncluding": "4.5.2",
"versionEndExcluding": "4.8.0",
"matchCriteriaId": "1E48C61B-44A4-4B46-8B52-33F0DD50DB35"
}
]
}

8
CVE-2023/CVE-2023-375xx/CVE-2023-37540.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-37540",
"sourceIdentifier": "psirt@hcl.com",
"published": "2024-02-23T07:15:47.700",
"lastModified": "2024-02-23T07:15:47.700",
"vulnStatus": "Received",
"lastModified": "2024-02-23T16:14:43.447",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Sametime Connect desktop chat client includes, but does not use or require, the use of an Eclipse feature called Secure Storage. Using this Eclipse feature to store sensitive data can lead to exposure of that data.\n"
},
{
"lang": "es",
"value": "El cliente de chat de escritorio de Sametime Connect incluye, pero no utiliza ni requiere, el uso de una caracter\u00edstica de Eclipse llamada Almacenamiento seguro. El uso de esta funci\u00f3n de Eclipse para almacenar datos confidenciales puede provocar la exposici\u00f3n de esos datos."
}
],
"metrics": {

8
CVE-2023/CVE-2023-410xx/CVE-2023-41056.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41056",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-10T16:15:46.557",
"lastModified": "2024-01-22T18:58:13.877",
"vulnStatus": "Analyzed",
"lastModified": "2024-02-23T16:15:46.293",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -157,6 +157,10 @@
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20240223-0003/",
"source": "security-advisories@github.com"
}
]
}

8
CVE-2023/CVE-2023-48xx/CVE-2023-4826.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-4826",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-02-23T10:15:07.680",
"lastModified": "2024-02-23T10:15:07.680",
"vulnStatus": "Received",
"lastModified": "2024-02-23T16:14:43.447",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The SocialDriver WordPress theme before version 2024 has a prototype pollution vulnerability that could allow an attacker to inject arbitrary properties resulting in a cross-site scripting (XSS) attack."
},
{
"lang": "es",
"value": "El tema SocialDriver de WordPress anterior a la versi\u00f3n 2024 tiene un prototipo de vulnerabilidad de contaminaci\u00f3n que podr\u00eda permitir a un atacante inyectar propiedades arbitrarias, lo que resultar\u00eda en un ataque de cross site scripting (XSS)."
}
],
"metrics": {},

6
CVE-2023/CVE-2023-494xx/CVE-2023-49489.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-49489",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-19T10:15:07.943",
"lastModified": "2023-12-22T10:13:39.257",
"vulnStatus": "Analyzed",
"lastModified": "2024-02-23T15:15:07.970",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Reflective Cross Site Scripting (XSS) vulnerability in KodeExplorer version 4.51, allows attackers to obtain sensitive information and escalate privileges via the APP_HOST parameter at config/i18n/en/main.php."
"value": "Reflective Cross Site Scripting (XSS) vulnerability in KodExplorer version 4.51, allows attackers to obtain sensitive information and escalate privileges via the APP_HOST parameter at config/i18n/en/main.php."
},
{
"lang": "es",

9
CVE-2023/CVE-2023-51xx/CVE-2023-5156.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5156",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-09-25T16:15:15.613",
"lastModified": "2024-02-02T04:15:08.577",
"vulnStatus": "Modified",
"lastModified": "2024-02-23T16:01:18.390",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -167,7 +167,10 @@
},
{
"url": "https://security.gentoo.org/glsa/202402-01",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=30884",

28
CVE-2023/CVE-2023-524xx/CVE-2023-52453.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-52453",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-02-23T15:15:08.083",
"lastModified": "2024-02-23T16:14:43.447",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nhisi_acc_vfio_pci: Update migration data pointer correctly on saving/resume\n\nWhen the optional PRE_COPY support was added to speed up the device\ncompatibility check, it failed to update the saving/resuming data\npointers based on the fd offset. This results in migration data\ncorruption and when the device gets started on the destination the\nfollowing error is reported in some cases,\n\n[ 478.907684] arm-smmu-v3 arm-smmu-v3.2.auto: event 0x10 received:\n[ 478.913691] arm-smmu-v3 arm-smmu-v3.2.auto: 0x0000310200000010\n[ 478.919603] arm-smmu-v3 arm-smmu-v3.2.auto: 0x000002088000007f\n[ 478.925515] arm-smmu-v3 arm-smmu-v3.2.auto: 0x0000000000000000\n[ 478.931425] arm-smmu-v3 arm-smmu-v3.2.auto: 0x0000000000000000\n[ 478.947552] hisi_zip 0000:31:00.0: qm_axi_rresp [error status=0x1] found\n[ 478.955930] hisi_zip 0000:31:00.0: qm_db_timeout [error status=0x400] found\n[ 478.955944] hisi_zip 0000:31:00.0: qm sq doorbell timeout in function 2"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/45f80b2f230df10600e6fa1b83b28bf1c334185e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/6bda81e24a35a856f58e6a5786de579b07371603",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/be12ad45e15b5ee0e2526a50266ba1d295d26a88",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

44
CVE-2023/CVE-2023-524xx/CVE-2023-52454.json Normal file
View File

@ -0,0 +1,44 @@
{
"id": "CVE-2023-52454",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-02-23T15:15:08.137",
"lastModified": "2024-02-23T16:14:43.447",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvmet-tcp: Fix a kernel panic when host sends an invalid H2C PDU length\n\nIf the host sends an H2CData command with an invalid DATAL,\nthe kernel may crash in nvmet_tcp_build_pdu_iovec().\n\nUnable to handle kernel NULL pointer dereference at\nvirtual address 0000000000000000\nlr : nvmet_tcp_io_work+0x6ac/0x718 [nvmet_tcp]\nCall trace:\n process_one_work+0x174/0x3c8\n worker_thread+0x2d0/0x3e8\n kthread+0x104/0x110\n\nFix the bug by raising a fatal error if DATAL isn't coherent\nwith the packet size.\nAlso, the PDU length should never exceed the MAXH2CDATA parameter which\nhas been communicated to the host in nvmet_tcp_handle_icreq()."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/24e05760186dc070d3db190ca61efdbce23afc88",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/2871aa407007f6f531fae181ad252486e022df42",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/4cb3cf7177ae3666be7fb27d4ad4d72a295fb02d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/70154e8d015c9b4fb56c1a2ef1fc8b83d45c7f68",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ee5e7632e981673f42a50ade25e71e612e543d9d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/efa56305908ba20de2104f1b8508c6a7401833be",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f775f2621c2ac5cc3a0b3a64665dad4fb146e510",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

28
CVE-2023/CVE-2023-524xx/CVE-2023-52455.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-52455",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-02-23T15:15:08.193",
"lastModified": "2024-02-23T16:14:43.447",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu: Don't reserve 0-length IOVA region\n\nWhen the bootloader/firmware doesn't setup the framebuffers, their\naddress and size are 0 in \"iommu-addresses\" property. If IOVA region is\nreserved with 0 length, then it ends up corrupting the IOVA rbtree with\nan entry which has pfn_hi < pfn_lo.\nIf we intend to use display driver in kernel without framebuffer then\nit's causing the display IOMMU mappings to fail as entire valid IOVA\nspace is reserved when address and length are passed as 0.\nAn ideal solution would be firmware removing the \"iommu-addresses\"\nproperty and corresponding \"memory-region\" if display is not present.\nBut the kernel should be able to handle this by checking for size of\nIOVA region and skipping the IOVA reservation if size is 0. Also, add\na warning if firmware is requesting 0-length IOVA region reservation."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/5e23e283910c9f30248732ae0770bcb0c9438abf",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/98b8a550da83cc392a14298c4b3eaaf0332ae6ad",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/bb57f6705960bebeb832142ce9abf43220c3eab1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

