admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-04-10T20:00:20.012550+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-04-10 20:03:54 +00:00
parent 50a416aa0b
commit b667d5d07b
197 changed files with 7228 additions and 819 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
CVE-2021/CVE-2021-381xx/CVE-2021-38116.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-38116",
"sourceIdentifier": "security@opentext.com",
"published": "2024-11-22T16:15:18.663",
"lastModified": "2025-03-04T16:37:13.837",
"lastModified": "2025-04-10T18:39:46.610",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-77"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"configurations": [

32
CVE-2021/CVE-2021-381xx/CVE-2021-38119.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-38119",
"sourceIdentifier": "security@opentext.com",
"published": "2024-11-22T16:15:19.073",
"lastModified": "2025-03-04T16:32:30.387",
"lastModified": "2025-04-10T18:15:05.050",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-79"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

34
CVE-2022/CVE-2022-263xx/CVE-2022-26324.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-26324",
"sourceIdentifier": "security@opentext.com",
"published": "2024-11-22T16:15:19.470",
"lastModified": "2025-03-04T16:15:38.480",
"vulnStatus": "Analyzed",
"lastModified": "2025-04-10T19:54:25.537",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 4.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-79"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-326xx/CVE-2022-32623.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-32623",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-01-03T21:15:11.480",
"lastModified": "2024-11-21T07:06:45.390",
"lastModified": "2025-04-10T19:15:46.240",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-Other"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-326xx/CVE-2022-32635.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-32635",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-01-03T21:15:11.540",
"lastModified": "2024-11-21T07:06:46.823",
"lastModified": "2025-04-10T19:15:46.873",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-326xx/CVE-2022-32648.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-32648",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-01-03T21:15:12.073",
"lastModified": "2024-11-21T07:06:48.543",
"lastModified": "2025-04-10T19:15:47.057",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 0.5,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.5,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-662"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-662"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-326xx/CVE-2022-32649.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-32649",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-01-03T21:15:12.127",
"lastModified": "2024-11-21T07:06:48.673",
"lastModified": "2025-04-10T19:15:47.217",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-131"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-131"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-326xx/CVE-2022-32650.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-32650",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-01-03T21:15:12.173",
"lastModified": "2024-11-21T07:06:48.800",
"lastModified": "2025-04-10T18:15:42.543",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-131"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-131"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-326xx/CVE-2022-32651.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-32651",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-01-03T21:15:12.227",
"lastModified": "2024-11-21T07:06:48.920",
"lastModified": "2025-04-10T18:15:43.507",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-131"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-131"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-326xx/CVE-2022-32652.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-32652",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-01-03T21:15:12.273",
"lastModified": "2024-11-21T07:06:49.047",
"lastModified": "2025-04-10T18:15:43.723",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-20"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-326xx/CVE-2022-32653.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-32653",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-01-03T21:15:12.320",
"lastModified": "2024-11-21T07:06:49.197",
"lastModified": "2025-04-10T19:15:47.380",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-20"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-326xx/CVE-2022-32657.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-32657",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-01-03T21:15:12.370",
"lastModified": "2024-11-21T07:06:49.793",
"lastModified": "2025-04-10T19:15:47.543",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-755"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-755"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-326xx/CVE-2022-32658.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-32658",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-01-03T21:15:12.553",
"lastModified": "2024-11-21T07:06:49.923",
"lastModified": "2025-04-10T19:15:47.710",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-755"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-755"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-326xx/CVE-2022-32659.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-32659",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-01-03T21:15:12.603",
"lastModified": "2024-11-21T07:06:50.060",
"lastModified": "2025-04-10T19:15:47.907",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-755"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-755"
}
]
}
],
"configurations": [

22
CVE-2022/CVE-2022-32xx/CVE-2022-3241.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-3241",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-02T22:15:15.480",
"lastModified": "2024-11-21T07:19:07.520",
"lastModified": "2025-04-10T19:15:48.770",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},

14
CVE-2022/CVE-2022-346xx/CVE-2022-34678.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-34678",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2022-12-30T23:15:10.073",
"lastModified": "2024-11-21T07:09:58.047",
"lastModified": "2025-04-10T19:15:48.093",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -62,7 +62,7 @@
"weaknesses": [
{
"source": "psirt@nvidia.com",
"type": "Secondary",
"type": "Primary",
"description": [
{
"lang": "en",
@ -72,6 +72,16 @@
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Primary",
"description": [
{

16
CVE-2022/CVE-2022-346xx/CVE-2022-34680.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-34680",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2022-12-30T23:15:10.247",
"lastModified": "2024-11-21T07:09:58.323",
"lastModified": "2025-04-10T19:15:48.297",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -62,7 +62,7 @@
"weaknesses": [
{
"source": "psirt@nvidia.com",
"type": "Secondary",
"type": "Primary",
"description": [
{
"lang": "en",
@ -72,13 +72,23 @@
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-681"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-197"
}
]
}
],
"configurations": [

14
CVE-2022/CVE-2022-346xx/CVE-2022-34681.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-34681",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2022-12-30T23:15:10.337",
"lastModified": "2024-11-21T07:09:58.473",
"lastModified": "2025-04-10T19:15:48.493",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -62,7 +62,7 @@
"weaknesses": [
{
"source": "psirt@nvidia.com",
"type": "Secondary",
"type": "Primary",
"description": [
{
"lang": "en",
@ -72,6 +72,16 @@
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Primary",
"description": [
{

22
CVE-2022/CVE-2022-38xx/CVE-2022-3860.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-3860",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-02T22:15:15.563",
"lastModified": "2024-11-21T07:20:22.943",
"lastModified": "2025-04-10T19:15:48.953",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},

22
CVE-2022/CVE-2022-39xx/CVE-2022-3911.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-3911",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-02T22:15:15.627",
"lastModified": "2024-11-21T07:20:30.987",
"lastModified": "2025-04-10T19:15:49.113",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},

22
CVE-2022/CVE-2022-39xx/CVE-2022-3994.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-3994",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-02T22:15:15.760",
"lastModified": "2024-11-21T07:20:41.760",
"lastModified": "2025-04-10T19:15:49.270",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},

22
CVE-2022/CVE-2022-40xx/CVE-2022-4049.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4049",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-02T22:15:15.827",
"lastModified": "2024-11-21T07:34:30.693",
"lastModified": "2025-04-10T19:15:50.447",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},

