admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-03-14T17:00:20.422616+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-03-14 17:03:51 +00:00
parent 9379836d49
commit b1510fa391
136 changed files with 3192 additions and 466 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CVE-2009/CVE-2009-11xx/CVE-2009-1151.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2009-1151",
"sourceIdentifier": "cve@mitre.org",
"published": "2009-03-26T14:30:00.267",
"lastModified": "2025-02-10T20:15:30.940",
"vulnStatus": "Modified",
"lastModified": "2025-03-14T15:23:22.870",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2010/CVE-2010-18xx/CVE-2010-1871.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2010-1871",
"sourceIdentifier": "cve@mitre.org",
"published": "2010-08-05T13:23:09.477",
"lastModified": "2025-02-10T20:15:31.397",
"vulnStatus": "Modified",
"lastModified": "2025-03-14T15:23:29.930",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

30
CVE-2012/CVE-2012-46xx/CVE-2012-4681.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2012-4681",
"sourceIdentifier": "cve@mitre.org",
"published": "2012-08-28T00:55:01.860",
"lastModified": "2025-02-10T20:15:33.623",
"vulnStatus": "Modified",
"lastModified": "2025-03-14T15:27:50.197",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -565,14 +565,14 @@
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html",
"source": "cve@mitre.org",
"tags": [
"Broken Link"
"Mailing List"
]
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html",
"source": "cve@mitre.org",
"tags": [
"Broken Link"
"Mailing List"
]
},
{
@ -629,7 +629,8 @@
"url": "http://www.deependresearch.org/2012/08/java-7-vulnerability-analysis.html",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
"Third Party Advisory",
"Broken Link"
]
},
{
@ -644,7 +645,8 @@
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
"VDB Entry",
"Broken Link"
]
},
{
@ -659,7 +661,8 @@
"url": "https://community.rapid7.com/community/metasploit/blog/2012/08/27/lets-start-the-week-with-a-new-java-0day",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
"Third Party Advisory",
"Broken Link"
]
},
{
@ -689,14 +692,14 @@
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
"Mailing List"
]
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
"Mailing List"
]
},
{
@ -753,7 +756,8 @@
"url": "http://www.deependresearch.org/2012/08/java-7-vulnerability-analysis.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
"Third Party Advisory",
"Broken Link"
]
},
{
@ -768,7 +772,8 @@
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
"VDB Entry",
"Broken Link"
]
},
{
@ -783,7 +788,8 @@
"url": "https://community.rapid7.com/community/metasploit/blog/2012/08/27/lets-start-the-week-with-a-new-java-0day",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
"Third Party Advisory",
"Broken Link"
]
}
]

10
CVE-2013/CVE-2013-25xx/CVE-2013-2597.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2013-2597",
"sourceIdentifier": "cve@mitre.org",
"published": "2014-08-31T10:55:03.753",
"lastModified": "2025-02-10T20:15:34.790",
"vulnStatus": "Modified",
"lastModified": "2025-03-14T15:28:05.483",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -967,14 +967,16 @@
"url": "https://www.codeaurora.org/projects/security-advisories/stack-based-buffer-overflow-acdb-audio-driver-cve-2013-2597",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
"Vendor Advisory",
"Broken Link"
]
},
{
"url": "https://www.codeaurora.org/projects/security-advisories/stack-based-buffer-overflow-acdb-audio-driver-cve-2013-2597",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
"Vendor Advisory",
"Broken Link"
]
}
]

4
CVE-2014/CVE-2014-62xx/CVE-2014-6287.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2014-6287",
"sourceIdentifier": "cve@mitre.org",
"published": "2014-10-07T10:55:04.493",
"lastModified": "2025-02-10T20:15:36.420",
"vulnStatus": "Modified",
"lastModified": "2025-03-14T15:29:33.827",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2016/CVE-2016-101xx/CVE-2016-10174.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2016-10174",
"sourceIdentifier": "cve@mitre.org",
"published": "2017-01-30T04:59:00.157",
"lastModified": "2025-02-04T21:15:09.520",
"vulnStatus": "Modified",
"lastModified": "2025-03-14T15:33:33.417",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

16
CVE-2016/CVE-2016-23xx/CVE-2016-2386.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2016-2386",
"sourceIdentifier": "cve@mitre.org",
"published": "2016-02-16T15:59:00.133",
"lastModified": "2025-02-04T21:15:09.813",
"vulnStatus": "Modified",
"lastModified": "2025-03-14T15:29:52.030",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -149,14 +149,16 @@
"url": "https://erpscan.io/advisories/erpscan-16-011-sap-netweaver-7-4-sql-injection-vulnerability/",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
"Third Party Advisory",
"Broken Link"
]
},
{
"url": "https://erpscan.io/press-center/blog/sap-security-notes-february-2016-review/",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
"Third Party Advisory",
"Broken Link"
]
},
{
@ -207,14 +209,16 @@
"url": "https://erpscan.io/advisories/erpscan-16-011-sap-netweaver-7-4-sql-injection-vulnerability/",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
"Third Party Advisory",
"Broken Link"
]
},
{
"url": "https://erpscan.io/press-center/blog/sap-security-notes-february-2016-review/",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
"Third Party Advisory",
"Broken Link"
]
},
{