40
CVE-2023/CVE-2023-524xx/CVE-2023-52456.json Normal file
View File

@ -0,0 +1,40 @@
{
"id": "CVE-2023-52456",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-02-23T15:15:08.237",
"lastModified": "2024-02-23T16:14:43.447",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: imx: fix tx statemachine deadlock\n\nWhen using the serial port as RS485 port, the tx statemachine is used to\ncontrol the RTS pin to drive the RS485 transceiver TX_EN pin. When the\nTTY port is closed in the middle of a transmission (for instance during\nuserland application crash), imx_uart_shutdown disables the interface\nand disables the Transmission Complete interrupt. afer that,\nimx_uart_stop_tx bails on an incomplete transmission, to be retriggered\nby the TC interrupt. This interrupt is disabled and therefore the tx\nstatemachine never transitions out of SEND. The statemachine is in\ndeadlock now, and the TX_EN remains low, making the interface useless.\n\nimx_uart_stop_tx now checks for incomplete transmission AND whether TC\ninterrupts are enabled before bailing to be retriggered. This makes sure\nthe state machine handling is reached, and is properly set to\nWAIT_AFTER_SEND."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/63ee7be01a3f7d28b1ea8b8d7944f12bb7b0ed06",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/6e04a9d30509fb53ba6df5d655ed61d607a7cfda",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/763cd68746317b5d746dc2649a3295c1efb41181",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/78d60dae9a0c9f09aa3d6477c94047df2fe6f7b0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9a662d06c22ddfa371958c2071dc350436be802b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ff168d4fdb0e1ba35fb413a749b3d6cce918ec19",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

44
CVE-2023/CVE-2023-524xx/CVE-2023-52457.json Normal file
View File

@ -0,0 +1,44 @@
{
"id": "CVE-2023-52457",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-02-23T15:15:08.290",
"lastModified": "2024-02-23T16:14:43.447",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: 8250: omap: Don't skip resource freeing if pm_runtime_resume_and_get() failed\n\nReturning an error code from .remove() makes the driver core emit the\nlittle helpful error message:\n\n\tremove callback returned a non-zero value. This will be ignored.\n\nand then remove the device anyhow. So all resources that were not freed\nare leaked in this case. Skipping serial8250_unregister_port() has the\npotential to keep enough of the UART around to trigger a use-after-free.\n\nSo replace the error return (and with it the little helpful error\nmessage) by a more useful error message and continue to cleanup."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/828cd829483f0cda920710997aed79130b0af690",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/887a558d0298d36297daea039954c39940228d9b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/95e4e0031effad9837af557ecbfd4294a4d8aeee",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ad90d0358bd3b4554f243a425168fc7cebe7d04e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b502fb43f7fb55aaf07f6092ab44657595214b93",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/bc57f3ef8a9eb0180606696f586a6dcfaa175ed0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d74173bda29aba58f822175d983d07c8ed335494",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

36
CVE-2023/CVE-2023-524xx/CVE-2023-52458.json Normal file
View File

@ -0,0 +1,36 @@
{
"id": "CVE-2023-52458",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-02-23T15:15:08.340",
"lastModified": "2024-02-23T16:14:43.447",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: add check that partition length needs to be aligned with block size\n\nBefore calling add partition or resize partition, there is no check\non whether the length is aligned with the logical block size.\nIf the logical block size of the disk is larger than 512 bytes,\nthen the partition size maybe not the multiple of the logical block size,\nand when the last sector is read, bio_truncate() will adjust the bio size,\nresulting in an IO error if the size of the read command is smaller than\nthe logical block size.If integrity data is supported, this will also\nresult in a null pointer dereference when calling bio_integrity_free."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/5010c27120962c85d2f421d2cf211791c9603503",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/6f64f866aa1ae6975c95d805ed51d7e9433a0016",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/bcdc288e7bc008daf38ef0401b53e4a8bb61bbe5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/cb16cc1abda18a9514106d2ac8c8d7abc0be5ed8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ef31cc87794731ffcb578a195a2c47d744e25fb8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

28
CVE-2023/CVE-2023-524xx/CVE-2023-52459.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-52459",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-02-23T15:15:08.387",
"lastModified": "2024-02-23T16:14:43.447",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: v4l: async: Fix duplicated list deletion\n\nThe list deletion call dropped here is already called from the\nhelper function in the line before. Having a second list_del()\ncall results in either a warning (with CONFIG_DEBUG_LIST=y):\n\nlist_del corruption, c46c8198->next is LIST_POISON1 (00000100)\n\nIf CONFIG_DEBUG_LIST is disabled the operation results in a\nkernel error due to NULL pointer dereference."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/3de6ee94aae701fa949cd3b5df6b6a440ddfb8f2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/49d82811428469566667f22749610b8c132cdb3e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b7062628caeaec90e8f691ebab2d70f31b7b6b91",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

24
CVE-2023/CVE-2023-524xx/CVE-2023-52460.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-52460",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-02-23T15:15:08.440",
"lastModified": "2024-02-23T16:14:43.447",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix NULL pointer dereference at hibernate\n\nDuring hibernate sequence the source context might not have a clk_mgr.\nSo don't use it to look for DML2 support."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/6b80326efff093d037e0971831dca6ebddba9b45",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b719a9c15d52d4f56bdea8241a5d90fd9197ce99",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

24
CVE-2023/CVE-2023-524xx/CVE-2023-52461.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-52461",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-02-23T15:15:08.490",
"lastModified": "2024-02-23T16:14:43.447",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/sched: Fix bounds limiting when given a malformed entity\n\nIf we're given a malformed entity in drm_sched_entity_init()--shouldn't\nhappen, but we verify--with out-of-bounds priority value, we set it to an\nallowed value. Fix the expression which sets this limit."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/1470d173925d697b497656b93f7c5bddae2e64b2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/2bbe6ab2be53858507f11f99f856846d04765ae3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

40
CVE-2023/CVE-2023-524xx/CVE-2023-52462.json Normal file
View File

@ -0,0 +1,40 @@
{
"id": "CVE-2023-52462",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-02-23T15:15:08.540",
"lastModified": "2024-02-23T16:14:43.447",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: fix check for attempt to corrupt spilled pointer\n\nWhen register is spilled onto a stack as a 1/2/4-byte register, we set\nslot_type[BPF_REG_SIZE - 1] (plus potentially few more below it,\ndepending on actual spill size). So to check if some stack slot has\nspilled register we need to consult slot_type[7], not slot_type[0].\n\nTo avoid the need to remember and double-check this in the future, just\nuse is_spilled_reg() helper."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/2757f17972d87773b3677777f5682510f13c66ef",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/40617d45ea05535105e202a8a819e388a2b1f036",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/67e6707f07354ed1acb4e65552e97c60cf9d69cf",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/8dc15b0670594543c356567a1a45b0182ec63174",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ab125ed3ec1c10ccc36bc98c7a4256ad114a3dae",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/fc3e3c50a0a4cac1463967c110686189e4a59104",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