22
CVE-2022/CVE-2022-40xx/CVE-2022-4057.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4057",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-02T22:15:15.890",
"lastModified": "2024-11-21T07:34:31.470",
"lastModified": "2025-04-10T18:15:45.127",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},

22
CVE-2022/CVE-2022-40xx/CVE-2022-4099.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4099",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-02T22:15:16.010",
"lastModified": "2024-11-21T07:34:34.890",
"lastModified": "2025-04-10T19:15:50.607",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},

22
CVE-2022/CVE-2022-41xx/CVE-2022-4109.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4109",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-02T22:15:16.077",
"lastModified": "2024-11-21T07:34:35.953",
"lastModified": "2025-04-10T19:15:50.757",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.2,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 2.7,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.2,
"impactScore": 1.4
}
]
},

22
CVE-2022/CVE-2022-41xx/CVE-2022-4114.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4114",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-02T22:15:16.143",
"lastModified": "2024-11-21T07:34:36.383",
"lastModified": "2025-04-10T19:15:50.920",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},

22
CVE-2022/CVE-2022-41xx/CVE-2022-4140.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4140",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-02T22:15:16.287",
"lastModified": "2025-02-20T18:34:50.990",
"lastModified": "2025-04-10T19:15:51.080",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},

22
CVE-2022/CVE-2022-41xx/CVE-2022-4142.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4142",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-02T22:15:16.360",
"lastModified": "2024-11-21T07:34:39.457",
"lastModified": "2025-04-10T19:15:51.237",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},

22
CVE-2022/CVE-2022-41xx/CVE-2022-4198.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4198",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-02T22:15:16.433",
"lastModified": "2024-11-21T07:34:45.897",
"lastModified": "2025-04-10T19:15:51.387",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},

22
CVE-2022/CVE-2022-42xx/CVE-2022-4200.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4200",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-02T22:15:16.500",
"lastModified": "2024-11-21T07:34:46.130",
"lastModified": "2025-04-10T19:15:51.547",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},

22
CVE-2022/CVE-2022-42xx/CVE-2022-4236.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4236",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-02T22:15:16.567",
"lastModified": "2025-02-20T18:34:50.990",
"lastModified": "2025-04-10T19:15:51.700",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},

22
CVE-2022/CVE-2022-42xx/CVE-2022-4237.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4237",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-02T22:15:16.630",
"lastModified": "2025-02-20T18:34:50.990",
"lastModified": "2025-04-10T19:15:51.863",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},

22
CVE-2022/CVE-2022-42xx/CVE-2022-4256.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4256",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-02T22:15:16.690",
"lastModified": "2024-11-21T07:34:53.157",
"lastModified": "2025-04-10T19:15:52.033",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},

22
CVE-2022/CVE-2022-42xx/CVE-2022-4260.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4260",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-02T22:15:16.750",
"lastModified": "2024-11-21T07:34:53.680",
"lastModified": "2025-04-10T19:15:52.187",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},

22
CVE-2022/CVE-2022-42xx/CVE-2022-4298.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4298",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-02T22:15:16.873",
"lastModified": "2024-11-21T07:34:57.987",
"lastModified": "2025-04-10T19:15:52.410",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},

32
CVE-2022/CVE-2022-434xx/CVE-2022-43448.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-43448",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-01-03T03:15:10.347",
"lastModified": "2024-11-21T07:26:30.310",
"lastModified": "2025-04-10T18:15:44.190",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

22
CVE-2022/CVE-2022-43xx/CVE-2022-4302.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4302",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-02T22:15:16.933",
"lastModified": "2024-11-21T07:34:58.417",
"lastModified": "2025-04-10T19:15:52.590",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},

22
CVE-2022/CVE-2022-43xx/CVE-2022-4324.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4324",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-02T22:15:16.993",
"lastModified": "2024-11-21T07:35:02.530",
"lastModified": "2025-04-10T19:15:52.770",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},

22
CVE-2022/CVE-2022-43xx/CVE-2022-4329.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4329",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-02T22:15:17.060",
"lastModified": "2024-11-21T07:35:03.950",
"lastModified": "2025-04-10T18:15:45.340",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},

22
CVE-2022/CVE-2022-43xx/CVE-2022-4340.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4340",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-02T22:15:17.127",
"lastModified": "2024-11-21T07:35:05.203",
"lastModified": "2025-04-10T19:15:53.030",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},

22
CVE-2022/CVE-2022-43xx/CVE-2022-4352.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4352",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-02T22:15:17.250",
"lastModified": "2024-11-21T07:35:06.850",
"lastModified": "2025-04-10T19:15:53.210",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},

26
CVE-2022/CVE-2022-43xx/CVE-2022-4355.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4355",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-02T22:15:17.310",
"lastModified": "2024-11-21T07:35:07.267",
"lastModified": "2025-04-10T19:15:53.390",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
@ -87,6 +107,10 @@
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://wpscan.com/vulnerability/221bf87b-69e2-4c53-971e-8516b798c759/",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

26
CVE-2022/CVE-2022-43xx/CVE-2022-4356.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4356",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-02T22:15:17.373",
"lastModified": "2024-11-21T07:35:07.397",
"lastModified": "2025-04-10T19:15:53.577",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
@ -87,6 +107,10 @@
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://wpscan.com/vulnerability/27a8d7cb-e179-408e-af13-8722ab41947b/",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

26
CVE-2022/CVE-2022-43xx/CVE-2022-4357.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4357",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-02T22:15:17.433",
"lastModified": "2024-11-21T07:35:07.523",
"lastModified": "2025-04-10T19:15:53.733",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -87,6 +107,10 @@
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://wpscan.com/vulnerability/4d1c0886-11f7-494f-b175-691253f46626/",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

26
CVE-2022/CVE-2022-43xx/CVE-2022-4360.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4360",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-02T22:15:17.617",
"lastModified": "2024-11-21T07:35:07.870",
"lastModified": "2025-04-10T19:15:53.903",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
@ -99,6 +119,10 @@
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://wpscan.com/vulnerability/40c420aa-5da0-42f9-a94f-f68ef57fcdae/",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

