admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-04-30T16:00:21.515355+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-04-30 16:03:59 +00:00
parent 21f5dd1392
commit b8a3c946df
173 changed files with 11734 additions and 686 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
CVE-2021/CVE-2021-246xx/CVE-2021-24649.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-24649",
"sourceIdentifier": "contact@wpscan.com",
"published": "2022-11-21T11:15:12.507",
"lastModified": "2024-11-21T05:53:29.447",
"lastModified": "2025-04-30T14:15:23.043",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},

195
CVE-2021/CVE-2021-472xx/CVE-2021-47248.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47248",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-21T15:15:13.780",
"lastModified": "2024-11-21T06:35:43.190",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-30T15:21:04.770",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,63 +15,224 @@
"value": " En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: udp: corrige la ejecuci\u00f3n entre close() y udp_abort(). Kaustubh inform\u00f3 y diagnostic\u00f3 un p\u00e1nico en udp_lib_lookup(). La causa principal es que udp_abort() compite con close(). Ambas funciones de ejecuci\u00f3n adquieren el bloqueo del socket, pero udp{v6}_destroy_sock() lo libera antes de realizar acciones destructivas. No podemos extender f\u00e1cilmente el alcance del bloqueo del socket para evitar la ejecuci\u00f3n; en su lugar, usamos el indicador SOCK_DEAD para evitar que udp_abort realice alguna acci\u00f3n cuando ocurre la ejecuci\u00f3n cr\u00edtica. Diagnosticado y probado por: Kaustubh Pandey "
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-362"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.9",
"versionEndExcluding": "4.9.274",
"matchCriteriaId": "6B5A1555-2CC4-4652-AD96-3529D26B3447"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.10",
"versionEndExcluding": "4.14.238",
"matchCriteriaId": "C3C0DBBF-0923-4D2A-9178-134691F9933F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.196",
"matchCriteriaId": "F3CAB837-7D38-4934-AD4F-195CEFD754E6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.128",
"matchCriteriaId": "6267BD4E-BE25-48B5-B850-4B493440DAFA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.46",
"matchCriteriaId": "59455D13-A902-42E1-97F7-5ED579777193"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.12.13",
"matchCriteriaId": "7806E7E5-6D4F-4E18-81C1-79B3C60EE855"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0CBAD0FC-C281-4666-AB2F-F8E6E1165DF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc2:*:*:*:*:*:*",
"matchCriteriaId": "96AC23B2-D46A-49D9-8203-8E1BEDCA8532"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc3:*:*:*:*:*:*",
"matchCriteriaId": "DA610E30-717C-4700-9F77-A3C9244F3BFD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc4:*:*:*:*:*:*",
"matchCriteriaId": "1ECD33F5-85BE-430B-8F86-8D7BD560311D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc5:*:*:*:*:*:*",
"matchCriteriaId": "CF351855-2437-4CF5-AD7C-BDFA51F27683"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc6:*:*:*:*:*:*",
"matchCriteriaId": "25A855BA-2118-44F2-90EF-EBBB12AF51EF"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/2f73448041bd0682d4b552cfd314ace66107f1ad",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5a88477c1c85e4baa51e91f2d40f2166235daa56",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/65310b0aff86980a011c7c7bfa487a333d4ca241",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8729ec8a2238152a4afc212a331a6cd2c61aeeac",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a0882f68f54f7a8b6308261acee9bd4faab5a69e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a8b897c7bcd47f4147d066e22cc01d1026d7640e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e3c36c773aed0fef8b1d3d555b43393ec564400f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/2f73448041bd0682d4b552cfd314ace66107f1ad",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5a88477c1c85e4baa51e91f2d40f2166235daa56",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/65310b0aff86980a011c7c7bfa487a333d4ca241",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8729ec8a2238152a4afc212a331a6cd2c61aeeac",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a0882f68f54f7a8b6308261acee9bd4faab5a69e",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a8b897c7bcd47f4147d066e22cc01d1026d7640e",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e3c36c773aed0fef8b1d3d555b43393ec564400f",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

127
CVE-2021/CVE-2021-472xx/CVE-2021-47251.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47251",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-21T15:15:14.007",