40
CVE-2023/CVE-2023-524xx/CVE-2023-52463.json Normal file
View File

@ -0,0 +1,40 @@
{
"id": "CVE-2023-52463",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-02-23T15:15:08.590",
"lastModified": "2024-02-23T16:14:43.447",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nefivarfs: force RO when remounting if SetVariable is not supported\n\nIf SetVariable at runtime is not supported by the firmware we never assign\na callback for that function. At the same time mount the efivarfs as\nRO so no one can call that. However, we never check the permission flags\nwhen someone remounts the filesystem as RW. As a result this leads to a\ncrash looking like this:\n\n$ mount -o remount,rw /sys/firmware/efi/efivars\n$ efi-updatevar -f PK.auth PK\n\n[ 303.279166] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000\n[ 303.280482] Mem abort info:\n[ 303.280854] ESR = 0x0000000086000004\n[ 303.281338] EC = 0x21: IABT (current EL), IL = 32 bits\n[ 303.282016] SET = 0, FnV = 0\n[ 303.282414] EA = 0, S1PTW = 0\n[ 303.282821] FSC = 0x04: level 0 translation fault\n[ 303.283771] user pgtable: 4k pages, 48-bit VAs, pgdp=000000004258c000\n[ 303.284913] [0000000000000000] pgd=0000000000000000, p4d=0000000000000000\n[ 303.286076] Internal error: Oops: 0000000086000004 [#1] PREEMPT SMP\n[ 303.286936] Modules linked in: qrtr tpm_tis tpm_tis_core crct10dif_ce arm_smccc_trng rng_core drm fuse ip_tables x_tables ipv6\n[ 303.288586] CPU: 1 PID: 755 Comm: efi-updatevar Not tainted 6.3.0-rc1-00108-gc7d0c4695c68 #1\n[ 303.289748] Hardware name: Unknown Unknown Product/Unknown Product, BIOS 2023.04-00627-g88336918701d 04/01/2023\n[ 303.291150] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 303.292123] pc : 0x0\n[ 303.292443] lr : efivar_set_variable_locked+0x74/0xec\n[ 303.293156] sp : ffff800008673c10\n[ 303.293619] x29: ffff800008673c10 x28: ffff0000037e8000 x27: 0000000000000000\n[ 303.294592] x26: 0000000000000800 x25: ffff000002467400 x24: 0000000000000027\n[ 303.295572] x23: ffffd49ea9832000 x22: ffff0000020c9800 x21: ffff000002467000\n[ 303.296566] x20: 0000000000000001 x19: 00000000000007fc x18: 0000000000000000\n[ 303.297531] x17: 0000000000000000 x16: 0000000000000000 x15: 0000aaaac807ab54\n[ 303.298495] x14: ed37489f673633c0 x13: 71c45c606de13f80 x12: 47464259e219acf4\n[ 303.299453] x11: ffff000002af7b01 x10: 0000000000000003 x9 : 0000000000000002\n[ 303.300431] x8 : 0000000000000010 x7 : ffffd49ea8973230 x6 : 0000000000a85201\n[ 303.301412] x5 : 0000000000000000 x4 : ffff0000020c9800 x3 : 00000000000007fc\n[ 303.302370] x2 : 0000000000000027 x1 : ffff000002467400 x0 : ffff000002467000\n[ 303.303341] Call trace:\n[ 303.303679] 0x0\n[ 303.303938] efivar_entry_set_get_size+0x98/0x16c\n[ 303.304585] efivarfs_file_write+0xd0/0x1a4\n[ 303.305148] vfs_write+0xc4/0x2e4\n[ 303.305601] ksys_write+0x70/0x104\n[ 303.306073] __arm64_sys_write+0x1c/0x28\n[ 303.306622] invoke_syscall+0x48/0x114\n[ 303.307156] el0_svc_common.constprop.0+0x44/0xec\n[ 303.307803] do_el0_svc+0x38/0x98\n[ 303.308268] el0_svc+0x2c/0x84\n[ 303.308702] el0t_64_sync_handler+0xf4/0x120\n[ 303.309293] el0t_64_sync+0x190/0x194\n[ 303.309794] Code: ???????? ???????? ???????? ???????? (????????)\n[ 303.310612] ---[ end trace 0000000000000000 ]---\n\nFix this by adding a .reconfigure() function to the fs operations which\nwe can use to check the requested flags and deny anything that's not RO\nif the firmware doesn't implement SetVariable at runtime."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/0049fe7e4a85849bdd778cdb72e51a791ff3d737",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/0e8d2444168dd519fea501599d150e62718ed2fe",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/2aa141f8bc580f8f9811dfe4e0e6009812b73826",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/94c742324ed7e42c5bd6a9ed22e4ec6d764db4d8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d4a714873db0866cc471521114eeac4a5072d548",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d4a9aa7db574a0da64307729cc031fb68597aa8b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

48
CVE-2023/CVE-2023-524xx/CVE-2023-52464.json Normal file
View File

@ -0,0 +1,48 @@
{
"id": "CVE-2023-52464",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-02-23T15:15:08.647",
"lastModified": "2024-02-23T16:14:43.447",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nEDAC/thunderx: Fix possible out-of-bounds string access\n\nEnabling -Wstringop-overflow globally exposes a warning for a common bug\nin the usage of strncat():\n\n drivers/edac/thunderx_edac.c: In function 'thunderx_ocx_com_threaded_isr':\n drivers/edac/thunderx_edac.c:1136:17: error: 'strncat' specified bound 1024 equals destination size [-Werror=stringop-overflow=]\n 1136 | strncat(msg, other, OCX_MESSAGE_SIZE);\n | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n ...\n 1145 | strncat(msg, other, OCX_MESSAGE_SIZE);\n ...\n 1150 | strncat(msg, other, OCX_MESSAGE_SIZE);\n\n ...\n\nApparently the author of this driver expected strncat() to behave the\nway that strlcat() does, which uses the size of the destination buffer\nas its third argument rather than the length of the source buffer. The\nresult is that there is no check on the size of the allocated buffer.\n\nChange it to strlcat().\n\n [ bp: Trim compiler output, fixup commit message. ]"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/426fae93c01dffa379225eb2bd4d3cdc42c6eec5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/475c58e1a471e9b873e3e39958c64a2d278275c8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/5da3b6e7196f0b4f3728e4e25eb20233a9ddfaf6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/6aa7865ba7ff7f0ede0035180fb3b9400ceb405a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/700cf4bead80fac994dcc43ae1ca5d86d8959b21",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/71c17ee02538802ceafc830f0736aa35b564e601",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9dbac9fdae6e3b411fc4c3fca3bf48f70609c398",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e1c86511241588efffaa49556196f09a498d5057",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

6
CVE-2023/CVE-2023-60xx/CVE-2023-6004.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-6004",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-01-03T17:15:11.623",
"lastModified": "2024-01-25T12:15:45.527",
"lastModified": "2024-02-23T16:15:46.433",
"vulnStatus": "Modified",
"descriptions": [
{
@ -154,6 +154,10 @@
"Vendor Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20240223-0004/",
"source": "secalert@redhat.com"
},
{
"url": "https://www.libssh.org/security/advisories/CVE-2023-6004.txt",
"source": "secalert@redhat.com",

8
CVE-2023/CVE-2023-66xx/CVE-2023-6683.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6683",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-01-12T19:15:11.480",
"lastModified": "2024-01-22T19:50:27.717",
"vulnStatus": "Analyzed",
"lastModified": "2024-02-23T16:15:46.577",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -132,6 +132,10 @@
"Issue Tracking",
"Patch"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20240223-0001/",
"source": "secalert@redhat.com"
}
]
}

6
CVE-2023/CVE-2023-67xx/CVE-2023-6779.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-6779",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-01-31T14:15:48.700",
"lastModified": "2024-02-15T07:15:10.220",
"lastModified": "2024-02-23T16:15:46.700",
"vulnStatus": "Modified",
"descriptions": [
{
@ -172,6 +172,10 @@
"Third Party Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20240223-0006/",
"source": "secalert@redhat.com"
},
{
"url": "https://www.openwall.com/lists/oss-security/2024/01/30/6",
"source": "secalert@redhat.com",

8
CVE-2024/CVE-2024-05xx/CVE-2024-0563.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-0563",
"sourceIdentifier": "security@m-files.com",
"published": "2024-02-23T09:15:22.263",
"lastModified": "2024-02-23T09:15:22.263",
"vulnStatus": "Received",
"lastModified": "2024-02-23T16:14:43.447",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Denial of service condition in M-Files Server in\u00a0versions before 24.2 (excluding 23.2 SR7 and 23.8 SR5) allows anonymous user to cause denial of service against other anonymous users."
},
{
"lang": "es",
"value": "La condici\u00f3n de denegaci\u00f3n de servicio en M-Files Server en versiones anteriores a la 24.2 (excluyendo 23.2 SR7 y 23.8 SR5) permite a un usuario an\u00f3nimo provocar una denegaci\u00f3n de servicio contra otros usuarios an\u00f3nimos."
}
],
"metrics": {