22
CVE-2022/CVE-2022-43xx/CVE-2022-4369.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4369",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-02T22:15:17.740",
"lastModified": "2024-11-21T07:35:08.817",
"lastModified": "2025-04-10T19:15:54.103",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},

22
CVE-2022/CVE-2022-43xx/CVE-2022-4372.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4372",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-02T22:15:17.927",
"lastModified": "2024-11-21T07:35:09.147",
"lastModified": "2025-04-10T18:15:45.533",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},

22
CVE-2022/CVE-2022-43xx/CVE-2022-4373.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4373",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-02T22:15:17.987",
"lastModified": "2024-11-21T07:35:09.263",
"lastModified": "2025-04-10T19:15:54.287",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},

22
CVE-2022/CVE-2022-444xx/CVE-2022-44437.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-44437",
"sourceIdentifier": "security@unisoc.com",
"published": "2023-01-04T10:15:12.987",
"lastModified": "2024-11-21T07:28:01.323",
"lastModified": "2025-04-10T19:15:49.510",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},

22
CVE-2022/CVE-2022-44xx/CVE-2022-4417.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4417",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-02T22:15:18.110",
"lastModified": "2024-11-21T07:35:13.863",
"lastModified": "2025-04-10T19:15:54.483",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},

32
CVE-2022/CVE-2022-471xx/CVE-2022-47116.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-47116",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-12-30T21:15:11.100",
"lastModified": "2024-11-21T07:31:30.833",
"lastModified": "2025-04-10T18:15:44.877",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-471xx/CVE-2022-47118.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-47118",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-12-30T21:15:11.203",
"lastModified": "2024-11-21T07:31:31.140",
"lastModified": "2025-04-10T19:15:49.883",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-481xx/CVE-2022-48194.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-48194",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-12-30T07:15:07.963",
"lastModified": "2024-11-21T07:32:57.493",
"lastModified": "2025-04-10T19:15:50.080",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-434"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"configurations": [

12
CVE-2022/CVE-2022-481xx/CVE-2022-48196.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-48196",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-12-30T08:15:07.900",
"lastModified": "2024-11-21T07:32:57.783",
"lastModified": "2025-04-10T19:15:50.267",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-120"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-237xx/CVE-2023-23730.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-23730",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-06-03T22:15:08.840",
"lastModified": "2025-03-01T02:13:43.603",
"lastModified": "2025-04-10T18:38:28.580",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-307"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-307"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-237xx/CVE-2023-23738.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-23738",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-06-03T22:15:09.350",
"lastModified": "2025-03-01T02:09:02.903",
"lastModified": "2025-04-10T18:55:39.707",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-74"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
}
]
}
],
"configurations": [

8
CVE-2023/CVE-2023-258xx/CVE-2023-25829.json
View File

@ -2,20 +2,20 @@
"id": "CVE-2023-25829",
"sourceIdentifier": "psirt@esri.com",
"published": "2023-05-09T17:15:10.387",
"lastModified": "2024-11-21T07:50:17.027",
"lastModified": "2025-04-10T19:15:55.243",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an unvalidated redirect vulnerability in Esri Portal for ArcGIS 11.0 and 10.9.1 that may allow a remote, unauthenticated attacker to craft a URL that could redirect a victim to an arbitrary website, simplifying phishing attacks."
"value": "There is an unvalidated redirect vulnerability in Esri Portal for ArcGIS 11.0 and below that may allow a remote, unauthenticated attacker to craft a URL that could redirect a victim to an arbitrary website, simplifying phishing attacks."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
@ -38,7 +38,7 @@
"weaknesses": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

8
CVE-2023/CVE-2023-258xx/CVE-2023-25830.json
View File

@ -2,20 +2,20 @@
"id": "CVE-2023-25830",
"sourceIdentifier": "psirt@esri.com",
"published": "2023-05-09T17:15:10.567",
"lastModified": "2024-11-21T07:50:17.150",
"lastModified": "2025-04-10T19:15:55.417",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a reflected XSS vulnerability in Esri Portal for ArcGIS versions 10.9.1, 10.8.1 and 10.7.1 which may allow a remote, unauthenticated attacker to create a crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser."
"value": "There is a reflected XSS vulnerability in Esri Portal for ArcGIS versions 10.9.1and before which may allow a remote, unauthenticated attacker to create a crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
@ -38,7 +38,7 @@
"weaknesses": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

8
CVE-2023/CVE-2023-258xx/CVE-2023-25831.json
View File

@ -2,20 +2,20 @@
"id": "CVE-2023-25831",
"sourceIdentifier": "psirt@esri.com",
"published": "2023-05-09T21:15:11.513",
"lastModified": "2024-11-21T07:50:17.263",
"lastModified": "2025-04-10T19:15:55.533",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a reflected XSS vulnerability in Esri Portal for ArcGIS versions 10.9.1, 10.8.1 and 10.7.1 which may allow a remote, unauthenticated attacker to create a crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser.\n"
"value": "There is a reflected XSS vulnerability in Esri Portal for ArcGIS versions 10.9.1and below which may allow a remote, unauthenticated attacker to create a crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
@ -38,7 +38,7 @@
"weaknesses": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

6
CVE-2023/CVE-2023-258xx/CVE-2023-25835.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2023-25835",
"sourceIdentifier": "psirt@esri.com",
"published": "2023-07-21T00:15:10.343",
"lastModified": "2024-11-21T07:50:17.737",
"lastModified": "2025-04-10T19:15:56.030",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a stored Cross-site Scripting vulnerability\u00a0in Esri Portal for ArcGIS Enterprise Sites versions 10.8.1 \u2013 11.1 that may allow a remote, authenticated attacker to create a crafted link that is stored in the site configuration which when clicked could potentially execute arbitrary JavaScript code in the victims browser. \u00a0The privileges required to execute this attack are high. The impact to Confidentiality, Integrity and Availability are High."
"value": "There is a stored Cross-site Scripting vulnerability\u00a0in Esri Portal for ArcGIS Sites versions 11.1 and below that may allow a remote, authenticated attacker to create a crafted link that is stored in the site configuration which when clicked could potentially execute arbitrary JavaScript code in the victims browser. \u00a0The privileges required to execute this attack are high. The impact to Confidentiality, Integrity and Availability are High."
}
],
"metrics": {
@ -58,7 +58,7 @@
"weaknesses": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