16
CVE-2016/CVE-2016-23xx/CVE-2016-2388.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2016-2388",
"sourceIdentifier": "cve@mitre.org",
"published": "2016-02-16T15:59:02.103",
"lastModified": "2025-02-04T21:15:10.060",
"vulnStatus": "Modified",
"lastModified": "2025-03-14T15:30:40.507",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -160,14 +160,16 @@
"url": "https://erpscan.io/advisories/erpscan-16-010-sap-netweaver-7-4-information-disclosure/",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
"Third Party Advisory",
"Broken Link"
]
},
{
"url": "https://erpscan.io/press-center/blog/sap-security-notes-february-2016-review/",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
"Third Party Advisory",
"Broken Link"
]
},
{
@ -219,14 +221,16 @@
"url": "https://erpscan.io/advisories/erpscan-16-010-sap-netweaver-7-4-information-disclosure/",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
"Third Party Advisory",
"Broken Link"
]
},
{
"url": "https://erpscan.io/press-center/blog/sap-security-notes-february-2016-review/",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
"Third Party Advisory",
"Broken Link"
]
},
{

4
CVE-2016/CVE-2016-62xx/CVE-2016-6277.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2016-6277",
"sourceIdentifier": "cve@mitre.org",
"published": "2016-12-14T16:59:00.350",
"lastModified": "2025-02-04T21:15:10.763",
"vulnStatus": "Modified",
"lastModified": "2025-03-14T15:31:37.860",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2016/CVE-2016-85xx/CVE-2016-8562.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2016-8562",
"sourceIdentifier": "cve@mitre.org",
"published": "2016-11-18T21:59:02.033",
"lastModified": "2025-02-04T21:15:11.010",
"vulnStatus": "Modified",
"lastModified": "2025-03-14T15:30:47.647",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2017/CVE-2017-183xx/CVE-2017-18368.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2017-18368",
"sourceIdentifier": "cve@mitre.org",
"published": "2019-05-02T17:29:00.287",
"lastModified": "2025-02-04T21:15:12.033",
"vulnStatus": "Modified",
"lastModified": "2025-03-14T15:16:40.000",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2017/CVE-2017-55xx/CVE-2017-5521.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2017-5521",
"sourceIdentifier": "cve@mitre.org",
"published": "2017-01-17T09:59:00.333",
"lastModified": "2025-02-04T21:15:12.283",
"vulnStatus": "Modified",
"lastModified": "2025-03-14T15:33:24.577",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2017/CVE-2017-60xx/CVE-2017-6077.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2017-6077",
"sourceIdentifier": "cve@mitre.org",
"published": "2017-02-22T23:59:00.190",
"lastModified": "2025-02-04T21:15:12.520",
"vulnStatus": "Modified",
"lastModified": "2025-03-14T15:33:41.373",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

8
CVE-2017/CVE-2017-63xx/CVE-2017-6316.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2017-6316",
"sourceIdentifier": "cve@mitre.org",
"published": "2017-07-20T04:29:00.423",
"lastModified": "2025-02-04T21:15:12.743",
"vulnStatus": "Modified",
"lastModified": "2025-03-14T15:16:30.787",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -141,7 +141,7 @@
"url": "https://support.citrix.com/article/CTX225990",
"source": "cve@mitre.org",
"tags": [
"Broken Link"
"Permissions Required"
]
},
{
@ -183,7 +183,7 @@
"url": "https://support.citrix.com/article/CTX225990",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
"Permissions Required"
]
},
{

4
CVE-2017/CVE-2017-63xx/CVE-2017-6334.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2017-6334",
"sourceIdentifier": "cve@mitre.org",
"published": "2017-03-06T02:59:00.433",
"lastModified": "2025-02-04T21:15:12.953",
"vulnStatus": "Modified",
"lastModified": "2025-03-14T15:33:51.650",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

39
CVE-2018/CVE-2018-93xx/CVE-2018-9387.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2018-9387",
"sourceIdentifier": "security@android.com",
"published": "2025-01-18T00:15:23.930",
"lastModified": "2025-02-18T21:15:13.007",
"lastModified": "2025-03-14T16:15:26.113",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "En multiple functions de mnh-sm.c, existe una forma posible de provocar un desbordamiento de mont\u00f3n debido a un desbordamiento de enteros. Esto podr\u00eda provocar una escalada local de privilegios sin necesidad de permisos de ejecuci\u00f3n adicionales. No se necesita la interacci\u00f3n del usuario para la explotaci\u00f3n."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"references": [
{
"url": "https://source.android.com/security/bulletin/pixel/2018-06-01",