8
CVE-2024/CVE-2024-05xx/CVE-2024-0565.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0565",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-01-15T20:15:43.630",
"lastModified": "2024-02-05T19:33:59.377",
"vulnStatus": "Analyzed",
"lastModified": "2024-02-23T16:15:46.843",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -140,6 +140,10 @@
"Third Party Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20240223-0002/",
"source": "secalert@redhat.com"
},
{
"url": "https://www.spinics.net/lists/stable-commits/msg328851.html",
"source": "secalert@redhat.com",

8
CVE-2024/CVE-2024-08xx/CVE-2024-0831.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0831",
"sourceIdentifier": "security@hashicorp.com",
"published": "2024-02-01T02:15:46.330",
"lastModified": "2024-02-09T15:16:56.083",
"vulnStatus": "Analyzed",
"lastModified": "2024-02-23T16:15:46.980",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -121,6 +121,10 @@
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20240223-0005/",
"source": "security@hashicorp.com"
}
]
}

8
CVE-2024/CVE-2024-10xx/CVE-2024-1048.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1048",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-02-06T18:15:59.250",
"lastModified": "2024-02-13T21:22:10.380",
"vulnStatus": "Analyzed",
"lastModified": "2024-02-23T16:15:47.093",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -156,6 +156,10 @@
"Vendor Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20240223-0007/",
"source": "secalert@redhat.com"
},
{
"url": "https://www.openwall.com/lists/oss-security/2024/02/06/3",
"source": "secalert@redhat.com",

4
CVE-2024/CVE-2024-13xx/CVE-2024-1360.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1360",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-02-23T11:15:08.310",
"lastModified": "2024-02-23T11:15:08.310",
"vulnStatus": "Received",
"lastModified": "2024-02-23T16:14:43.447",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-13xx/CVE-2024-1361.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1361",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-02-23T11:15:08.567",
"lastModified": "2024-02-23T11:15:08.567",
"vulnStatus": "Received",
"lastModified": "2024-02-23T16:14:43.447",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-13xx/CVE-2024-1362.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1362",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-02-23T11:15:08.750",
"lastModified": "2024-02-23T11:15:08.750",
"vulnStatus": "Received",
"lastModified": "2024-02-23T16:14:43.447",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

8
CVE-2024/CVE-2024-15xx/CVE-2024-1590.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-1590",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-02-23T10:15:07.757",
"lastModified": "2024-02-23T10:15:07.757",
"vulnStatus": "Received",
"lastModified": "2024-02-23T16:14:43.447",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The Page Builder: Pagelayer \u2013 Drag and Drop website builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Button Widget in all versions up to, and including, 1.8.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
},
{
"lang": "es",
"value": "El complemento Page Builder: Pagelayer \u2013 Drag and Drop website builder para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s del widget de bot\u00f3n del complemento en todas las versiones hasta la 1.8.2 incluida, debido a una sanitizaci\u00f3n insuficiente de las entradas y a que la salida se escape en los atributos proporcionados por el usuario. Esto hace posible que atacantes autenticados con permisos de nivel de colaborador y superiores inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
}
],
"metrics": {

8
CVE-2024/CVE-2024-17xx/CVE-2024-1776.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-1776",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-02-23T07:15:48.120",
"lastModified": "2024-02-23T07:15:48.120",
"vulnStatus": "Received",
"lastModified": "2024-02-23T16:14:43.447",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The Admin side data storage for Contact Form 7 plugin for WordPress is vulnerable to SQL Injection via the 'form-id' parameter in all versions up to, and including, 1.1.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."
},
{
"lang": "es",
"value": "El almacenamiento de datos del lado del administrador para el complemento Contact Form 7 para WordPress es vulnerable a la inyecci\u00f3n SQL a trav\u00e9s del par\u00e1metro 'form-id' en todas las versiones hasta la 1.1.1 incluida, debido a un escape insuficiente en el par\u00e1metro proporcionado por el usuario y a la falta de suficiente preparaci\u00f3n de la consulta SQL existente. Esto hace posible que atacantes autenticados, con acceso de nivel de administrador y superior, agreguen consultas SQL adicionales a consultas ya existentes que pueden usarse para extraer informaci\u00f3n confidencial de la base de datos."
}
],
"metrics": {

8
CVE-2024/CVE-2024-17xx/CVE-2024-1777.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-1777",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-02-23T07:15:48.477",
"lastModified": "2024-02-23T07:15:48.477",
"vulnStatus": "Received",
"lastModified": "2024-02-23T16:14:43.447",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The Admin side data storage for Contact Form 7 plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.1. This is due to missing or incorrect nonce validation on the settings update function. This makes it possible for unauthenticated attackers to update the plugin's settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
},
{
"lang": "es",
"value": "El almacenamiento de datos del lado del administrador para el complemento Contact Form 7 para WordPress es vulnerable a Cross-Site Request Forgery en todas las versiones hasta la 1.1.1 incluida. Esto se debe a una validaci\u00f3n nonce faltante o incorrecta en la funci\u00f3n de actualizaci\u00f3n de configuraci\u00f3n. Esto hace posible que atacantes no autenticados actualicen la configuraci\u00f3n del complemento a trav\u00e9s de una solicitud falsificada, siempre que puedan enga\u00f1ar al administrador del sitio para que realice una acci\u00f3n como hacer clic en un enlace."
}
],
"metrics": {

8
CVE-2024/CVE-2024-17xx/CVE-2024-1778.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-1778",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-02-23T07:15:48.793",
"lastModified": "2024-02-23T07:15:48.793",
"vulnStatus": "Received",
"lastModified": "2024-02-23T16:14:43.447",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The Admin side data storage for Contact Form 7 plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the zt_dcfcf_change_bookmark() function in all versions up to, and including, 1.1.1. This makes it possible for unauthenticated attackers to alter bookmark statuses."
},
{
"lang": "es",
"value": "El almacenamiento de datos del lado del administrador para el complemento Contact Form 7 para WordPress es vulnerable a modificaciones no autorizadas de datos debido a una falta de verificaci\u00f3n de capacidad en la funci\u00f3n zt_dcfcf_change_bookmark() en todas las versiones hasta la 1.1.1 incluida. Esto hace posible que atacantes no autenticados alteren los estados de los marcadores."
}
],
"metrics": {

8
CVE-2024/CVE-2024-17xx/CVE-2024-1779.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-1779",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-02-23T07:15:49.133",
"lastModified": "2024-02-23T07:15:49.133",
"vulnStatus": "Received",
"lastModified": "2024-02-23T16:14:43.447",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The Admin side data storage for Contact Form 7 plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the zt_dcfcf_change_status() function in all versions up to, and including, 1.1.1. This makes it possible for unauthenticated attackers to alter the message read status of messages."
},
{
"lang": "es",
"value": "El almacenamiento de datos del lado del administrador para el complemento Contact Form 7 para WordPress es vulnerable a modificaciones no autorizadas de datos debido a una falta de verificaci\u00f3n de capacidad en la funci\u00f3n zt_dcfcf_change_status() en todas las versiones hasta la 1.1.1 incluida. Esto hace posible que atacantes no autenticados alteren el estado de lectura de los mensajes."
}
],
"metrics": {

4
CVE-2024/CVE-2024-18xx/CVE-2024-1817.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1817",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-02-23T14:15:44.847",
"lastModified": "2024-02-23T14:15:44.847",
"vulnStatus": "Received",
"lastModified": "2024-02-23T16:14:43.447",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