"lastModified": "2024-11-21T06:35:43.570",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-30T15:18:22.460",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,31 +15,140 @@
"value": " En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: mac80211: corrige la verificaci\u00f3n de longitud de skb en ieee80211_scan_rx() Reemplace las constantes de tiempo de compilaci\u00f3n codificadas para la verificaci\u00f3n de la longitud del encabezado con determinaci\u00f3n din\u00e1mica basada en el tipo de trama. De lo contrario, obtendremos un WARN_ON de validaci\u00f3n en cfg80211 m\u00e1s adelante. [correcciones de estilo, reformular mensaje de confirmaci\u00f3n]"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1284"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.10",
"versionEndExcluding": "5.10.46",
"matchCriteriaId": "FD0C8733-D75B-4E30-9D46-CFE48CF2CC1E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.12.13",
"matchCriteriaId": "7806E7E5-6D4F-4E18-81C1-79B3C60EE855"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0CBAD0FC-C281-4666-AB2F-F8E6E1165DF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc2:*:*:*:*:*:*",
"matchCriteriaId": "96AC23B2-D46A-49D9-8203-8E1BEDCA8532"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc3:*:*:*:*:*:*",
"matchCriteriaId": "DA610E30-717C-4700-9F77-A3C9244F3BFD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc4:*:*:*:*:*:*",
"matchCriteriaId": "1ECD33F5-85BE-430B-8F86-8D7BD560311D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc5:*:*:*:*:*:*",
"matchCriteriaId": "CF351855-2437-4CF5-AD7C-BDFA51F27683"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc6:*:*:*:*:*:*",
"matchCriteriaId": "25A855BA-2118-44F2-90EF-EBBB12AF51EF"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/5a1cd67a801cf5ef989c4783e07b86a25b143126",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d1b949c70206178b12027f66edc088d40375b5cb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e298aa358f0ca658406d524b6639fe389cb6e11e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5a1cd67a801cf5ef989c4783e07b86a25b143126",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d1b949c70206178b12027f66edc088d40375b5cb",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e298aa358f0ca658406d524b6639fe389cb6e11e",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

212
CVE-2021/CVE-2021-472xx/CVE-2021-47252.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47252",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-21T15:15:14.083",
"lastModified": "2024-11-21T06:35:43.683",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-30T15:12:52.080",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,71 +15,245 @@
"value": " En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: batman-adv: Evite comprobaciones relacionadas con el tiempo WARN_ON. La interfaz soft/batadv para un MDS en cola se puede cambiar durante el tiempo que el MDS estuvo en cola para transmisi\u00f3n y cuando el MDS realmente se transmite por el trabajador. Pero WARN_ON debe usarse para indicar errores del kernel y no para imprimir simples advertencias. Una advertencia se puede imprimir simplemente usando pr_warn."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.14",
"versionEndExcluding": "4.4.293",
"matchCriteriaId": "0371C13D-9CD9-4497-8E6D-EB0CC0736817"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.5",
"versionEndExcluding": "4.9.274",
"matchCriteriaId": "0A84D5BC-006F-41C5-A54D-6D45236009B3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.10",
"versionEndExcluding": "4.14.238",
"matchCriteriaId": "C3C0DBBF-0923-4D2A-9178-134691F9933F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.196",
"matchCriteriaId": "F3CAB837-7D38-4934-AD4F-195CEFD754E6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.128",
"matchCriteriaId": "6267BD4E-BE25-48B5-B850-4B493440DAFA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.46",
"matchCriteriaId": "59455D13-A902-42E1-97F7-5ED579777193"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.12.13",
"matchCriteriaId": "7806E7E5-6D4F-4E18-81C1-79B3C60EE855"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0CBAD0FC-C281-4666-AB2F-F8E6E1165DF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc2:*:*:*:*:*:*",
"matchCriteriaId": "96AC23B2-D46A-49D9-8203-8E1BEDCA8532"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc3:*:*:*:*:*:*",
"matchCriteriaId": "DA610E30-717C-4700-9F77-A3C9244F3BFD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc4:*:*:*:*:*:*",
"matchCriteriaId": "1ECD33F5-85BE-430B-8F86-8D7BD560311D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc5:*:*:*:*:*:*",
"matchCriteriaId": "CF351855-2437-4CF5-AD7C-BDFA51F27683"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc6:*:*:*:*:*:*",