4
CVE-2020/CVE-2020-255xx/CVE-2020-25506.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-25506",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-02-02T13:15:12.570",
"lastModified": "2025-02-07T17:15:20.857",
"vulnStatus": "Modified",
"lastModified": "2025-03-14T16:59:53.160",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2020/CVE-2020-28xx/CVE-2020-2883.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-2883",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2020-04-15T14:15:33.513",
"lastModified": "2025-01-08T02:00:01.937",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-14T15:07:06.090",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2020/CVE-2020-81xx/CVE-2020-8193.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-8193",
"sourceIdentifier": "support@hackerone.com",
"published": "2020-07-10T16:15:12.157",
"lastModified": "2025-02-07T13:15:30.433",
"vulnStatus": "Modified",
"lastModified": "2025-03-14T15:07:15.610",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2020/CVE-2020-81xx/CVE-2020-8195.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-8195",
"sourceIdentifier": "support@hackerone.com",
"published": "2020-07-10T16:15:12.327",
"lastModified": "2025-02-07T13:15:30.670",
"vulnStatus": "Modified",
"lastModified": "2025-03-14T15:07:33.737",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2020/CVE-2020-81xx/CVE-2020-8196.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-8196",
"sourceIdentifier": "support@hackerone.com",
"published": "2020-07-10T16:15:12.407",
"lastModified": "2025-02-07T13:15:30.870",
"vulnStatus": "Modified",
"lastModified": "2025-03-14T15:07:38.590",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2021/CVE-2021-200xx/CVE-2021-20016.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-20016",
"sourceIdentifier": "PSIRT@sonicwall.com",
"published": "2021-02-04T06:15:13.817",
"lastModified": "2025-02-06T20:15:35.463",
"vulnStatus": "Modified",
"lastModified": "2025-03-14T17:00:01.730",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2021/CVE-2021-200xx/CVE-2021-20028.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-20028",
"sourceIdentifier": "PSIRT@sonicwall.com",
"published": "2021-08-04T19:15:08.247",
"lastModified": "2025-02-04T15:15:11.157",
"vulnStatus": "Modified",
"lastModified": "2025-03-14T16:47:20.140",
"vulnStatus": "Analyzed",
"cveTags": [
{
"sourceIdentifier": "PSIRT@sonicwall.com",

4
CVE-2021/CVE-2021-200xx/CVE-2021-20038.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-20038",
"sourceIdentifier": "PSIRT@sonicwall.com",
"published": "2021-12-08T10:15:07.750",
"lastModified": "2025-02-04T15:15:11.480",
"vulnStatus": "Modified",
"lastModified": "2025-03-14T16:48:26.593",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

22
CVE-2021/CVE-2021-275xx/CVE-2021-27562.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-27562",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-05-25T19:15:07.737",
"lastModified": "2025-02-04T20:15:41.850",
"vulnStatus": "Modified",
"lastModified": "2025-03-14T16:22:57.903",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -112,7 +112,6 @@
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -120,20 +119,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:arm:trusted_firmware_m:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.2",
"matchCriteriaId": "749DFEA7-08EE-48FE-8BAA-E17DD3038B9A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arm:trusted_firmware_m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "989ADB95-215E-4DB5-9BF5-4458BC7DDDEF"
"criteria": "cpe:2.3:o:arm:trusted_firmware-m:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.2.0",
"matchCriteriaId": "F4B4BC29-D610-4699-8E7C-203B54DB7A8D"
}
]
}

4
CVE-2021/CVE-2021-301xx/CVE-2021-30116.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-30116",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-07-09T14:15:07.770",
"lastModified": "2025-02-04T20:15:42.660",
"vulnStatus": "Modified",
"lastModified": "2025-03-14T16:30:19.033",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

11
CVE-2021/CVE-2021-354xx/CVE-2021-35464.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-35464",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-07-22T18:15:23.247",
"lastModified": "2025-02-04T20:15:43.757",
"vulnStatus": "Modified",
"lastModified": "2025-03-14T16:45:41.233",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -119,10 +119,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:forgerock:am:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.0.0",
"versionEndExcluding": "6.5.3",
"matchCriteriaId": "691FBCAF-39C3-483B-B9F3-D1FE0E6F6E89"
"criteria": "cpe:2.3:a:forgerock:access_management:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.5.4",
"matchCriteriaId": "93CE7640-AC5C-40EB-A613-D68B2B21230B"
},
{
"vulnerable": true,

4
CVE-2021/CVE-2021-440xx/CVE-2021-44026.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-44026",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-11-19T04:15:07.197",
"lastModified": "2025-02-04T20:15:44.343",
"vulnStatus": "Modified",
"lastModified": "2025-03-14T16:47:31.813",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2021/CVE-2021-440xx/CVE-2021-44077.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-44077",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-11-29T04:15:06.737",
"lastModified": "2025-02-04T20:15:44.580",
"vulnStatus": "Modified",
"lastModified": "2025-03-14T16:48:14.437",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

8
CVE-2021/CVE-2021-445xx/CVE-2021-44515.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-44515",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-12-12T05:15:07.997",
"lastModified": "2025-02-04T20:15:44.797",
"vulnStatus": "Modified",
"lastModified": "2025-03-14T16:49:38.220",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -123,8 +123,8 @@
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_desktop_central:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "10.1.2128.0",
"versionEndIncluding": "10.1.2137.3",
"matchCriteriaId": "715D4CA4-C99D-49BC-B395-20591E5EF96D"
"versionEndExcluding": "10.1.2137.3",
"matchCriteriaId": "04B6AF62-C406-4FAE-ADE3-9F0306E50CC9"
},
{
"vulnerable": true,

4
CVE-2022/CVE-2022-227xx/CVE-2022-22706.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-22706",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-03-03T15:15:08.610",
"lastModified": "2025-01-29T17:15:16.993",
"vulnStatus": "Modified",
"lastModified": "2025-03-14T16:50:53.957",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2022/CVE-2022-231xx/CVE-2022-23176.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-23176",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-02-24T15:15:28.447",
"lastModified": "2025-01-29T21:15:13.113",
"vulnStatus": "Modified",
"lastModified": "2025-03-14T16:50:46.473",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