8
CVE-2023/CVE-2023-258xx/CVE-2023-25836.json
View File

@ -2,20 +2,20 @@
"id": "CVE-2023-25836",
"sourceIdentifier": "psirt@esri.com",
"published": "2023-07-21T04:15:11.917",
"lastModified": "2024-11-21T07:50:17.870",
"lastModified": "2025-04-10T19:15:56.163",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Cross-site Scripting vulnerability\u00a0in Esri Portal Sites in versions 10.8.1 \u2013 10.9 that may allow a remote, authenticated attacker to create a crafted link which when clicked could potentially execute arbitrary JavaScript code in the victims browser. \u00a0The privileges required to execute this attack are low."
"value": "There is a Cross-site Scripting vulnerability\u00a0in Esri Portal for ArcGIS Sites in versions 10.9 and below that may allow a remote, authenticated attacker to create a crafted link which when clicked could potentially execute arbitrary JavaScript code in the victims browser. \u00a0The privileges required to execute this attack are low."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
@ -38,7 +38,7 @@
"weaknesses": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

6
CVE-2023/CVE-2023-258xx/CVE-2023-25837.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2023-25837",
"sourceIdentifier": "psirt@esri.com",
"published": "2023-07-21T04:15:12.377",
"lastModified": "2024-11-21T07:50:18.000",
"lastModified": "2025-04-10T19:15:56.290",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Cross-site Scripting vulnerability\u00a0in Esri ArcGIS Enterprise Sites versions 10.8.1 \u2013 10.9 that may allow a remote, authenticated attacker to create a crafted link which when clicked by a victim could potentially execute arbitrary JavaScript code in the target's browser. \u00a0The privileges required to execute this attack are high.\u00a0 \u00a0\n\nThe impact to Confidentiality, Integrity and Availability are High."
"value": "There is a Cross-site Scripting vulnerability\u00a0in Esri ArcGIS Enterprise Sites versions 10.9 and below that may allow a remote, authenticated attacker to create a crafted link which when clicked by a victim could potentially execute arbitrary JavaScript code in the target's browser. \u00a0The privileges required to execute this attack are high.\u00a0 \u00a0\n\nThe impact to Confidentiality, Integrity and Availability are High."
}
],
"metrics": {
@ -58,7 +58,7 @@
"weaknesses": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

6
CVE-2023/CVE-2023-258xx/CVE-2023-25840.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2023-25840",
"sourceIdentifier": "psirt@esri.com",
"published": "2023-07-21T19:15:10.160",
"lastModified": "2024-11-21T07:50:18.357",
"lastModified": "2025-04-10T19:15:56.427",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Cross-site Scripting vulnerability\u00a0in ArcGIS Server in versions 10.8.1 \u2013 11.1 that may allow a remote, authenticated attacker to create a crafted link which onmouseover wont execute but could potentially render an image in the victims browser. \u00a0The privileges required to execute this attack are high."
"value": "There is a Cross-site Scripting vulnerability\u00a0in ArcGIS Server in versions 11.1 and below that may allow a remote, authenticated attacker to create a crafted link which onmouseover wont execute but could potentially render an image in the victims browser. \u00a0The privileges required to execute this attack are high."
}
],
"metrics": {
@ -58,7 +58,7 @@
"weaknesses": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

6
CVE-2023/CVE-2023-258xx/CVE-2023-25841.json
View File

@ -2,20 +2,20 @@
"id": "CVE-2023-25841",
"sourceIdentifier": "psirt@esri.com",
"published": "2023-07-21T19:15:10.260",
"lastModified": "2024-11-21T07:50:18.480",
"lastModified": "2025-04-10T19:15:56.570",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a stored Cross-site Scripting vulnerability in Esri ArcGIS Server versions 10.8.1 \u2013 11.0 on Windows and Linux platforms that may allow a remote, unauthenticated attacker to create crafted content which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser.\n\nMitigation: Disable anonymous access to ArcGIS Feature services with edit capabilities."
"value": "There is a stored Cross-site Scripting vulnerability in Esri ArcGIS Server versions 11.0 and below on Windows and Linux platforms that may allow a remote, unauthenticated attacker to create crafted content which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser.\n\nMitigation: Disable anonymous access to ArcGIS Feature services with edit capabilities."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",

70
CVE-2023/CVE-2023-288xx/CVE-2023-28831.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28831",
"sourceIdentifier": "productcert@siemens.com",
"published": "2023-09-12T10:15:27.230",
"lastModified": "2024-11-21T07:56:06.617",
"vulnStatus": "Modified",
"lastModified": "2025-04-10T18:15:29.273",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-190"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
],
"configurations": [
@ -2268,15 +2298,27 @@
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-118850.html",
"source": "productcert@siemens.com"
"source": "productcert@siemens.com",
"tags": [
"Mitigation",
"Vendor Advisory"
]
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-711309.html",
"source": "productcert@siemens.com"
"source": "productcert@siemens.com",
"tags": [
"Mitigation",
"Vendor Advisory"
]
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-118850.pdf",
"source": "productcert@siemens.com"
"source": "productcert@siemens.com",
"tags": [
"Mitigation",
"Vendor Advisory"
]
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-711309.pdf",
@ -2287,15 +2329,27 @@
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-118850.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
]
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-711309.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
]
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-118850.pdf",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
]
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-711309.pdf",

12
CVE-2023/CVE-2023-331xx/CVE-2023-33140.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33140",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-06-14T00:15:12.433",
"lastModified": "2025-03-19T20:15:17.950",
"vulnStatus": "Modified",
"lastModified": "2025-04-10T19:19:37.367",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -35,7 +35,7 @@
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
@ -105,7 +105,11 @@
},
{
"url": "https://github.com/WlX-33/PoC-for-CVE/blob/main/CVE-2023-33140/Microsoft%20OneNote%20(Version%202305%20Build%2016.0.16501.20074)%2064-bit%20-%20Spoofing%20Vulnerability.txt",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33140",

22
CVE-2023/CVE-2023-412xx/CVE-2023-41243.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-41243",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-05-17T07:15:58.823",
"lastModified": "2025-02-28T15:09:59.830",
"lastModified": "2025-04-10T18:44:05.613",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},