"matchCriteriaId": "25A855BA-2118-44F2-90EF-EBBB12AF51EF"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/282baa8104af44e04c4af3e7f933b44267c7f86f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/2eb4e0b3631832a4291c8bf4c9db873f60b128c8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/45011f2973f6b52cf50db397bb27bf805f5f0e7f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6031daaaf6d5c359c99dfffa102e332df234ff09",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/77a99aad5bc3ea105806ebae6be3cbadc2fc615e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9f460ae31c4435fd022c443a6029352217a16ac1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e7fbd8184fa9e85f0d648c499841cb7ff6dec9f4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e8e9d2968a9d08bf5c683afca182f1537edebf8d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/282baa8104af44e04c4af3e7f933b44267c7f86f",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/2eb4e0b3631832a4291c8bf4c9db873f60b128c8",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/45011f2973f6b52cf50db397bb27bf805f5f0e7f",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6031daaaf6d5c359c99dfffa102e332df234ff09",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/77a99aad5bc3ea105806ebae6be3cbadc2fc615e",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9f460ae31c4435fd022c443a6029352217a16ac1",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e7fbd8184fa9e85f0d648c499841cb7ff6dec9f4",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e8e9d2968a9d08bf5c683afca182f1537edebf8d",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

144
CVE-2021/CVE-2021-472xx/CVE-2021-47255.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47255",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-21T15:15:14.303",
"lastModified": "2024-11-21T06:35:44.037",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-30T15:11:57.737",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,39 +15,161 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: kvm: LAPIC: Restaurar protecci\u00f3n para evitar el acceso ilegal al registro APIC. Seg\u00fan el SDM, \"cualquier acceso que toque los bytes 4 al 15 de un registro APIC puede causar un comportamiento indefinido y no debe ejecutarse \". Peor a\u00fan, dicho acceso en kvm_lapic_reg_read puede resultar en una fuga del contenido de la pila del kernel. Antes de confirmar 01402cf81051 (\"kvm: LAPIC: anotar registros APIC v\u00e1lidos\"), dicho acceso se prohib\u00eda expl\u00edcitamente. Restaura la guardia que se elimin\u00f3 en esa confirmaci\u00f3n."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.3",
"versionEndExcluding": "5.4.128",
"matchCriteriaId": "DC847EC3-F5C9-4A5D-B3AE-048BFB665C62"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.46",
"matchCriteriaId": "59455D13-A902-42E1-97F7-5ED579777193"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.12.13",
"matchCriteriaId": "7806E7E5-6D4F-4E18-81C1-79B3C60EE855"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0CBAD0FC-C281-4666-AB2F-F8E6E1165DF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc2:*:*:*:*:*:*",
"matchCriteriaId": "96AC23B2-D46A-49D9-8203-8E1BEDCA8532"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc3:*:*:*:*:*:*",
"matchCriteriaId": "DA610E30-717C-4700-9F77-A3C9244F3BFD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc4:*:*:*:*:*:*",
"matchCriteriaId": "1ECD33F5-85BE-430B-8F86-8D7BD560311D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc5:*:*:*:*:*:*",
"matchCriteriaId": "CF351855-2437-4CF5-AD7C-BDFA51F27683"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc6:*:*:*:*:*:*",
"matchCriteriaId": "25A855BA-2118-44F2-90EF-EBBB12AF51EF"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/018685461a5b9a9a70e664ac77aef0d7415a3fd5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/218bf772bddd221489c38dde6ef8e917131161f6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a2aff09807fbe4018c269d3773a629949058b210",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/bf99ea52970caeb4583bdba1192c1f9b53b12c84",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/018685461a5b9a9a70e664ac77aef0d7415a3fd5",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/218bf772bddd221489c38dde6ef8e917131161f6",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a2aff09807fbe4018c269d3773a629949058b210",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/bf99ea52970caeb4583bdba1192c1f9b53b12c84",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

178
CVE-2021/CVE-2021-472xx/CVE-2021-47256.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47256",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-21T15:15:14.380",