56
CVE-2022/CVE-2022-290xx/CVE-2022-29059.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2022-29059",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-03-14T16:15:27.027",
"lastModified": "2025-03-14T16:15:27.027",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper neutralization of special elements used in an SQL command\u00a0('SQL Injection') vulnerability [CWE-89] in FortiWeb version 7.0.1 and below, 6.4.2 and below, 6.3.20 and below, 6.2.7 and below may allow a privileged attacker to execute SQL commands over the log database via specifically crafted strings parameters."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 2.7,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.2,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://fortiguard.com/psirt/FG-IR-22-140",
"source": "psirt@fortinet.com"
}
]
}

4
CVE-2023/CVE-2023-02xx/CVE-2023-0266.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-0266",
"sourceIdentifier": "cve-coordination@google.com",
"published": "2023-01-30T14:15:10.500",
"lastModified": "2025-02-13T17:15:54.200",
"vulnStatus": "Modified",
"lastModified": "2025-03-14T15:17:35.193",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

22
CVE-2023/CVE-2023-03xx/CVE-2023-0372.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-0372",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-02-21T09:15:12.467",
"lastModified": "2024-11-21T07:37:04.087",
"lastModified": "2025-03-14T15:15:38.893",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},

22
CVE-2023/CVE-2023-04xx/CVE-2023-0492.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-0492",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-02-21T09:15:13.117",
"lastModified": "2024-11-21T07:37:17.077",
"lastModified": "2025-03-14T15:15:39.070",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},

56
CVE-2023/CVE-2023-333xx/CVE-2023-33300.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2023-33300",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-03-14T16:15:27.203",
"lastModified": "2025-03-14T16:15:27.203",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A improper neutralization of special elements used in a command ('command injection') in Fortinet FortiNAC 7.2.1 and earlier, 9.4.3 and earlier allows attacker a limited, unauthorized file access via specifically crafted request in inter-server communication port."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"references": [
{
"url": "https://fortiguard.com/psirt/FG-IR-23-096",
"source": "psirt@fortinet.com"
}
]
}

24
CVE-2023/CVE-2023-419xx/CVE-2023-41916.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-41916",
"sourceIdentifier": "security@apache.org",
"published": "2024-07-15T08:15:02.107",
"lastModified": "2024-11-21T08:21:54.947",
"lastModified": "2025-03-14T16:15:27.367",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,13 +36,33 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@apache.org",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

56
CVE-2023/CVE-2023-455xx/CVE-2023-45588.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2023-45588",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-03-14T16:15:27.570",
"lastModified": "2025-03-14T16:15:27.570",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An external control of file name or path vulnerability [CWE-73] in FortiClientMac version 7.2.3 and below, version 7.0.10 and below installer may allow a local attacker to execute arbitrary code or commands via writing a malicious configuration file in /tmp before starting the installation process."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.5,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-73"
}
]
}
],
"references": [
{
"url": "https://fortiguard.com/psirt/FG-IR-23-345",
"source": "psirt@fortinet.com"
}
]
}

4
CVE-2023/CVE-2023-45xx/CVE-2023-4540.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-4540",
"sourceIdentifier": "cvd@cert.pl",
"published": "2023-09-05T08:15:40.017",
"lastModified": "2024-11-21T08:35:22.637",
"lastModified": "2025-03-14T16:15:28.097",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -46,7 +46,7 @@
"description": [
{
"lang": "en",
"value": "CWE-835"
"value": "CWE-755"
}
]
},

56
CVE-2023/CVE-2023-487xx/CVE-2023-48785.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2023-48785",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-03-14T16:15:27.733",
"lastModified": "2025-03-14T16:15:27.733",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper certificate validation vulnerability [CWE-295] in FortiNAC-F version 7.2.4 and below may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the HTTPS communication channel between the FortiOS device, an inventory, and FortiNAC-F."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.2,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-295"
}
]
}
],
"references": [
{
"url": "https://fortiguard.com/psirt/FG-IR-23-288",
"source": "psirt@fortinet.com"
}
]
}

32
CVE-2023/CVE-2023-494xx/CVE-2023-49441.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-49441",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-06-06T22:15:09.843",
"lastModified": "2024-11-21T08:33:24.787",
"lastModified": "2025-03-14T16:15:27.890",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-190"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
],
"configurations": [

25
CVE-2023/CVE-2023-529xx/CVE-2023-52927.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2023-52927",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-03-14T15:15:39.253",
"lastModified": "2025-03-14T15:15:39.253",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: allow exp not to be removed in nf_ct_find_expectation\n\nCurrently nf_conntrack_in() calling nf_ct_find_expectation() will\nremove the exp from the hash table. However, in some scenario, we\nexpect the exp not to be removed when the created ct will not be\nconfirmed, like in OVS and TC conntrack in the following patches.\n\nThis patch allows exp not to be removed by setting IPS_CONFIRMED\nin the status of the tmpl."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/3fa58a6fbd1e9e5682d09cdafb08fba004cb12ec",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/4914109a8e1e494c6aa9852f9e84ec77a5fc643f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

27
CVE-2023/CVE-2023-63xx/CVE-2023-6385.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-6385",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-04-10T05:15:47.720",
"lastModified": "2024-11-21T08:43:45.477",
"lastModified": "2025-03-14T16:15:28.290",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "El complemento WordPress Ping Optimizer hasta la versi\u00f3n 2.35.1.3.0 no tiene comprobaciones CSRF en algunos lugares, lo que podr\u00eda permitir a los atacantes hacer que los usuarios que han iniciado sesi\u00f3n realicen acciones no deseadas a trav\u00e9s de ataques CSRF, como borrar registros."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 0.9,
"impactScore": 3.4
}
]
},
"references": [
{
"url": "https://wpscan.com/vulnerability/362c56ff-85eb-480f-a825-9670d4c0e3d0/",