24
CVE-2023/CVE-2023-416xx/CVE-2023-41665.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41665",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-05-17T07:15:59.170",
"lastModified": "2025-03-05T19:13:33.407",
"vulnStatus": "Analyzed",
"lastModified": "2025-04-10T19:54:31.843",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},

32
CVE-2023/CVE-2023-455xx/CVE-2023-45598.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-45598",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2024-03-05T12:15:47.277",
"lastModified": "2025-03-03T22:38:57.923",
"lastModified": "2025-04-10T19:17:40.870",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-425"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-425"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-478xx/CVE-2023-47802.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-47802",
"sourceIdentifier": "security@synology.com",
"published": "2024-06-28T06:15:03.220",
"lastModified": "2025-03-04T18:46:30.623",
"lastModified": "2025-04-10T19:11:39.490",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-78"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-478xx/CVE-2023-47803.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-47803",
"sourceIdentifier": "security@synology.com",
"published": "2024-06-28T06:15:04.833",
"lastModified": "2025-03-04T18:46:08.350",
"lastModified": "2025-04-10T18:38:20.383",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-22"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [

38
CVE-2023/CVE-2023-513xx/CVE-2023-51333.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51333",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-20T18:15:24.077",
"lastModified": "2025-02-21T22:15:11.257",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-10T19:56:32.980",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,18 +51,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phpjabbers:cinema_booking_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9B370F2F-0868-4A2F-B652-9DDB25180A66"
}
]
}
]
}
],
"references": [
{
"url": "https://packetstorm.news/files/id/176511",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://www.phpjabbers.com/cinema-booking-system/#sectionDemo",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://packetstorm.news/files/id/176511",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

32
CVE-2023/CVE-2023-513xx/CVE-2023-51335.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51335",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-20T18:15:24.347",
"lastModified": "2025-02-20T20:15:45.490",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-10T19:37:31.427",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phpjabbers:cinema_booking_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9B370F2F-0868-4A2F-B652-9DDB25180A66"
}
]
}
]
}
],
"references": [
{
"url": "https://packetstorm.news/files/id/176508",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://www.phpjabbers.com/cinema-booking-system/#sectionDemo",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

38
CVE-2023/CVE-2023-513xx/CVE-2023-51336.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51336",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-20T19:15:11.240",
"lastModified": "2025-02-21T22:15:11.413",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-10T19:35:06.937",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,18 +51,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phpjabbers:meeting_room_booking_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4C1FBE70-95C6-46C5-9BD9-EDA9630E1851"
}
]
}
]
}
],
"references": [
{
"url": "https://packetstorm.news/files/id/176518",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://www.phpjabbers.com/meeting-room-booking-system/#sectionDemo",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://packetstorm.news/files/id/176518",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

38
CVE-2023/CVE-2023-513xx/CVE-2023-51337.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51337",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-20T19:15:11.340",
"lastModified": "2025-02-21T22:15:11.570",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-10T19:32:46.327",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,18 +51,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phpjabbers:event_ticketing_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C2D66142-CE36-42B4-8198-4487F8604086"
}
]
}
]
}
],
"references": [
{
"url": "https://packetstorm.news/files/id/176516",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://www.phpjabbers.com/event-ticketing-system/#sectionDemo",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://packetstorm.news/files/id/176516",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

38
CVE-2023/CVE-2023-513xx/CVE-2023-51338.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51338",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-20T19:15:11.423",
"lastModified": "2025-02-21T22:15:11.730",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-10T19:31:02.920",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,18 +51,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phpjabbers:meeting_room_booking_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4C1FBE70-95C6-46C5-9BD9-EDA9630E1851"
}
]
}
]
}
],
"references": [
{
"url": "https://packetstorm.news/files/id/176517",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://www.phpjabbers.com/meeting-room-booking-system/#sectionDemo",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://packetstorm.news/files/id/176517",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

34
CVE-2023/CVE-2023-61xx/CVE-2023-6191.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-6191",
"sourceIdentifier": "iletisim@usom.gov.tr",
"published": "2024-03-29T12:15:07.907",
"lastModified": "2025-03-19T14:45:55.020",
"lastModified": "2025-04-10T18:55:13.777",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -36,13 +36,43 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "iletisim@usom.gov.tr",
"type": "Secondary",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",

32
CVE-2024/CVE-2024-113xx/CVE-2024-11316.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-11316",
"sourceIdentifier": "cybersecurity@ch.abb.com",
"published": "2024-12-05T13:15:04.863",
"lastModified": "2025-02-27T17:04:53.027",
"lastModified": "2025-04-10T19:18:24.977",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -80,6 +80,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -93,6 +113,16 @@
"value": "CWE-770"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"configurations": [

32
CVE-2024/CVE-2024-113xx/CVE-2024-11317.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-11317",
"sourceIdentifier": "cybersecurity@ch.abb.com",
"published": "2024-12-05T13:15:05.747",
"lastModified": "2025-02-27T17:07:01.000",
"lastModified": "2025-04-10T18:15:18.053",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -80,6 +80,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.8
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N",
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 5.8
}
]
},
@ -93,6 +113,16 @@
"value": "CWE-384"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-384"
}
]
}
],
"configurations": [

31
CVE-2024/CVE-2024-138xx/CVE-2024-13874.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-13874",
"sourceIdentifier": "contact@wpscan.com",
"published": "2025-04-10T07:15:41.080",
"lastModified": "2025-04-10T07:15:41.080",
"lastModified": "2025-04-10T19:15:56.893",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
@ -11,11 +11,38 @@
"value": "The Feedify WordPress plugin before 2.4.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"references": [
{
"url": "https://wpscan.com/vulnerability/c808e7cf-3285-402b-ab4f-a40ab822b12e/",
"source": "contact@wpscan.com"
},
{
"url": "https://wpscan.com/vulnerability/c808e7cf-3285-402b-ab4f-a40ab822b12e/",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

40
CVE-2024/CVE-2024-138xx/CVE-2024-13875.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-13875",
"sourceIdentifier": "contact@wpscan.com",
"published": "2025-03-20T06:15:20.620",
"lastModified": "2025-03-20T20:15:30.417",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-10T18:48:13.183",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -39,10 +39,44 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mantus667:wp-pmanager:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.2",
"matchCriteriaId": "9F48C16A-0C7F-45BE-B7A9-18D50CD99EEF"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/82c54fb5-f1d9-4bae-a3de-d4335809b81c/",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