"lastModified": "2024-11-21T06:35:44.143",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-30T15:05:57.057",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,55 +15,203 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mm/memory-failure: aseg\u00farese de esperar la reescritura de la p\u00e1gina en Memory_failure. Nuestro syzkaller activa el \"BUG_ON(!list_empty(&inode->i_wb_list))\" en clear_inode: kernel BUG en fs /inodo.c:519! Error interno: Oops - BUG: 0 [#1] M\u00f3dulos SMP vinculados en: Proceso syz-executor.0 (pid: 249, l\u00edmite de pila = 0x00000000a12409d7) CPU: 1 PID: 249 Comm: syz-executor.0 No contaminado 4.19. 95 Nombre de hardware: linux,dummy-virt (DT) pstate: 80000005 (Nzcv daif -PAN -UAO) pc: clear_inode+0x280/0x2a8 lr: clear_inode+0x280/0x2a8 Rastreo de llamadas: clear_inode+0x280/0x2a8 ext4_clear_inode+0x38/0xe8 ext4_free_inode+0x130/0xc68 ext4_evict_inode+0xb20/0xcb8 desalojar+0x1a8/0x3c0 iput+0x344/0x460 do_unlinkat+0x260/0x410 __arm64_sys_unlinkat+0x6c/0xc0 el0_svc_common+0xdc /0x3b0 el0_svc_handler+0xf8/0x160 el0_svc+0x10/0x218 P\u00e1nico del kernel: no se sincroniza : Excepci\u00f3n fatal Un volcado de memoria de este problema muestra que alguien llam\u00f3 a __munlock_pagevec para borrar la p\u00e1gina LRU sin lock_page: do_mmap -> mmap_region -> do_munmap -> munlock_vma_pages_range -> __munlock_pagevec. Como resultado, Memory_failure llamar\u00e1 a identify_page_state sin wait_on_page_writeback. Y despu\u00e9s de truncate_error_page, borre el mapeo de esta p\u00e1gina. end_page_writeback no llamar\u00e1 a sb_clear_inode_writeback para borrar inode->i_wb_list. \u00a1Eso activar\u00e1 BUG_ON en clear_inode! Solucionarlo marcando tambi\u00e9n PageWriteback para ayudar a determinar si debemos omitir wait_on_page_writeback."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.16",
"versionEndExcluding": "4.14.238",
"matchCriteriaId": "CC6F60EE-EF5A-4213-9927-5F26053B4B41"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.196",
"matchCriteriaId": "F3CAB837-7D38-4934-AD4F-195CEFD754E6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.128",
"matchCriteriaId": "6267BD4E-BE25-48B5-B850-4B493440DAFA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.46",
"matchCriteriaId": "59455D13-A902-42E1-97F7-5ED579777193"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.12.13",
"matchCriteriaId": "7806E7E5-6D4F-4E18-81C1-79B3C60EE855"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0CBAD0FC-C281-4666-AB2F-F8E6E1165DF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc2:*:*:*:*:*:*",
"matchCriteriaId": "96AC23B2-D46A-49D9-8203-8E1BEDCA8532"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc3:*:*:*:*:*:*",
"matchCriteriaId": "DA610E30-717C-4700-9F77-A3C9244F3BFD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc4:*:*:*:*:*:*",
"matchCriteriaId": "1ECD33F5-85BE-430B-8F86-8D7BD560311D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc5:*:*:*:*:*:*",
"matchCriteriaId": "CF351855-2437-4CF5-AD7C-BDFA51F27683"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc6:*:*:*:*:*:*",
"matchCriteriaId": "25A855BA-2118-44F2-90EF-EBBB12AF51EF"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/28788dc5c70597395b6b451dae4549bbaa8e2c56",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/566345aaabac853aa866f53a219c4b02a6beb527",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6d210d547adc2218ef8b5bcf23518c5f2f1fd872",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9e379da727a7a031be9b877cde7b9c34a0fb8306",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d05267fd27a5c4f54e06daefa3035995d765ca0c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e8675d291ac007e1c636870db880f837a9ea112a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/28788dc5c70597395b6b451dae4549bbaa8e2c56",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/566345aaabac853aa866f53a219c4b02a6beb527",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6d210d547adc2218ef8b5bcf23518c5f2f1fd872",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9e379da727a7a031be9b877cde7b9c34a0fb8306",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d05267fd27a5c4f54e06daefa3035995d765ca0c",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e8675d291ac007e1c636870db880f837a9ea112a",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

189
CVE-2021/CVE-2021-472xx/CVE-2021-47258.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47258",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-21T15:15:14.537",
"lastModified": "2024-11-21T06:35:44.460",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-30T15:05:14.067",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,63 +15,218 @@