6
CVE-2023/CVE-2023-67xx/CVE-2023-6787.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-6787",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-04-25T16:15:10.867",
"lastModified": "2024-11-21T08:44:33.533",
"lastModified": "2025-03-14T15:15:39.403",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -78,6 +78,10 @@
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254375",
"source": "secalert@redhat.com"
},
{
"url": "https://github.com/keycloak/keycloak/security/advisories/GHSA-c9h6-v78w-52wj",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:1867",
"source": "af854a3a-2127-422b-91ae-364da2661108"

39
CVE-2024/CVE-2024-132xx/CVE-2024-13221.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-13221",
"sourceIdentifier": "contact@wpscan.com",
"published": "2025-01-31T06:15:28.713",
"lastModified": "2025-02-18T19:15:13.023",
"lastModified": "2025-03-14T16:15:28.530",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "El complemento Fantastic ElasticSearch de WordPress hasta la versi\u00f3n 4.1.0 no desinfecta ni escapa un par\u00e1metro antes de mostrarlo nuevamente en la p\u00e1gina, lo que genera un Cross-Site Scripting Reflejado que podr\u00eda usarse contra usuarios con privilegios altos, como el administrador."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/693f4cc4-a082-46bc-abc9-a08919f70157/",

21
CVE-2024/CVE-2024-216xx/CVE-2024-21683.json
View File

@ -2,15 +2,28 @@
"id": "CVE-2024-21683",
"sourceIdentifier": "security@atlassian.com",
"published": "2024-05-21T23:15:07.923",
"lastModified": "2025-01-01T00:15:07.317",
"vulnStatus": "Rejected",
"lastModified": "2025-03-14T16:15:28.840",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Rejected reason: This CVE's publication may have been a false positive or a mistake. As a result, we have rejected this record."
"value": "This High severity RCE (Remote Code Execution) vulnerability was introduced in version 5.2 of Confluence Data Center and Server.\n\nThis RCE (Remote Code Execution) vulnerability, with a CVSS Score of 7.2, allows an authenticated attacker to execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires no user interaction.\u00a0\n\nAtlassian recommends that Confluence Data Center and Server customers upgrade to latest version. If you are unable to do so, upgrade your instance to one of the specified supported fixed versions. See the release notes https://confluence.atlassian.com/doc/confluence-release-notes-327.html\n\nYou can download the latest version of Confluence Data Center and Server from the download center https://www.atlassian.com/software/confluence/download-archives.\n\nThis vulnerability was found internally."
},
{
"lang": "es",
"value": "Esta vulnerabilidad RCE (ejecuci\u00f3n remota de c\u00f3digo) de alta gravedad se introdujo en la versi\u00f3n 5.2 de Confluence Data Center and Server. Esta vulnerabilidad RCE (ejecuci\u00f3n remota de c\u00f3digo), con una puntuaci\u00f3n CVSS de 8,3, permite a un atacante autenticado ejecutar c\u00f3digo arbitrario que tiene un alto impacto en la confidencialidad, un alto impacto en la integridad, un alto impacto en la disponibilidad y no requiere interacci\u00f3n del usuario. Atlassian recomienda que los clientes de Confluence Data Center y Server actualicen a la \u00faltima versi\u00f3n. Si no puede hacerlo, actualice su instancia a una de las versiones fijas admitidas especificadas. Consulte las notas de la versi\u00f3n https://confluence.atlassian.com/doc/confluence-release-notes-327.html Puede descargar la \u00faltima versi\u00f3n de Confluence Data Center and Server desde el centro de descargas https://www.atlassian.com /software/confluence/descargar-archivos. Esta vulnerabilidad se encontr\u00f3 internamente."
}
],
"metrics": {},
"references": []
"references": [
{
"url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1409286211",
"source": "security@atlassian.com"
},
{
"url": "https://jira.atlassian.com/browse/CONFSERVER-95832",
"source": "security@atlassian.com"
}
]
}

14
CVE-2024/CVE-2024-216xx/CVE-2024-21687.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21687",
"sourceIdentifier": "security@atlassian.com",
"published": "2024-07-16T21:15:10.257",
"lastModified": "2025-02-20T15:20:02.967",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-14T16:15:28.963",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -71,6 +71,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-98"
}
]
}
],
"configurations": [

14
CVE-2024/CVE-2024-222xx/CVE-2024-22267.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22267",
"sourceIdentifier": "security@vmware.com",
"published": "2024-05-14T16:16:06.610",
"lastModified": "2025-03-05T18:25:53.837",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-14T15:15:39.803",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -69,6 +69,16 @@
"value": "CWE-416"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [

34
CVE-2024/CVE-2024-228xx/CVE-2024-22892.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22892",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-25T15:15:13.430",
"lastModified": "2024-10-01T19:10:13.467",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-14T16:15:29.140",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-326"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-326"
}
]
}
],
"configurations": [