32
CVE-2024/CVE-2024-13xx/CVE-2024-1303.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-1303",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-03-12T16:15:07.590",
"lastModified": "2025-02-26T15:44:21.173",
"lastModified": "2025-04-10T19:18:20.000",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-22"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [

22
CVE-2024/CVE-2024-19xx/CVE-2024-1965.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-1965",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-02-28T13:15:07.987",
"lastModified": "2025-03-04T14:48:17.160",
"lastModified": "2025-04-10T19:26:56.720",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},

24
CVE-2024/CVE-2024-210xx/CVE-2024-21028.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21028",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2024-04-16T22:15:18.350",
"lastModified": "2025-03-20T14:15:19.000",
"vulnStatus": "Modified",
"lastModified": "2025-04-10T19:53:40.083",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},

24
CVE-2024/CVE-2024-210xx/CVE-2024-21048.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21048",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2024-04-16T22:15:21.810",
"lastModified": "2025-03-19T18:15:20.043",
"vulnStatus": "Modified",
"lastModified": "2025-04-10T18:14:41.803",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},

24
CVE-2024/CVE-2024-211xx/CVE-2024-21127.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21127",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2024-07-16T23:15:12.370",
"lastModified": "2025-03-20T22:15:12.713",
"vulnStatus": "Modified",
"lastModified": "2025-04-10T18:54:43.840",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
]
},

24
CVE-2024/CVE-2024-211xx/CVE-2024-21141.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21141",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2024-07-16T23:15:15.230",
"lastModified": "2025-03-20T15:15:41.383",
"vulnStatus": "Modified",
"lastModified": "2025-04-10T18:14:00.180",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.5,
"impactScore": 6.0
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.5,
"impactScore": 6.0
}
]
},

24
CVE-2024/CVE-2024-211xx/CVE-2024-21149.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21149",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2024-07-16T23:15:16.840",
"lastModified": "2025-03-20T21:15:20.070",
"vulnStatus": "Modified",
"lastModified": "2025-04-10T19:34:07.747",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
}
]
},

390
CVE-2024/CVE-2024-216xx/CVE-2024-21683.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21683",
"sourceIdentifier": "security@atlassian.com",
"published": "2024-05-21T23:15:07.923",
"lastModified": "2025-03-14T21:15:36.697",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-10T19:54:01.040",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
@ -36,17 +36,399 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:lts:*:*:*",
"versionStartIncluding": "7.19.0",
"versionEndExcluding": "7.19.24",
"matchCriteriaId": "D7B3C669-9F09-41DF-BBE7-924A59EDC2DE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.20.0",
"versionEndIncluding": "7.20.3",
"matchCriteriaId": "CA11366E-1323-4E23-BC48-98E5A278ACBC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.0.0",
"versionEndIncluding": "8.0.4",
"matchCriteriaId": "3E04D444-3EB1-4738-B7E2-5B7AE2E5E362"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.1.0",
"versionEndIncluding": "8.1.4",
"matchCriteriaId": "1F0C549F-BE94-4E69-AD21-7472364DCDEE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.2.0",
"versionEndIncluding": "8.2.3",
"matchCriteriaId": "0850948D-AE6D-4DCA-9BA0-9980E6BFC202"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.3.0",
"versionEndIncluding": "8.3.4",
"matchCriteriaId": "63D5B3B0-7F7E-49B6-8C2D-FF4D824A9315"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.4.0",
"versionEndIncluding": "8.4.5",
"matchCriteriaId": "57BDBED4-B502-444B-8C8C-EDC8CD0717F1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:lts:*:*:*",
"versionStartIncluding": "8.5.0",
"versionEndExcluding": "8.5.11",
"matchCriteriaId": "9551EBA1-2B49-4420-867D-2B20C76C41C4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.6.0",
"versionEndIncluding": "8.6.2",
"matchCriteriaId": "A28B7617-2765-4C27-AC74-8C583ABF1977"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.9.0",
"versionEndExcluding": "8.9.3",
"matchCriteriaId": "6F595865-0E49-45DC-B30F-F0AFEE524F07"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:confluence_data_center:8.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D0A3DA1F-C35D-464A-8E01-B2D8F05F85A0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:confluence_data_center:8.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1147BC2D-633D-40BB-8303-53D5FE8CB0FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:confluence_data_center:8.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3F13F5EE-7BAE-4F46-ACDD-65155EF457F8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:confluence_data_center:8.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3AFB1065-37A0-49ED-BA0A-F2F01797F45A"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:confluence_server:*:*:*:*:lts:*:*:*",
"versionStartIncluding": "7.19.0",
"versionEndExcluding": "7.19.24",
"matchCriteriaId": "CD7F7846-0310-483C-8F99-899ABBBB020E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.20.0",
"versionEndIncluding": "7.20.3",
"matchCriteriaId": "72EB6154-9A86-4A14-A341-D357D9FCB0DF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.0.0",
"versionEndIncluding": "8.0.4",
"matchCriteriaId": "ACE3F2DE-01CD-4CBC-B8F5-86ACCA6DC62A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.1.0",
"versionEndIncluding": "8.1.4",
"matchCriteriaId": "8201C848-0F3F-42B3-9430-A628CFC96B1B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.2.0",
"versionEndIncluding": "8.2.3",
"matchCriteriaId": "4451E75A-00F4-4AC2-BE18-CCB1471B88BF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.3.0",
"versionEndIncluding": "8.3.4",
"matchCriteriaId": "D5FF2B9F-070E-458F-BD17-20A4ECBEAD72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.4.0",
"versionEndIncluding": "8.4.5",
"matchCriteriaId": "71CE6EAD-724D-49C4-BE5A-C45884C1F237"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:confluence_server:*:*:*:*:lts:*:*:*",
"versionStartIncluding": "8.5.0",
"versionEndExcluding": "8.5.11",
"matchCriteriaId": "4C148D09-E45D-473E-9794-6C9AD0FC0AE6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.6.0",
"versionEndIncluding": "8.6.2",
"matchCriteriaId": "BA046009-AC63-4DF2-90E0-38873BD4614E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.9.0",
"versionEndIncluding": "8.9.2",
"matchCriteriaId": "5361DD21-10D1-4FBB-A358-61C0836BEDE1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:confluence_server:8.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB0C806-A61F-4238-BE92-25FD9B771EFA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:confluence_server:8.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C1245106-DD17-410F-963D-6877C19ED65D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:confluence_server:8.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4F9DEA9-BBB4-4205-9557-CAD0184DA3F4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:confluence_server:8.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7228BE60-B856-4C52-B7A5-014D1768CD33"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:fisheye:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.8.0",
"versionEndExcluding": "4.8.15",
"matchCriteriaId": "5D4B4DC7-D3A9-4A0C-9C9B-68711F2472AA"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:crucible:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.8.0",
"versionEndExcluding": "4.8.15",
"matchCriteriaId": "EA6AF694-D9E9-47C3-B8FB-643163511825"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_data_center:*:*:*:*:lts:*:*:*",
"versionStartIncluding": "9.4.0",
"versionEndExcluding": "9.4.21",
"matchCriteriaId": "78397A02-75F9-487F-927F-FE6AFE5E7093"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_data_center:*:*:*:*:lts:*:*:*",
"versionStartIncluding": "9.12.0",
"versionEndExcluding": "9.12.8",
"matchCriteriaId": "F445667E-4ED3-4678-A4CF-967256B1B971"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_server:*:*:*:*:lts:*:*:*",
"versionStartIncluding": "9.4.0",
"versionEndExcluding": "9.4.21",
"matchCriteriaId": "3987D09A-187F-4830-BF59-D1AC122A9A25"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_server:*:*:*:*:lts:*:*:*",
"versionStartIncluding": "9.12.0",
"versionEndExcluding": "9.12.8",
"matchCriteriaId": "C7030689-7B4A-45C7-830B-6DCA8D621C1A"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:*:*:*:*:data_center:*:*:*",
"versionStartIncluding": "5.4.0",
"versionEndExcluding": "5.4.21",
"matchCriteriaId": "52690604-A588-4FF9-AC7B-AAD650341830"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:*:*:*:*:data_center:*:*:*",
"versionStartIncluding": "5.12.0",
"versionEndExcluding": "5.12.8",
"matchCriteriaId": "85E5EC00-D5EA-4F73-9863-D0E49B876758"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:*:*:*:*:data_center:*:*:*",
"versionStartIncluding": "5.15.2",
"versionEndExcluding": "5.16.0",
"matchCriteriaId": "8C9730C4-AC8D-4090-BD5A-9C84FEBF45C5"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:*:*:*:*:server:*:*:*",
"versionStartIncluding": "5.4.0",
"versionEndExcluding": "5.4.21",
"matchCriteriaId": "4653B8B5-A878-4652-A33D-F33A1A8FF467"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:*:*:*:*:server:*:*:*",
"versionStartIncluding": "5.12.0",
"versionEndExcluding": "5.12.8",
"matchCriteriaId": "6BD985F0-7250-4ACA-8060-8361F1FB94BE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:5.15.2:*:*:*:server:*:*:*",
"matchCriteriaId": "0EB3116A-C1A0-4CA8-9404-FB705DE5B14A"
}
]
}
]
}
],
"references": [
{
"url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1409286211",
"source": "security@atlassian.com"
"source": "security@atlassian.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://jira.atlassian.com/browse/CONFSERVER-95832",
"source": "security@atlassian.com"
"source": "security@atlassian.com",
"tags": [
"Issue Tracking"
]
}
]
}