"value": " En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: scsi: core: corrige el manejo de errores de scsi_host_alloc(). Despu\u00e9s de que el dispositivo se inicializa mediante device_initialize(), o su nombre se establece mediante dev_set_name(), el dispositivo debe liberarse mediante put_device (). De lo contrario, se filtrar\u00e1 el nombre del dispositivo porque se asigna din\u00e1micamente en dev_set_name(). Solucione la fuga reemplazando kfree() con put_device(). Dado que scsi_host_dev_release() maneja adecuadamente la eliminaci\u00f3n de IDA y kthread, elimine tambi\u00e9n estas may\u00fasculas y min\u00fasculas especiales del manejo de errores."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.273",
"matchCriteriaId": "2AAF8753-C28A-4F2A-8469-E86334097252"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.10",
"versionEndExcluding": "4.14.237",
"matchCriteriaId": "83CDDAD5-5539-46C9-9255-C1DAC38F7905"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.195",
"matchCriteriaId": "23EECCE9-4D4C-4684-AB00-10C938F5DDC1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.126",
"matchCriteriaId": "876275F9-BEC7-40E8-9D7F-A20729A4A4FF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.44",
"matchCriteriaId": "DA547B08-9D25-467B-AD0D-8460FE4EE70D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.12.11",
"matchCriteriaId": "F914A757-FAFD-407E-9031-21F66635D5EA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0CBAD0FC-C281-4666-AB2F-F8E6E1165DF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc2:*:*:*:*:*:*",
"matchCriteriaId": "96AC23B2-D46A-49D9-8203-8E1BEDCA8532"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc3:*:*:*:*:*:*",
"matchCriteriaId": "DA610E30-717C-4700-9F77-A3C9244F3BFD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc4:*:*:*:*:*:*",
"matchCriteriaId": "1ECD33F5-85BE-430B-8F86-8D7BD560311D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc5:*:*:*:*:*:*",
"matchCriteriaId": "CF351855-2437-4CF5-AD7C-BDFA51F27683"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/2dc85045ae65b9302a1d2e2ddd7ce4c030153a6a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/45d83db4728127944b237c0c8248987df9d478e7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/66a834d092930cf41d809c0e989b13cd6f9ca006",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/79296e292d67fa7b5fb8d8c27343683e823872c8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7a696ce1d5d16a33a6cd6400bbcc0339b2460e11",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8958181c1663e24a13434448e7d6b96b5d04900a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/db08ce595dd64ea9859f7d088b51cbfc8e685c66",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/2dc85045ae65b9302a1d2e2ddd7ce4c030153a6a",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/45d83db4728127944b237c0c8248987df9d478e7",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/66a834d092930cf41d809c0e989b13cd6f9ca006",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/79296e292d67fa7b5fb8d8c27343683e823872c8",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7a696ce1d5d16a33a6cd6400bbcc0339b2460e11",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8958181c1663e24a13434448e7d6b96b5d04900a",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/db08ce595dd64ea9859f7d088b51cbfc8e685c66",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

156
CVE-2021/CVE-2021-472xx/CVE-2021-47261.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47261",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-21T15:15:14.770",
"lastModified": "2024-11-21T06:35:44.887",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-30T15:03:53.077",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,47 +15,177 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: IB/mlx5: Correcci\u00f3n al inicializar el b\u00fafer de fragmentos CQ. Se puede llamar a la funci\u00f3n init_cq_frag_buf() para inicializar el b\u00fafer de fragmentos CQ actual cq->buf, o el cq->resize_buf temporal que es rellenado durante la operaci\u00f3n de cambio de tama\u00f1o de CQ. Sin embargo, la confirmaci\u00f3n infractora comenz\u00f3 a usar la funci\u00f3n get_cqe() para obtener los CQE, el problema con este cambio es que get_cqe() siempre devuelve CQE desde cq->buf, lo que nos lleva a inicializar el b\u00fafer incorrecto y, en caso de ampliarlo, En el CQ intentamos acceder a elementos m\u00e1s all\u00e1 del tama\u00f1o del cq->buf actual y finalmente entramos en p\u00e1nico en el kernel. [excepci\u00f3n RIP: init_cq_frag_buf+103] [ffff9f799ddcbcd8] mlx5_ib_resize_cq en fffffffc0835d60 [mlx5_ib] [ffff9f799ddcbdb0] ib_resize_cq en fffffffc05270df [ib_core] [ffff9f799ddcbdc0] _rdma_setup_qp en ffffffffc0a6a712 [llt] [ffff9f799ddcbe10] llt_rdma_cc_event_action en ffffffffc0a6b411 [llt] [ffff9f799ddcbe98] llt_rdma_client_conn_thread en ffffffffc0a6bb75 [llt] [ffff9f799ddcbec8] kthread en ffffffffa66c5da1 [ffff9f799ddcbf50] ret_from_fork_nospec_begin en ffffffffa6d95ddd Arr\u00e9glelo obteniendo el CQE necesario llamando a mlx5_frag_buf_get_wqe() que toma el b\u00fafer de origen correcto como par\u00e1metro."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-706"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.17",