29
CVE-2024/CVE-2024-239xx/CVE-2024-23953.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-23953",
"sourceIdentifier": "security@apache.org",
"published": "2025-01-28T09:15:09.187",
"lastModified": "2025-02-18T19:15:15.100",
"lastModified": "2025-03-14T16:15:29.340",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,11 +15,34 @@
"value": "El uso de Arrays.equals() en LlapSignerImpl en Apache Hive para comparar firmas de mensajes permite a un atacante falsificar una firma v\u00e1lida para un mensaje arbitrario byte a byte. El atacante debe ser un usuario autorizado del producto para realizar este ataque. Se recomienda a los usuarios que actualicen a la versi\u00f3n 4.0.0, que soluciona este problema. El problema ocurre cuando una aplicaci\u00f3n no utiliza un algoritmo de tiempo constante para validar una firma. El m\u00e9todo Arrays.equals() devuelve falso de inmediato cuando ve que uno de los bytes de entrada es diferente. Significa que el tiempo de comparaci\u00f3n depende del contenido de las matrices. Esta peque\u00f1a cosa puede permitir a un atacante falsificar una firma v\u00e1lida para un mensaje arbitrario byte a byte. Por lo tanto, podr\u00eda permitir que los usuarios malintencionados env\u00eden divisiones/trabajos con firmas seleccionadas a LLAP sin ejecutarse como un usuario privilegiado, lo que podr\u00eda conducir a un ataque DDoS. M\u00e1s detalles en la secci\u00f3n de referencia."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@apache.org",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

39
CVE-2024/CVE-2024-244xx/CVE-2024-24424.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-24424",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-21T23:15:12.527",
"lastModified": "2025-02-18T21:15:21.497",
"lastModified": "2025-03-14T16:15:29.560",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Una afirmaci\u00f3n alcanzable en la funci\u00f3n decode_access_point_name_ie de Magma <= 1.8.0 (corregida en v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) a trav\u00e9s de un paquete NAS manipulado."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"references": [
{
"url": "https://cellularsecurity.org/ransacked",

22
CVE-2024/CVE-2024-250xx/CVE-2024-25087.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-25087",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-02T16:15:04.157",
"lastModified": "2024-11-21T09:00:13.447",
"lastModified": "2025-03-14T16:15:29.730",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},

14
CVE-2024/CVE-2024-26xx/CVE-2024-2615.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2615",
"sourceIdentifier": "security@mozilla.org",
"published": "2024-03-19T12:15:09.210",
"lastModified": "2025-02-25T14:48:08.963",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-14T16:15:30.527",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -69,6 +69,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

32
CVE-2024/CVE-2024-278xx/CVE-2024-27806.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-27806",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-06-10T21:15:50.020",
"lastModified": "2024-11-21T09:05:06.393",
"lastModified": "2025-03-14T16:15:30.053",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"configurations": [

14
CVE-2024/CVE-2024-288xx/CVE-2024-28805.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-28805",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-29T19:15:11.990",
"lastModified": "2024-11-21T09:06:57.380",
"lastModified": "2025-03-14T16:15:30.333",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://www.gruppotim.it/it/footer/red-team.html",

14
CVE-2024/CVE-2024-299xx/CVE-2024-29944.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-29944",
"sourceIdentifier": "security@mozilla.org",
"published": "2024-03-22T13:15:07.503",
"lastModified": "2024-11-21T09:08:40.103",
"lastModified": "2025-03-14T15:15:39.997",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-830"
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/03/23/1",

14
CVE-2024/CVE-2024-308xx/CVE-2024-30804.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-30804",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-26T22:15:08.017",
"lastModified": "2024-11-21T09:12:25.990",
"lastModified": "2025-03-14T16:15:30.757",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-782"
}
]
}
],
"references": [
{
"url": "https://github.com/DriverHunter/Win-Driver-EXP/tree/main/CVE-2024-30804",

14
CVE-2024/CVE-2024-313xx/CVE-2024-31327.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-31327",
"sourceIdentifier": "security@android.com",
"published": "2024-07-09T21:15:13.820",
"lastModified": "2024-12-17T19:03:28.603",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-14T16:15:30.937",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -69,6 +69,16 @@
"value": "CWE-362"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-362"
}
]
}
],
"configurations": [

14
CVE-2024/CVE-2024-314xx/CVE-2024-31413.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-31413",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2024-05-01T13:15:52.080",
"lastModified": "2024-11-21T09:13:29.177",
"lastModified": "2025-03-14T15:15:40.200",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-761"
}
]
}
],
"references": [
{
"url": "https://jvn.jp/en/vu/JVNVU98274902/",

36
CVE-2024/CVE-2024-318xx/CVE-2024-31840.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-31840",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-21T16:15:25.943",
"lastModified": "2024-11-21T09:13:59.537",
"lastModified": "2025-03-14T15:15:40.393",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
@ -53,6 +73,20 @@
"value": "CWE-319"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-312"
},
{
"lang": "en",
"value": "CWE-319"
}
]
}
],
"configurations": [

32
CVE-2024/CVE-2024-319xx/CVE-2024-31947.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-31947",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-12T23:15:10.000",
"lastModified": "2024-11-21T09:14:10.780",
"lastModified": "2025-03-14T15:15:40.603",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-22"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [

34
CVE-2024/CVE-2024-329xx/CVE-2024-32928.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-32928",
"sourceIdentifier": "dsap-vuln-management@google.com",
"published": "2024-08-19T17:15:07.557",
"lastModified": "2024-08-20T16:13:33.947",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-14T16:15:31.157",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-295"
}
]
}
],
"configurations": [

34
CVE-2024/CVE-2024-332xx/CVE-2024-33209.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-33209",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-02T16:15:10.300",
"lastModified": "2024-10-16T13:33:21.313",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-14T16:15:31.387",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