88
CVE-2024/CVE-2024-18xx/CVE-2024-1818.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2024-1818",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-02-23T15:15:08.700",
"lastModified": "2024-02-23T16:14:43.447",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in CodeAstro Membership Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /uploads/ of the component Logo Handler. The manipulation leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-254606 is the identifier assigned to this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "MULTIPLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 6.4,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://drive.google.com/file/d/1EqHqZXfxhNkrDXNfx7wglpxaa5ZlPbx4/view?usp=drive_link",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.254606",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.254606",
"source": "cna@vuldb.com"
}
]
}

88
CVE-2024/CVE-2024-18xx/CVE-2024-1819.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2024-1819",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-02-23T15:15:08.933",
"lastModified": "2024-02-23T16:14:43.447",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in CodeAstro Membership Management System 1.0. It has been classified as critical. This affects an unknown part of the component Add Members Tab. The manipulation of the argument Member Photo leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-254607."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "MULTIPLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 6.4,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://drive.google.com/file/d/12sNvBJ7wYjZ-2NBLdyG4e-L8sOO-zrbK/view?usp=sharing",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.254607",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.254607",
"source": "cna@vuldb.com"
}
]
}

88
CVE-2024/CVE-2024-18xx/CVE-2024-1820.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2024-1820",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-02-23T16:15:47.223",
"lastModified": "2024-02-23T16:15:47.223",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in code-projects Crime Reporting System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file inchargelogin.php. The manipulation of the argument email/password leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-254608."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/jxp98/VulResearch/blob/main/2024/02/1Crime%20Reporting%20System%20-%20SQL%20Injection.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.254608",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.254608",
"source": "cna@vuldb.com"
}
]
}

88
CVE-2024/CVE-2024-18xx/CVE-2024-1821.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2024-1821",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-02-23T16:15:47.510",
"lastModified": "2024-02-23T16:15:47.510",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in code-projects Crime Reporting System 1.0. It has been rated as critical. This issue affects some unknown processing of the file police_add.php. The manipulation of the argument police_name/police_id/police_spec/password leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier VDB-254609 was assigned to this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.1,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "ADJACENT_NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 5.1,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/jxp98/VulResearch/blob/main/2024/02/2Crime%20Reporting%20System%20-%20SQL%20Injection-police_add.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.254609",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.254609",
"source": "cna@vuldb.com"
}
]
}

88
CVE-2024/CVE-2024-18xx/CVE-2024-1822.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2024-1822",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-02-23T16:15:47.817",
"lastModified": "2024-02-23T16:15:47.817",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic has been found in PHPGurukul Tourism Management System 1.0. Affected is an unknown function of the file user-bookings.php. The manipulation of the argument Full Name leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-254610 is the identifier assigned to this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 2.4,
"baseSeverity": "LOW"
},
"exploitabilityScore": 0.9,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:M/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "MULTIPLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 3.3
},
"baseSeverity": "LOW",
"exploitabilityScore": 6.4,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://drive.google.com/file/d/1ulzFlRqsex39dDUOFU2LbmphrQblSAwn/view?usp=drive_link",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.254610",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.254610",
"source": "cna@vuldb.com"
}
]
}

88
CVE-2024/CVE-2024-18xx/CVE-2024-1823.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2024-1823",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-02-23T16:15:48.043",
"lastModified": "2024-02-23T16:15:48.043",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in CodeAstro Simple Voting System 1.0. Affected by this vulnerability is an unknown functionality of the file users.php of the component Backend. The manipulation leads to improper access controls. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-254611."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://docs.qq.com/doc/DYll0ZEFKcUdGYlNr",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.254611",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.254611",
"source": "cna@vuldb.com"
}
]
}

88
CVE-2024/CVE-2024-18xx/CVE-2024-1824.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2024-1824",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-02-23T16:15:48.263",
"lastModified": "2024-02-23T16:15:48.263",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, has been found in CodeAstro House Rental Management System 1.0. Affected by this issue is some unknown functionality of the file signing.php. The manipulation of the argument uname/password leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-254612."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://docs.qq.com/doc/DYk9QcHVFRENObWtj",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.254612",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.254612",
"source": "cna@vuldb.com"
}
]
}

43
CVE-2024/CVE-2024-213xx/CVE-2024-21381.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-21381",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-02-13T18:15:56.333",
"lastModified": "2024-02-13T18:22:43.577",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-23T16:11:13.877",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Azure Active Directory B2C Spoofing Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de suplantaci\u00f3n de identidad de Microsoft Azure Active Directory B2C"
}
],
"metrics": {
@ -34,10 +38,43 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:azure_active_directory:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF5AE58-9819-45B6-BE7F-49B8F3CBE542"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21381",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

8
CVE-2024/CVE-2024-222xx/CVE-2024-22243.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-22243",
"sourceIdentifier": "security@vmware.com",
"published": "2024-02-23T05:15:08.143",
"lastModified": "2024-02-23T05:15:08.143",
"vulnStatus": "Received",
"lastModified": "2024-02-23T16:14:43.447",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Applications that use UriComponentsBuilder\u00a0to parse an externally provided URL (e.g. through a query parameter) AND\u00a0perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html \u00a0attack or to a SSRF attack if the URL is used after passing validation checks.\n"
},
{
"lang": "es",
"value": "Las aplicaciones que utilizan UriComponentsBuilder para analizar una URL proporcionada externamente (por ejemplo, a trav\u00e9s de un par\u00e1metro de consulta) Y realizan comprobaciones de validaci\u00f3n en el host de la URL analizada pueden ser vulnerables a una redirecci\u00f3n abierta https://cwe.mitre.org/data/definitions/601 .html o a un ataque SSRF si la URL se utiliza despu\u00e9s de pasar las comprobaciones de validaci\u00f3n."
}
],
"metrics": {

6
CVE-2024/CVE-2024-226xx/CVE-2024-22667.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-22667",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-05T08:15:44.110",
"lastModified": "2024-02-15T03:15:34.767",
"lastModified": "2024-02-23T16:15:48.487",
"vulnStatus": "Modified",
"descriptions": [
{
@ -91,6 +91,10 @@
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UIQLVUSYHDN3644K6EFDI7PRZOTIKXM3/",
"source": "cve@mitre.org"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240223-0008/",
"source": "cve@mitre.org"
}
]
}

24
CVE-2024/CVE-2024-227xx/CVE-2024-22776.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2024-22776",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-23T15:15:09.180",
"lastModified": "2024-02-23T16:14:43.447",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Wallos 0.9 is vulnerable to Cross Site Scripting (XSS) in all text-based input fields without proper validation, excluding those requiring specific formats like date fields."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/ellite/Wallos",
"source": "cve@mitre.org"
},
{
"url": "https://webity-luescher.notion.site/webity-luescher/Wallos-v0-9-to-v1-2-2-CVE-2024-22776-Stored-XSS-Vulnerability-in-all-text-based-input-fields-6622fb4cfbe0430aa0b1d4b3edcb67b0",
"source": "cve@mitre.org"
}
]
}

8
CVE-2024/CVE-2024-248xx/CVE-2024-24806.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-24806",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-02-07T22:15:10.173",
"lastModified": "2024-02-15T05:02:23.020",
"lastModified": "2024-02-23T16:08:31.370",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -80,9 +80,9 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:libuv:libuv:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.24.0",
"versionEndIncluding": "1.48.0",
"matchCriteriaId": "AC41FB55-F981-41EA-A6C0-7E6ECB400BCC"
"versionStartIncluding": "1.45.0",
"versionEndExcluding": "1.48.0",
"matchCriteriaId": "733778F9-8BDA-4412-BB06-A0985228819F"
}
]
}