22
CVE-2024/CVE-2024-231xx/CVE-2024-23193.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-23193",
"sourceIdentifier": "security@open-xchange.com",
"published": "2024-05-06T07:15:07.533",
"lastModified": "2025-03-05T22:12:02.070",
"lastModified": "2025-04-10T18:43:56.177",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.6,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6
}
]
},

22
CVE-2024/CVE-2024-256xx/CVE-2024-25644.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-25644",
"sourceIdentifier": "cna@sap.com",
"published": "2024-03-12T01:15:49.567",
"lastModified": "2025-02-26T16:33:34.527",
"lastModified": "2025-04-10T19:40:55.793",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},

8
CVE-2024/CVE-2024-256xx/CVE-2024-25692.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-25692",
"sourceIdentifier": "psirt@esri.com",
"published": "2024-04-04T18:15:09.887",
"lastModified": "2025-01-08T15:16:56.533",
"vulnStatus": "Analyzed",
"lastModified": "2025-04-10T19:15:57.360",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "\nThere is a cross-site-request forgery vulnerability in Esri Portal for ArcGIS Versions 11.1 and below that may in some cases allow a remote, unauthenticated attacker to trick an authorized user into executing unwanted actions via a crafted form. The impact to Confidentiality and Integrity vectors is limited and of low severity.\u00a0"
"value": "There is a cross-site-request forgery vulnerability in Esri Portal for ArcGIS Versions 11.1 and below that may in some cases allow a remote, unauthenticated attacker to trick an authorized user into executing unwanted actions via a crafted form. The impact to Confidentiality and Integrity vectors is limited and of low severity."
},
{
"lang": "es",
@ -62,7 +62,7 @@
"weaknesses": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

8
CVE-2024/CVE-2024-256xx/CVE-2024-25695.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-25695",
"sourceIdentifier": "psirt@esri.com",
"published": "2024-04-04T18:15:10.500",
"lastModified": "2025-01-08T14:32:59.223",
"vulnStatus": "Analyzed",
"lastModified": "2025-04-10T19:15:57.480",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Cross-site Scripting vulnerability in Portal for ArcGIS in versions <= 11.2 that may allow a remote, authenticated attacker to provide input that is not sanitized properly and is rendered in error messages. The are no privileges required to execute this attack."
"value": "There is a Cross-site Scripting vulnerability in Portal for ArcGIS in versions 11.2 and below that may allow a remote, authenticated attacker to provide input that is not sanitized properly and is rendered in error messages. The are no privileges required to execute this attack."
},
{
"lang": "es",
@ -62,7 +62,7 @@
"weaknesses": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