"versionEndExcluding": "4.19.195",
"matchCriteriaId": "5017B18F-E493-4424-A351-A210614CF65E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.126",
"matchCriteriaId": "876275F9-BEC7-40E8-9D7F-A20729A4A4FF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.44",
"matchCriteriaId": "DA547B08-9D25-467B-AD0D-8460FE4EE70D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.12.11",
"matchCriteriaId": "F914A757-FAFD-407E-9031-21F66635D5EA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0CBAD0FC-C281-4666-AB2F-F8E6E1165DF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc2:*:*:*:*:*:*",
"matchCriteriaId": "96AC23B2-D46A-49D9-8203-8E1BEDCA8532"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc3:*:*:*:*:*:*",
"matchCriteriaId": "DA610E30-717C-4700-9F77-A3C9244F3BFD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc4:*:*:*:*:*:*",
"matchCriteriaId": "1ECD33F5-85BE-430B-8F86-8D7BD560311D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc5:*:*:*:*:*:*",
"matchCriteriaId": "CF351855-2437-4CF5-AD7C-BDFA51F27683"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/1ec2dcd680c71d0d36fa25638b327a468babd5c9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/2ba0aa2feebda680ecfc3c552e867cf4d1b05a3a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3e670c54eda238cb8a1ea93538a79ae89285c1c4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/91f7fdc4cc10542ca1045c06aad23365f0d067e0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e3ecd9c09fcc10cf6b2bc67e2990c397c40a8c26",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/1ec2dcd680c71d0d36fa25638b327a468babd5c9",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/2ba0aa2feebda680ecfc3c552e867cf4d1b05a3a",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3e670c54eda238cb8a1ea93538a79ae89285c1c4",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/91f7fdc4cc10542ca1045c06aad23365f0d067e0",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e3ecd9c09fcc10cf6b2bc67e2990c397c40a8c26",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

122
CVE-2021/CVE-2021-472xx/CVE-2021-47263.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47263",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-21T15:15:15.007",
"lastModified": "2024-11-21T06:35:45.180",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-30T14:59:24.723",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,31 +15,135 @@
"value": " En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: gpio: wcd934x: correcci\u00f3n de error de desplazamiento fuera de los l\u00edmites. La m\u00e1scara de bits para los pines 0 a 4 es BIT(0) a BIT(4); sin embargo, terminamos con BIT( n - 1) lo cual no es correcto, y esto fue detectado por la siguiente verificaci\u00f3n USB UBSAN: shift-out-of-bounds in drivers/gpio/gpio-wcd934x.c:34:14"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.6",
"versionEndExcluding": "5.10.44",
"matchCriteriaId": "ED784810-777C-4118-B4A8-B9C759CB0567"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.12.11",
"matchCriteriaId": "F914A757-FAFD-407E-9031-21F66635D5EA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0CBAD0FC-C281-4666-AB2F-F8E6E1165DF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc2:*:*:*:*:*:*",
"matchCriteriaId": "96AC23B2-D46A-49D9-8203-8E1BEDCA8532"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc3:*:*:*:*:*:*",
"matchCriteriaId": "DA610E30-717C-4700-9F77-A3C9244F3BFD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc4:*:*:*:*:*:*",
"matchCriteriaId": "1ECD33F5-85BE-430B-8F86-8D7BD560311D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc5:*:*:*:*:*:*",
"matchCriteriaId": "CF351855-2437-4CF5-AD7C-BDFA51F27683"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/dbec64b11c65d74f31427e2b9d5746fbf17bf840",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/dd55331d493b7ea75c5db1f24d6822946fde2862",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e0b518a2eb44d8a74c19e50f79a8ed393e96d634",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/dbec64b11c65d74f31427e2b9d5746fbf17bf840",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/dd55331d493b7ea75c5db1f24d6822946fde2862",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e0b518a2eb44d8a74c19e50f79a8ed393e96d634",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

105
CVE-2021/CVE-2021-472xx/CVE-2021-47265.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47265",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-21T15:15:15.147",