59
CVE-2024/CVE-2024-256xx/CVE-2024-25629.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2024-25629",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-02-23T15:15:09.237",
"lastModified": "2024-02-23T16:14:43.447",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "c-ares is a C library for asynchronous DNS requests. `ares__read_line()` is used to parse local configuration files such as `/etc/resolv.conf`, `/etc/nsswitch.conf`, the `HOSTALIASES` file, and if using a c-ares version prior to 1.27.0, the `/etc/hosts` file. If any of these configuration files has an embedded `NULL` character as the first character in a new line, it can lead to attempting to read memory prior to the start of the given buffer which may result in a crash. This issue is fixed in c-ares 1.27.0. No known workarounds exist."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-127"
}
]
}
],
"references": [
{
"url": "https://github.com/c-ares/c-ares/commit/a804c04ddc8245fc8adf0e92368709639125e183",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/c-ares/c-ares/security/advisories/GHSA-mg26-v6qh-x48q",
"source": "security-advisories@github.com"
}
]
}

4
CVE-2024/CVE-2024-259xx/CVE-2024-25915.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-25915",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-02-23T12:15:46.263",
"lastModified": "2024-02-23T12:15:46.263",
"vulnStatus": "Received",
"lastModified": "2024-02-23T16:14:43.447",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-259xx/CVE-2024-25928.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-25928",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-02-23T12:15:46.467",
"lastModified": "2024-02-23T12:15:46.467",
"vulnStatus": "Received",
"lastModified": "2024-02-23T16:14:43.447",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

67
CVE-2024/CVE-2024-261xx/CVE-2024-26150.json Normal file
View File

@ -0,0 +1,67 @@
{
"id": "CVE-2024-26150",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-02-23T16:15:48.570",
"lastModified": "2024-02-23T16:15:48.570",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "`@backstage/backend-common` is a common functionality library for backends for Backstage, an open platform for building developer portals. In `@backstage/backend-common` prior to versions 0.21.1, 0.20.2, and 0.19.10, paths checks with the `resolveSafeChildPath` utility were not exhaustive enough, leading to risk of path traversal vulnerabilities if symlinks can be injected by attackers. This issue is patched in `@backstage/backend-common` versions 0.21.1, 0.20.2, and 0.19.10."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.3,
"impactScore": 5.8
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://github.com/backstage/backstage/commit/1ad2b1b61ebb430051f7d804b0cc7ebfe7922b6f",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/backstage/backstage/commit/78f892b3a84d63de2ba167928f171154c447b717",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/backstage/backstage/commit/edf65d7d31e027599c2415f597d085ee84807871",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/backstage/backstage/security/advisories/GHSA-2fc9-xpp8-2g9h",
"source": "security-advisories@github.com"
}
]
}

8
CVE-2024/CVE-2024-265xx/CVE-2024-26593.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-26593",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-02-23T10:15:07.943",
"lastModified": "2024-02-23T10:15:07.943",
"vulnStatus": "Received",
"lastModified": "2024-02-23T16:14:43.447",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: i801: Fix block process call transactions\n\nAccording to the Intel datasheets, software must reset the block\nbuffer index twice for block process call transactions: once before\nwriting the outgoing data to the buffer, and once again before\nreading the incoming data from the buffer.\n\nThe driver is currently missing the second reset, causing the wrong\nportion of the block buffer to be read."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: i2c: i801: Reparar transacciones de llamada de proceso de bloque Seg\u00fan las hojas de datos de Intel, el software debe restablecer el \u00edndice del b\u00fafer de bloque dos veces para transacciones de llamada de proceso de bloque: una vez antes de escribir los datos salientes en el b\u00fafer , y una vez m\u00e1s antes de leer los datos entrantes del b\u00fafer. Actualmente, al controlador le falta el segundo reinicio, lo que provoca que se lea la parte incorrecta del b\u00fafer de bloque."
}
],
"metrics": {},

4
CVE-2024/CVE-2024-265xx/CVE-2024-26594.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26594",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-02-23T14:15:45.150",
"lastModified": "2024-02-23T14:15:45.150",
"vulnStatus": "Received",
"lastModified": "2024-02-23T16:14:43.447",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

28
CVE-2024/CVE-2024-265xx/CVE-2024-26595.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2024-26595",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-02-23T15:15:09.443",
"lastModified": "2024-02-23T16:14:43.447",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmlxsw: spectrum_acl_tcam: Fix NULL pointer dereference in error path\n\nWhen calling mlxsw_sp_acl_tcam_region_destroy() from an error path after\nfailing to attach the region to an ACL group, we hit a NULL pointer\ndereference upon 'region->group->tcam' [1].\n\nFix by retrieving the 'tcam' pointer using mlxsw_sp_acl_to_tcam().\n\n[1]\nBUG: kernel NULL pointer dereference, address: 0000000000000000\n[...]\nRIP: 0010:mlxsw_sp_acl_tcam_region_destroy+0xa0/0xd0\n[...]\nCall Trace:\n mlxsw_sp_acl_tcam_vchunk_get+0x88b/0xa20\n mlxsw_sp_acl_tcam_ventry_add+0x25/0xe0\n mlxsw_sp_acl_rule_add+0x47/0x240\n mlxsw_sp_flower_replace+0x1a9/0x1d0\n tc_setup_cb_add+0xdc/0x1c0\n fl_hw_replace_filter+0x146/0x1f0\n fl_change+0xc17/0x1360\n tc_new_tfilter+0x472/0xb90\n rtnetlink_rcv_msg+0x313/0x3b0\n netlink_rcv_skb+0x58/0x100\n netlink_unicast+0x244/0x390\n netlink_sendmsg+0x1e4/0x440\n ____sys_sendmsg+0x164/0x260\n ___sys_sendmsg+0x9a/0xe0\n __sys_sendmsg+0x7a/0xc0\n do_syscall_64+0x40/0xe0\n entry_SYSCALL_64_after_hwframe+0x63/0x6b"
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/817840d125a370626895df269c50c923b79b0a39",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d0a1efe417c97a1e9b914056ee6b86f1ef75fe1f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/efeb7dfea8ee10cdec11b6b6ba4e405edbe75809",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

24
CVE-2024/CVE-2024-265xx/CVE-2024-26596.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2024-26596",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-02-23T15:15:09.500",
"lastModified": "2024-02-23T16:14:43.447",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: fix netdev_priv() dereference before check on non-DSA netdevice events\n\nAfter the blamed commit, we started doing this dereference for every\nNETDEV_CHANGEUPPER and NETDEV_PRECHANGEUPPER event in the system.\n\nstatic inline struct dsa_port *dsa_user_to_port(const struct net_device *dev)\n{\n\tstruct dsa_user_priv *p = netdev_priv(dev);\n\n\treturn p->dp;\n}\n\nWhich is obviously bogus, because not all net_devices have a netdev_priv()\nof type struct dsa_user_priv. But struct dsa_user_priv is fairly small,\nand p->dp means dereferencing 8 bytes starting with offset 16. Most\ndrivers allocate that much private memory anyway, making our access not\nfault, and we discard the bogus data quickly afterwards, so this wasn't\ncaught.\n\nBut the dummy interface is somewhat special in that it calls\nalloc_netdev() with a priv size of 0. So every netdev_priv() dereference\nis invalid, and we get this when we emit a NETDEV_PRECHANGEUPPER event\nwith a VLAN as its new upper:\n\n$ ip link add dummy1 type dummy\n$ ip link add link dummy1 name dummy1.100 type vlan id 100\n[ 43.309174] ==================================================================\n[ 43.316456] BUG: KASAN: slab-out-of-bounds in dsa_user_prechangeupper+0x30/0xe8\n[ 43.323835] Read of size 8 at addr ffff3f86481d2990 by task ip/374\n[ 43.330058]\n[ 43.342436] Call trace:\n[ 43.366542] dsa_user_prechangeupper+0x30/0xe8\n[ 43.371024] dsa_user_netdevice_event+0xb38/0xee8\n[ 43.375768] notifier_call_chain+0xa4/0x210\n[ 43.379985] raw_notifier_call_chain+0x24/0x38\n[ 43.384464] __netdev_upper_dev_link+0x3ec/0x5d8\n[ 43.389120] netdev_upper_dev_link+0x70/0xa8\n[ 43.393424] register_vlan_dev+0x1bc/0x310\n[ 43.397554] vlan_newlink+0x210/0x248\n[ 43.401247] rtnl_newlink+0x9fc/0xe30\n[ 43.404942] rtnetlink_rcv_msg+0x378/0x580\n\nAvoid the kernel oops by dereferencing after the type check, as customary."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/844f104790bd69c2e4dbb9ee3eba46fde1fcea7b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/dbd909c20c11f0d29c0054d41e0d1f668a60e8c8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