14
CVE-2024/CVE-2024-343xx/CVE-2024-34329.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-34329",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-22T20:15:03.673",
"lastModified": "2025-02-06T21:15:21.130",
"lastModified": "2025-03-14T16:15:31.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-277"
}
]
}
],
"references": [
{
"url": "https://github.com/pamoutaf/CVE-2024-34329/blob/main/README.md",

34
CVE-2024/CVE-2024-344xx/CVE-2024-34458.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-34458",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-20T14:15:08.873",
"lastModified": "2024-08-21T13:31:38.380",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-14T15:15:40.820",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [

27
CVE-2024/CVE-2024-354xx/CVE-2024-35422.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-35422",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-08T22:15:16.180",
"lastModified": "2024-11-12T16:35:14.203",
"lastModified": "2025-03-14T16:15:31.780",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "Se descubri\u00f3 que vmir e8117 conten\u00eda un desbordamiento de b\u00fafer de mont\u00f3n a trav\u00e9s de la funci\u00f3n wasm_call en /src/vmir_wasm_parser.c."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",

14
CVE-2024/CVE-2024-363xx/CVE-2024-36360.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-36360",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2024-06-11T05:15:53.610",
"lastModified": "2024-11-21T09:22:01.170",
"lastModified": "2025-03-14T15:15:41.037",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://github.com/yammerjp/awkblog/issues/1",

32
CVE-2024/CVE-2024-370xx/CVE-2024-37034.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-37034",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-26T22:15:03.853",
"lastModified": "2024-11-21T09:23:05.303",
"lastModified": "2025-03-14T16:15:31.970",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-326"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-326"
}
]
}
],
"configurations": [

32
CVE-2024/CVE-2024-374xx/CVE-2024-37407.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-37407",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-06-08T13:15:58.337",
"lastModified": "2024-11-21T09:23:47.870",
"lastModified": "2025-03-14T16:15:32.187",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-125"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [

32
CVE-2024/CVE-2024-374xx/CVE-2024-37471.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-37471",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-04T19:15:10.417",
"lastModified": "2024-11-21T09:23:53.823",
"lastModified": "2025-03-14T16:15:32.390",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -56,6 +56,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
@ -69,6 +89,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

32
CVE-2024/CVE-2024-376xx/CVE-2024-37671.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-37671",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-06-21T17:15:10.867",
"lastModified": "2024-11-21T09:24:12.727",
"lastModified": "2025-03-14T16:15:32.600",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

32
CVE-2024/CVE-2024-383xx/CVE-2024-38313.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-38313",
"sourceIdentifier": "security@mozilla.org",
"published": "2024-06-13T20:15:15.450",
"lastModified": "2024-11-21T09:25:21.687",
"lastModified": "2025-03-14T16:15:32.797",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-Other"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-451"
}
]
}
],
"configurations": [

32
CVE-2024/CVE-2024-391xx/CVE-2024-39118.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-39118",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-09T17:15:48.153",
"lastModified": "2024-11-21T09:27:12.257",
"lastModified": "2025-03-14T16:15:33.017",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -56,6 +56,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -69,6 +89,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

22
CVE-2024/CVE-2024-404xx/CVE-2024-40480.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-40480",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-12T13:38:29.003",
"lastModified": "2024-08-21T21:35:08.270",
"lastModified": "2025-03-14T16:15:33.230",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},

34
CVE-2024/CVE-2024-405xx/CVE-2024-40510.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-40510",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-27T15:15:14.820",
"lastModified": "2024-10-04T18:28:07.177",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-14T15:15:41.210",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 4.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 4.7
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

22
CVE-2024/CVE-2024-405xx/CVE-2024-40522.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-40522",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-12T16:15:05.080",
"lastModified": "2024-11-21T09:31:15.230",
"lastModified": "2025-03-14T15:15:41.427",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},

56
CVE-2024/CVE-2024-405xx/CVE-2024-40585.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-40585",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-03-14T16:15:33.400",
"lastModified": "2025-03-14T16:15:33.400",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An insertion of sensitive information into log file vulnerabilities [CWE-532] in FortiManager version 7.4.0, version 7.2.3 and below, version 7.0.8 and below, version 6.4.12 and below, version 6.2.11 and below and FortiAnalyzer version 7.4.0, version 7.2.3 and below, version 7.0.8 and below, version 6.4.12 and below, version 6.2.11 and below eventlog may allow any low privileged user with access to event log section to retrieve certificate private key and encrypted password logged as system log."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-532"
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-311",
"source": "psirt@fortinet.com"
}
]
}

56
CVE-2024/CVE-2024-405xx/CVE-2024-40590.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-40590",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-03-14T15:15:41.630",
"lastModified": "2025-03-14T15:15:41.630",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An\u00a0improper certificate validation vulnerability [CWE-295] in FortiPortal version 7.4.0, version 7.2.4 and below, version 7.0.8 and below, version 6.0.15 and below when connecting to a FortiManager device, a FortiAnalyzer device, or an SMTP server may allow an unauthenticated attacker in a Man-in-the-Middle position to intercept on and tamper with the encrypted communication channel established between the FortiPortal and those endpoints."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.2,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-295"
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-22-155",
"source": "psirt@fortinet.com"
}
]
}

32
CVE-2024/CVE-2024-407xx/CVE-2024-40737.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-40737",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-09T18:15:12.030",
"lastModified": "2024-11-21T09:31:32.700",
"lastModified": "2025-03-14T15:15:41.793",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