"lastModified": "2024-11-21T06:35:45.380",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-30T14:57:20.310",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,23 +15,114 @@
"value": "En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: RDMA: Verificar puerto al crear regla de flujo. Validar valor de puerto proporcionado por el usuario y con ello eliminar la validaci\u00f3n que ya no necesita el controlador. La verificaci\u00f3n que falta en el controlador mlx5_ib podr\u00eda provocar los siguientes errores. Seguimiento de llamadas: _create_flow_rule+0x2d4/0xf28 [mlx5_ib] mlx5_ib_create_flow+0x2d0/0x5b0 [mlx5_ib] ib_uverbs_ex_create_flow+0x4cc/0x624 [ib_uverbs_handler_UVERBS_METHOD_INVOKE_WRITE+0xd4/0x1 50 [ib_uverbs] ib_uverbs_cmd_verbs.isra.7+0xb28/0xc50 [ib_uverbs] ib_uverbs_ioctl+0x158 /0x1d0 [ib_uverbs] do_vfs_ioctl+0xd0/0xaf0 ksys_ioctl+0x84/0xb4 __arm64_sys_ioctl+0x28/0xc4 el0_svc_common.constprop.3+0xa4/0x254 el0_svc_handler+0x84/0xa0 0x10/0x26c C\u00f3digo: b9401260 f9615681 51000400 8b001c20 (f9403c1a)"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.12",
"versionEndExcluding": "5.12.11",
"matchCriteriaId": "72465A2F-E320-41DA-9DDE-71716705D665"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0CBAD0FC-C281-4666-AB2F-F8E6E1165DF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc2:*:*:*:*:*:*",
"matchCriteriaId": "96AC23B2-D46A-49D9-8203-8E1BEDCA8532"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc3:*:*:*:*:*:*",
"matchCriteriaId": "DA610E30-717C-4700-9F77-A3C9244F3BFD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc4:*:*:*:*:*:*",
"matchCriteriaId": "1ECD33F5-85BE-430B-8F86-8D7BD560311D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc5:*:*:*:*:*:*",
"matchCriteriaId": "CF351855-2437-4CF5-AD7C-BDFA51F27683"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/2adcb4c5a52a2623cd2b43efa7041e74d19f3a5e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8dc1b0e0ca204596c50bcd159ee069ae0f998176",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/2adcb4c5a52a2623cd2b43efa7041e74d19f3a5e",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8dc1b0e0ca204596c50bcd159ee069ae0f998176",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

122
CVE-2021/CVE-2021-472xx/CVE-2021-47272.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47272",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-21T15:15:15.687",
"lastModified": "2024-11-21T06:35:46.283",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-30T14:55:59.530",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,31 +15,135 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: usb: dwc3: gadget: Bail from dwc3_gadget_exit() si dwc->gadget es NULL. Existe un posible escenario en el que dwc3_gadget_init() puede fallar: durante durante el host -> modo perif\u00e9rico Cambie a dwc3_set_mode() y un controlador de dispositivo pendiente no se vincula. Luego, si el DRD sufre otro cambio de modo desde perif\u00e9rico->host, el dwc3_gadget_exit() resultante intentar\u00e1 hacer referencia a un puntero dwc->gadget no v\u00e1lido y colgante, as\u00ed como llamar a dma_free_coherent() en punteros DMA no asignados. El escenario exacto se puede reproducir de la siguiente manera: - Iniciar DWC3 en modo perif\u00e9rico - Configurar el gadget ConfigFS con la instancia FunctionFS (o usar g_ffs) - Ejecutar la aplicaci\u00f3n de espacio de usuario FunctionFS (abrir EP, escribir descriptores, etc.) - Vincular el controlador del gadget al UDC de DWC3 - Cambiar DWC3 al modo host => se llama a dwc3_gadget_exit(). usb_del_gadget() colocar\u00e1 la instancia del controlador ConfigFS en gadget_driver_pending_list - Detener la aplicaci\u00f3n FunctionFS (cierra los archivos ep) - Cambiar DWC3 al modo perif\u00e9rico => dwc3_gadget_init() falla ya que usb_add_gadget() llama a check_pending_gadget_drivers() e intenta volver a vincular el UDC al El gadget ConfigFS pero falla con -19 (-ENODEV) porque la instancia FFS no est\u00e1 en estado FFS_ACTIVE (el espacio de usuario a\u00fan no se ha reabierto ni escrito los descriptores, es decir, desc_ready!=0). - Vuelva a cambiar DWC3 al modo host => se vuelve a llamar a dwc3_gadget_exit(), pero esta vez dwc->gadget no es v\u00e1lido. Aunque se puede argumentar que el espacio de usuario debe asumir la responsabilidad de garantizar que la aplicaci\u00f3n FunctionFS est\u00e9 lista antes de permitir que el controlador compuesto se vincule al UDC, no hacerlo no deber\u00eda generar p\u00e1nico por parte del controlador del kernel. Solucione este problema configurando dwc->gadget en NULL en la ruta de falla de dwc3_gadget_init() y agregue una marca a dwc3_gadget_exit() para salir del problema a menos que el puntero del gadget sea v\u00e1lido."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.10",