48
CVE-2024/CVE-2024-265xx/CVE-2024-26597.json Normal file
View File

@ -0,0 +1,48 @@
{
"id": "CVE-2024-26597",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-02-23T15:15:09.557",
"lastModified": "2024-02-23T16:14:43.447",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: qualcomm: rmnet: fix global oob in rmnet_policy\n\nThe variable rmnet_link_ops assign a *bigger* maxtype which leads to a\nglobal out-of-bounds read when parsing the netlink attributes. See bug\ntrace below:\n\n==================================================================\nBUG: KASAN: global-out-of-bounds in validate_nla lib/nlattr.c:386 [inline]\nBUG: KASAN: global-out-of-bounds in __nla_validate_parse+0x24af/0x2750 lib/nlattr.c:600\nRead of size 1 at addr ffffffff92c438d0 by task syz-executor.6/84207\n\nCPU: 0 PID: 84207 Comm: syz-executor.6 Tainted: G N 6.1.0 #3\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 04/01/2014\nCall Trace:\n <TASK>\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x8b/0xb3 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:284 [inline]\n print_report+0x172/0x475 mm/kasan/report.c:395\n kasan_report+0xbb/0x1c0 mm/kasan/report.c:495\n validate_nla lib/nlattr.c:386 [inline]\n __nla_validate_parse+0x24af/0x2750 lib/nlattr.c:600\n __nla_parse+0x3e/0x50 lib/nlattr.c:697\n nla_parse_nested_deprecated include/net/netlink.h:1248 [inline]\n __rtnl_newlink+0x50a/0x1880 net/core/rtnetlink.c:3485\n rtnl_newlink+0x64/0xa0 net/core/rtnetlink.c:3594\n rtnetlink_rcv_msg+0x43c/0xd70 net/core/rtnetlink.c:6091\n netlink_rcv_skb+0x14f/0x410 net/netlink/af_netlink.c:2540\n netlink_unicast_kernel net/netlink/af_netlink.c:1319 [inline]\n netlink_unicast+0x54e/0x800 net/netlink/af_netlink.c:1345\n netlink_sendmsg+0x930/0xe50 net/netlink/af_netlink.c:1921\n sock_sendmsg_nosec net/socket.c:714 [inline]\n sock_sendmsg+0x154/0x190 net/socket.c:734\n ____sys_sendmsg+0x6df/0x840 net/socket.c:2482\n ___sys_sendmsg+0x110/0x1b0 net/socket.c:2536\n __sys_sendmsg+0xf3/0x1c0 net/socket.c:2565\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x3b/0x90 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\nRIP: 0033:0x7fdcf2072359\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fdcf13e3168 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 00007fdcf219ff80 RCX: 00007fdcf2072359\nRDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000003\nRBP: 00007fdcf20bd493 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 00007fffbb8d7bdf R14: 00007fdcf13e3300 R15: 0000000000022000\n </TASK>\n\nThe buggy address belongs to the variable:\n rmnet_policy+0x30/0xe0\n\nThe buggy address belongs to the physical page:\npage:0000000065bdeb3c refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x155243\nflags: 0x200000000001000(reserved|node=0|zone=2)\nraw: 0200000000001000 ffffea00055490c8 ffffea00055490c8 0000000000000000\nraw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000\npage dumped because: kasan: bad access detected\n\nMemory state around the buggy address:\n ffffffff92c43780: f9 f9 f9 f9 00 00 00 02 f9 f9 f9 f9 00 00 00 07\n ffffffff92c43800: f9 f9 f9 f9 00 00 00 05 f9 f9 f9 f9 06 f9 f9 f9\n>ffffffff92c43880: f9 f9 f9 f9 00 00 00 00 00 00 f9 f9 f9 f9 f9 f9\n ^\n ffffffff92c43900: 00 00 00 00 00 00 00 00 07 f9 f9 f9 f9 f9 f9 f9\n ffffffff92c43980: 00 00 00 07 f9 f9 f9 f9 00 00 00 05 f9 f9 f9 f9\n\nAccording to the comment of `nla_parse_nested_deprecated`, the maxtype\nshould be len(destination array) - 1. Hence use `IFLA_RMNET_MAX` here."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/02467ab8b404d80429107588e0f3425cf5fcd2e5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/093dab655808207f7a9f54cf156240aeafc70590",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/17d06a5c44d8fd2e8e61bac295b09153496f87e1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/2295c22348faf795e1ccdf618f6eb7afdb2f7447",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/3b5254862258b595662a0ccca6e9eeb88d6e7468",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b33fb5b801c6db408b774a68e7c8722796b59ecc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c4734535034672f59f2652e1e0058c490da62a5c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ee1dc3bf86f2df777038506b139371a9add02534",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

44
CVE-2024/CVE-2024-265xx/CVE-2024-26598.json Normal file
View File

@ -0,0 +1,44 @@
{
"id": "CVE-2024-26598",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-02-23T15:15:09.610",
"lastModified": "2024-02-23T16:14:43.447",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache\n\nThere is a potential UAF scenario in the case of an LPI translation\ncache hit racing with an operation that invalidates the cache, such\nas a DISCARD ITS command. The root of the problem is that\nvgic_its_check_cache() does not elevate the refcount on the vgic_irq\nbefore dropping the lock that serializes refcount changes.\n\nHave vgic_its_check_cache() raise the refcount on the returned vgic_irq\nand add the corresponding decrement after queueing the interrupt."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/12c2759ab1343c124ed46ba48f27bd1ef5d2dff4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/65b201bf3e9af1b0254243a5881390eda56f72d1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ad362fe07fecf0aba839ff2cc59a3617bd42c33f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ba7be666740847d967822bed15500656b26bc703",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d04acadb6490aa3314f9c9e087691e55de153b88",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/dba788e25f05209adf2b0175eb1691dc89fb1ba6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/dd3956a1b3dd11f46488c928cb890d6937d1ca80",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

32
CVE-2024/CVE-2024-265xx/CVE-2024-26599.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2024-26599",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-02-23T15:15:09.660",
"lastModified": "2024-02-23T16:14:43.447",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\npwm: Fix out-of-bounds access in of_pwm_single_xlate()\n\nWith args->args_count == 2 args->args[2] is not defined. Actually the\nflags are contained in args->args[1]."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/7b85554c7c2aee91171e038e4d5442ffa130b282",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a297d07b9a1e4fb8cda25a4a2363a507d294b7c9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/bae45b7ebb31984b63b13c3519fd724b3ce92123",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e5f2b4b62977fb6c2efcbc5779e0c9dce18215f7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