32
CVE-2024/CVE-2024-407xx/CVE-2024-40793.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-40793",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-07-29T23:15:12.337",
"lastModified": "2024-11-21T09:31:38.510",
"lastModified": "2025-03-14T16:15:33.573",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"configurations": [

32
CVE-2024/CVE-2024-408xx/CVE-2024-40807.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-40807",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-07-29T23:15:13.147",
"lastModified": "2024-11-21T09:31:40.537",
"lastModified": "2025-03-14T15:15:42.017",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-285"
}
]
}
],
"configurations": [

32
CVE-2024/CVE-2024-408xx/CVE-2024-40817.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-40817",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-07-29T23:15:13.647",
"lastModified": "2024-11-21T09:31:41.983",
"lastModified": "2025-03-14T16:15:33.773",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-1021"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1021"
}
]
}
],
"configurations": [

22
CVE-2024/CVE-2024-408xx/CVE-2024-40834.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-40834",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-07-29T23:15:14.413",
"lastModified": "2024-11-21T09:31:44.290",
"lastModified": "2025-03-14T16:15:33.970",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 2.5
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 2.5
}
]
},

24
CVE-2024/CVE-2024-408xx/CVE-2024-40865.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-40865",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-09-06T02:15:02.297",
"lastModified": "2024-09-19T17:58:37.370",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-14T16:15:34.170",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},

12
CVE-2024/CVE-2024-40xx/CVE-2024-4058.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-4058",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2024-05-01T13:15:52.200",
"lastModified": "2024-11-21T09:42:06.270",
"lastModified": "2025-03-14T15:15:44.400",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-843"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-843"
}
]
}
],
"configurations": [

32
CVE-2024/CVE-2024-411xx/CVE-2024-41143.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-41143",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2024-07-29T09:15:02.640",
"lastModified": "2024-11-21T09:32:18.823",
"lastModified": "2025-03-14T16:15:34.340",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-346"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-346"
}
]
}
],
"configurations": [

12
CVE-2024/CVE-2024-412xx/CVE-2024-41250.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-41250",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-07T17:15:51.837",
"lastModified": "2024-10-24T20:35:06.947",
"lastModified": "2025-03-14T16:15:34.530",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "NVD-CWE-Other"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"configurations": [

34
CVE-2024/CVE-2024-415xx/CVE-2024-41591.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41591",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-03T19:15:04.560",
"lastModified": "2024-10-08T15:34:46.453",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-14T16:15:34.730",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

22
CVE-2024/CVE-2024-422xx/CVE-2024-42222.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-42222",
"sourceIdentifier": "security@apache.org",
"published": "2024-08-07T08:16:12.473",
"lastModified": "2024-11-21T09:33:45.030",
"lastModified": "2025-03-14T16:15:34.940",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},

24
CVE-2024/CVE-2024-426xx/CVE-2024-42662.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-42662",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-20T15:15:23.090",
"lastModified": "2024-08-26T18:22:04.760",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-14T15:15:42.227",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},

34
CVE-2024/CVE-2024-441xx/CVE-2024-44187.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44187",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-09-17T00:15:52.037",
"lastModified": "2024-09-25T13:25:52.043",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-14T16:15:35.167",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-346"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-346"
}
]
}
],
"configurations": [

34
CVE-2024/CVE-2024-446xx/CVE-2024-44682.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44682",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-30T22:15:06.703",
"lastModified": "2024-09-04T16:38:36.817",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-14T16:15:35.357",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

22
CVE-2024/CVE-2024-449xx/CVE-2024-44930.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-44930",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-29T18:15:14.830",
"lastModified": "2024-09-04T19:35:13.800",
"lastModified": "2025-03-14T16:15:35.560",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},

24
CVE-2024/CVE-2024-455xx/CVE-2024-45537.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-45537",
"sourceIdentifier": "security@apache.org",
"published": "2024-09-17T19:15:28.157",
"lastModified": "2024-10-01T20:41:33.207",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-14T15:15:42.430",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},

56
CVE-2024/CVE-2024-456xx/CVE-2024-45638.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-45638",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-03-14T15:15:42.640",
"lastModified": "2025-03-14T15:15:42.640",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Security QRadar 3.12 EDR stores user credentials in plain text which can be read by a local privileged user."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 0.5,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-256"
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7185938",
"source": "psirt@us.ibm.com"
}
]
}

56
CVE-2024/CVE-2024-456xx/CVE-2024-45643.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-45643",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-03-14T15:15:42.820",
"lastModified": "2025-03-14T15:15:42.820",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Security QRadar 3.12 EDR uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt sensitive credential information."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-327"
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7185938",
"source": "psirt@us.ibm.com"
}
]
}

34
CVE-2024/CVE-2024-462xx/CVE-2024-46258.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-46258",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-01T14:15:05.667",
"lastModified": "2024-10-04T16:41:08.497",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-14T16:15:35.750",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

34
CVE-2024/CVE-2024-465xx/CVE-2024-46560.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-46560",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-18T15:15:17.160",
"lastModified": "2024-09-24T16:41:52.840",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-14T16:15:35.920",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-120"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [

34
CVE-2024/CVE-2024-465xx/CVE-2024-46580.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-46580",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-18T15:15:17.580",
"lastModified": "2024-09-24T16:42:09.207",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-14T15:15:42.990",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-120"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [

Some files were not shown because too many files have changed in this diff Show More