8
CVE-2024/CVE-2024-256xx/CVE-2024-25696.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-25696",
"sourceIdentifier": "psirt@esri.com",
"published": "2024-04-04T18:15:10.757",
"lastModified": "2025-01-08T14:30:29.987",
"vulnStatus": "Analyzed",
"lastModified": "2025-04-10T19:15:57.610",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Cross-site Scripting vulnerability in Portal for ArcGIS in versions <=11.0 that may allow a remote, authenticated attacker to create a crafted link which when accessing the page editor an image will render in the victim\u2019s browser. The privileges required to execute this attack are high."
"value": "There is a Cross-site Scripting vulnerability in Portal for ArcGIS in versions 11.0 and below that may allow a remote, authenticated attacker to create a crafted link which when accessing the page editor an image will render in the victim\u2019s browser. The privileges required to execute this attack are high."
},
{
"lang": "es",
@ -62,7 +62,7 @@
"weaknesses": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

8
CVE-2024/CVE-2024-256xx/CVE-2024-25697.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-25697",
"sourceIdentifier": "psirt@esri.com",
"published": "2024-04-04T18:15:11.027",
"lastModified": "2025-01-08T14:22:09.017",
"vulnStatus": "Analyzed",
"lastModified": "2025-04-10T19:15:57.740",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Cross-site Scripting vulnerability\u00a0in Portal for ArcGIS in versions <=11.1 that may allow a remote, authenticated attacker to create a crafted link which when opening an authenticated users bio page will render an image in the victims browser. \u00a0The privileges required to execute this attack are low."
"value": "There is a Cross-site Scripting vulnerability\u00a0in Portal for ArcGIS in versions 11.1 and below that may allow a remote, authenticated attacker to create a crafted link which when opening an authenticated users bio page will render an image in the victims browser. \u00a0The privileges required to execute this attack are low."
},
{
"lang": "es",
@ -62,7 +62,7 @@
"weaknesses": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

8
CVE-2024/CVE-2024-256xx/CVE-2024-25699.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-25699",
"sourceIdentifier": "psirt@esri.com",
"published": "2024-04-04T18:15:11.593",
"lastModified": "2025-01-30T16:23:46.597",
"vulnStatus": "Analyzed",
"lastModified": "2025-04-10T19:15:58.013",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a difficult to exploit improper authentication issue in the Home application for Esri Portal for ArcGIS versions 10.8.1 through 11.2 on Windows and Linux, and ArcGIS Enterprise 11.1 and below on Kubernetes which, under unique circumstances, could potentially allow a remote, unauthenticated attacker to compromise the confidentiality, integrity, and availability of the software."
"value": "There is a difficult to exploit improper authentication issue in the Home application for Esri Portal for ArcGIS versions 11.2 and below on Windows and Linux, and ArcGIS Enterprise 11.1 and below on Kubernetes which, under unique circumstances, could potentially allow a remote, unauthenticated attacker to compromise the confidentiality, integrity, and availability of the software."
},
{
"lang": "es",
@ -62,7 +62,7 @@
"weaknesses": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

50
CVE-2024/CVE-2024-257xx/CVE-2024-25700.json
View File

@ -2,15 +2,55 @@
"id": "CVE-2024-25700",
"sourceIdentifier": "psirt@esri.com",
"published": "2024-04-04T18:15:11.837",
"lastModified": "2024-04-25T18:15:07.817",
"vulnStatus": "Rejected",
"lastModified": "2025-04-10T19:15:58.140",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Rejected reason: \nThis CVE ID has been rejected or withdrawn by its CVE Numbering Authority because this item is scheduled to be patched at a future time."
"value": "There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Web App Builder versions 11.1 and below that may allow a remote, authenticated attacker to create a crafted link that is stored in a web map link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser. The privileges required to execute this attack are high."
}
],
"metrics": {},
"references": []
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@esri.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "psirt@esri.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/portal-for-arcgis-security-2024-update-2/",
"source": "psirt@esri.com"
}
]
}

6
CVE-2024/CVE-2024-257xx/CVE-2024-25706.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-25706",
"sourceIdentifier": "psirt@esri.com",
"published": "2024-04-04T18:15:12.830",
"lastModified": "2025-01-08T15:42:03.523",
"vulnStatus": "Analyzed",
"lastModified": "2025-04-10T19:15:58.320",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an HTML injection vulnerability in Esri Portal for ArcGIS <=11.0 that may allow a remote, unauthenticated attacker to craft a URL which, when clicked, could potentially generate a message that may entice an unsuspecting victim to visit an arbitrary website. This could simplify phishing attacks."
"value": "There is an HTML injection vulnerability in Esri Portal for ArcGIS 11.0 and below that may allow a remote, unauthenticated attacker to craft a URL which, when clicked, could potentially generate a message that may entice an unsuspecting victim to visit an arbitrary website. This could simplify phishing attacks."
},
{
"lang": "es",

8
CVE-2024/CVE-2024-257xx/CVE-2024-25708.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-25708",
"sourceIdentifier": "psirt@esri.com",
"published": "2024-04-04T18:15:13.070",
"lastModified": "2025-01-31T13:27:06.877",
"vulnStatus": "Analyzed",
"lastModified": "2025-04-10T19:15:58.463",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Web App Builder versions 10.8.1 \u2013 10.9.1 that may allow a remote, authenticated attacker to create a crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser. The privileges required to execute this attack are high.\u00a0"
"value": "There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Web App Builder versions 10.9.1 and below that may allow a remote, authenticated attacker to create a crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser. The privileges required to execute this attack are high."
},
{
"lang": "es",
@ -62,7 +62,7 @@
"weaknesses": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

8
CVE-2024/CVE-2024-257xx/CVE-2024-25709.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-25709",
"sourceIdentifier": "psirt@esri.com",
"published": "2024-04-04T18:15:13.340",
"lastModified": "2025-01-31T14:35:45.990",
"vulnStatus": "Analyzed",
"lastModified": "2025-04-10T19:15:58.633",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS versions 10.8.1 \u2013 1121 that may allow a remote, authenticated attacker to create a crafted link that can be saved as a new location when moving an existing item which will potentially execute arbitrary JavaScript code in the victim\u2019s browser. The privileges required to execute this attack are high."
"value": "There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS versions 11.2 and below that may allow a remote, authenticated attacker to create a crafted link that can be saved as a new location when moving an existing item which will potentially execute arbitrary JavaScript code in the victim\u2019s browser. The privileges required to execute this attack are high."
},
{
"lang": "es",
@ -62,7 +62,7 @@
"weaknesses": [
{
"source": "psirt@esri.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

Some files were not shown because too many files have changed in this diff Show More