62
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-02-23T15:02:05.252259+00:00
2024-02-23T17:01:13.176416+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-02-23T14:15:45.150000+00:00
2024-02-23T16:15:48.570000+00:00
```
### Last Data Feed Release
@ -29,21 +29,69 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
239291
239318
```
### CVEs added in the last Commit
Recently added CVEs: `2`
Recently added CVEs: `27`
* [CVE-2024-1817](CVE-2024/CVE-2024-18xx/CVE-2024-1817.json) (`2024-02-23T14:15:44.847`)
* [CVE-2024-26594](CVE-2024/CVE-2024-265xx/CVE-2024-26594.json) (`2024-02-23T14:15:45.150`)
* [CVE-2023-52455](CVE-2023/CVE-2023-524xx/CVE-2023-52455.json) (`2024-02-23T15:15:08.193`)
* [CVE-2023-52456](CVE-2023/CVE-2023-524xx/CVE-2023-52456.json) (`2024-02-23T15:15:08.237`)
* [CVE-2023-52457](CVE-2023/CVE-2023-524xx/CVE-2023-52457.json) (`2024-02-23T15:15:08.290`)
* [CVE-2023-52458](CVE-2023/CVE-2023-524xx/CVE-2023-52458.json) (`2024-02-23T15:15:08.340`)
* [CVE-2023-52459](CVE-2023/CVE-2023-524xx/CVE-2023-52459.json) (`2024-02-23T15:15:08.387`)
* [CVE-2023-52460](CVE-2023/CVE-2023-524xx/CVE-2023-52460.json) (`2024-02-23T15:15:08.440`)
* [CVE-2023-52461](CVE-2023/CVE-2023-524xx/CVE-2023-52461.json) (`2024-02-23T15:15:08.490`)
* [CVE-2023-52462](CVE-2023/CVE-2023-524xx/CVE-2023-52462.json) (`2024-02-23T15:15:08.540`)
* [CVE-2023-52463](CVE-2023/CVE-2023-524xx/CVE-2023-52463.json) (`2024-02-23T15:15:08.590`)
* [CVE-2023-52464](CVE-2023/CVE-2023-524xx/CVE-2023-52464.json) (`2024-02-23T15:15:08.647`)
* [CVE-2024-1818](CVE-2024/CVE-2024-18xx/CVE-2024-1818.json) (`2024-02-23T15:15:08.700`)
* [CVE-2024-1819](CVE-2024/CVE-2024-18xx/CVE-2024-1819.json) (`2024-02-23T15:15:08.933`)
* [CVE-2024-22776](CVE-2024/CVE-2024-227xx/CVE-2024-22776.json) (`2024-02-23T15:15:09.180`)
* [CVE-2024-25629](CVE-2024/CVE-2024-256xx/CVE-2024-25629.json) (`2024-02-23T15:15:09.237`)
* [CVE-2024-26595](CVE-2024/CVE-2024-265xx/CVE-2024-26595.json) (`2024-02-23T15:15:09.443`)
* [CVE-2024-26596](CVE-2024/CVE-2024-265xx/CVE-2024-26596.json) (`2024-02-23T15:15:09.500`)
* [CVE-2024-26597](CVE-2024/CVE-2024-265xx/CVE-2024-26597.json) (`2024-02-23T15:15:09.557`)
* [CVE-2024-26598](CVE-2024/CVE-2024-265xx/CVE-2024-26598.json) (`2024-02-23T15:15:09.610`)
* [CVE-2024-26599](CVE-2024/CVE-2024-265xx/CVE-2024-26599.json) (`2024-02-23T15:15:09.660`)
* [CVE-2024-1820](CVE-2024/CVE-2024-18xx/CVE-2024-1820.json) (`2024-02-23T16:15:47.223`)
* [CVE-2024-1821](CVE-2024/CVE-2024-18xx/CVE-2024-1821.json) (`2024-02-23T16:15:47.510`)
* [CVE-2024-1822](CVE-2024/CVE-2024-18xx/CVE-2024-1822.json) (`2024-02-23T16:15:47.817`)
* [CVE-2024-1823](CVE-2024/CVE-2024-18xx/CVE-2024-1823.json) (`2024-02-23T16:15:48.043`)
* [CVE-2024-1824](CVE-2024/CVE-2024-18xx/CVE-2024-1824.json) (`2024-02-23T16:15:48.263`)
* [CVE-2024-26150](CVE-2024/CVE-2024-261xx/CVE-2024-26150.json) (`2024-02-23T16:15:48.570`)
### CVEs modified in the last Commit
Recently modified CVEs: `0`
Recently modified CVEs: `34`
* [CVE-2023-41056](CVE-2023/CVE-2023-410xx/CVE-2023-41056.json) (`2024-02-23T16:15:46.293`)
* [CVE-2023-6004](CVE-2023/CVE-2023-60xx/CVE-2023-6004.json) (`2024-02-23T16:15:46.433`)
* [CVE-2023-6683](CVE-2023/CVE-2023-66xx/CVE-2023-6683.json) (`2024-02-23T16:15:46.577`)
* [CVE-2023-6779](CVE-2023/CVE-2023-67xx/CVE-2023-6779.json) (`2024-02-23T16:15:46.700`)
* [CVE-2024-24806](CVE-2024/CVE-2024-248xx/CVE-2024-24806.json) (`2024-02-23T16:08:31.370`)
* [CVE-2024-21381](CVE-2024/CVE-2024-213xx/CVE-2024-21381.json) (`2024-02-23T16:11:13.877`)
* [CVE-2024-22243](CVE-2024/CVE-2024-222xx/CVE-2024-22243.json) (`2024-02-23T16:14:43.447`)
* [CVE-2024-1776](CVE-2024/CVE-2024-17xx/CVE-2024-1776.json) (`2024-02-23T16:14:43.447`)
* [CVE-2024-1777](CVE-2024/CVE-2024-17xx/CVE-2024-1777.json) (`2024-02-23T16:14:43.447`)
* [CVE-2024-1778](CVE-2024/CVE-2024-17xx/CVE-2024-1778.json) (`2024-02-23T16:14:43.447`)
* [CVE-2024-1779](CVE-2024/CVE-2024-17xx/CVE-2024-1779.json) (`2024-02-23T16:14:43.447`)
* [CVE-2024-0563](CVE-2024/CVE-2024-05xx/CVE-2024-0563.json) (`2024-02-23T16:14:43.447`)
* [CVE-2024-1590](CVE-2024/CVE-2024-15xx/CVE-2024-1590.json) (`2024-02-23T16:14:43.447`)
* [CVE-2024-26593](CVE-2024/CVE-2024-265xx/CVE-2024-26593.json) (`2024-02-23T16:14:43.447`)
* [CVE-2024-1360](CVE-2024/CVE-2024-13xx/CVE-2024-1360.json) (`2024-02-23T16:14:43.447`)
* [CVE-2024-1361](CVE-2024/CVE-2024-13xx/CVE-2024-1361.json) (`2024-02-23T16:14:43.447`)
* [CVE-2024-1362](CVE-2024/CVE-2024-13xx/CVE-2024-1362.json) (`2024-02-23T16:14:43.447`)
* [CVE-2024-25915](CVE-2024/CVE-2024-259xx/CVE-2024-25915.json) (`2024-02-23T16:14:43.447`)
* [CVE-2024-25928](CVE-2024/CVE-2024-259xx/CVE-2024-25928.json) (`2024-02-23T16:14:43.447`)
* [CVE-2024-1817](CVE-2024/CVE-2024-18xx/CVE-2024-1817.json) (`2024-02-23T16:14:43.447`)
* [CVE-2024-26594](CVE-2024/CVE-2024-265xx/CVE-2024-26594.json) (`2024-02-23T16:14:43.447`)
* [CVE-2024-0565](CVE-2024/CVE-2024-05xx/CVE-2024-0565.json) (`2024-02-23T16:15:46.843`)
* [CVE-2024-0831](CVE-2024/CVE-2024-08xx/CVE-2024-0831.json) (`2024-02-23T16:15:46.980`)
* [CVE-2024-1048](CVE-2024/CVE-2024-10xx/CVE-2024-1048.json) (`2024-02-23T16:15:47.093`)
* [CVE-2024-22667](CVE-2024/CVE-2024-226xx/CVE-2024-22667.json) (`2024-02-23T16:15:48.487`)
## Download and Usage