"versionEndExcluding": "5.10.44",
"matchCriteriaId": "C7E14A6C-41D9-41C0-88FA-8959D208A792"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.12.11",
"matchCriteriaId": "F914A757-FAFD-407E-9031-21F66635D5EA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0CBAD0FC-C281-4666-AB2F-F8E6E1165DF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc2:*:*:*:*:*:*",
"matchCriteriaId": "96AC23B2-D46A-49D9-8203-8E1BEDCA8532"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc3:*:*:*:*:*:*",
"matchCriteriaId": "DA610E30-717C-4700-9F77-A3C9244F3BFD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc4:*:*:*:*:*:*",
"matchCriteriaId": "1ECD33F5-85BE-430B-8F86-8D7BD560311D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc5:*:*:*:*:*:*",
"matchCriteriaId": "CF351855-2437-4CF5-AD7C-BDFA51F27683"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/03715ea2e3dbbc56947137ce3b4ac18a726b2f87",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4aad390363d2b9b3e92428dd34d27bb7ea8f1ee8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/851dee5a5da56564a70290713aee665403bb0b24",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/03715ea2e3dbbc56947137ce3b4ac18a726b2f87",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4aad390363d2b9b3e92428dd34d27bb7ea8f1ee8",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/851dee5a5da56564a70290713aee665403bb0b24",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

104
CVE-2021/CVE-2021-472xx/CVE-2021-47275.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47275",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-21T15:15:15.903",
"lastModified": "2024-11-21T06:35:46.750",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-30T14:49:09.583",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,23 +15,113 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: bcache: evita solicitudes de lectura de gran tama\u00f1o en la ruta del c\u00f3digo faltante de la cach\u00e9. En la ruta del c\u00f3digo faltante de la cach\u00e9 del dispositivo almacenado en cach\u00e9, si una ubicaci\u00f3n adecuada del \u00e1rbol B+ interno coincide con un rango de falta de cach\u00e9, La funci\u00f3n cached_dev_cache_miss() se llamar\u00e1 en cache_lookup_fn() en el siguiente bloque de c\u00f3digo, [bloque de c\u00f3digo 1] 526 unsigned int sectores = KEY_INODE(k) == s->iop.inode 527? min_t(uint64_t, INT_MAX, 528 KEY_START(k) - bio->bi_iter.bi_sector) 529: INT_MAX; 530 int ret = s->d->cache_miss(b, s, bio, sectors); Aqu\u00ed s->d->cache_miss() es el puntero de funci\u00f3n de devoluci\u00f3n de llamada inicializado como cached_dev_cache_miss(), el \u00faltimo par\u00e1metro 'sectors' es una pista importante para calcular el tama\u00f1o de la solicitud de lectura al dispositivo de respaldo de los datos de cach\u00e9 faltantes. El c\u00e1lculo actual en el bloque de c\u00f3digo anterior puede generar un valor sobredimensionado de 'sectors', lo que en consecuencia puede desencadenar 2 posibles p\u00e1nicos del kernel diferentes mediante BUG() o BUG_ON() como se enumera a continuaci\u00f3n, 1) BUG_ON() dentro de bch_btree_insert_key(), [bloque de c\u00f3digo 2 ] 886 BUG_ON(b->ops->is_extents && !KEY_SIZE(k)); 2) BUG() dentro de biovec_slab(), [bloque de c\u00f3digo 3] 51 predeterminado: 52 BUG(); 53 devuelve NULO; Todos los p\u00e1nicos anteriores son originales de cached_dev_cache_miss() por el par\u00e1metro 'sectors' de gran tama\u00f1o. Dentro de cached_dev_cache_miss(), el par\u00e1metro 'sectors' se utiliza para calcular el tama\u00f1o de los datos le\u00eddos desde el dispositivo de respaldo para el cach\u00e9 que falta. Este tama\u00f1o se almacena en s->insert_bio_sectors mediante las siguientes l\u00edneas de c\u00f3digo, [bloque de c\u00f3digo 4] 909 s->insert_bio_sectors = min(sectors, bio_sectors(bio) + reada); Luego, la clave real que se inserta en el \u00e1rbol B+ interno se genera y almacena en s->iop.replace_key mediante las siguientes l\u00edneas de c\u00f3digo, [bloque de c\u00f3digo 5] 911 s->iop.replace_key = KEY(s->iop.inode, 912 bio->bi_iter.bi_sector + s->insertar_bio_sectores, 913 s->insertar_bio_sectores); El par\u00e1metro 'sectors' de gran tama\u00f1o puede provocar p\u00e1nico 1) mediante BUG_ON() del bloque de c\u00f3digo anterior. Y el env\u00edo de biograf\u00eda al dispositivo de respaldo para los datos faltantes se asigna con una sugerencia de s->insert_bio_sectors mediante las siguientes l\u00edneas de c\u00f3digo, [bloque de c\u00f3digo 6] 926 cache_bio = bio_alloc_bioset(GFP_NOWAIT, 927 DIV_ROUND_UP(s->insert_bio_sectors, PAGE_SECTORS), 928 &dc->disk.bio_split); Los 'sectors' de par\u00e1metros de gran tama\u00f1o pueden provocar p\u00e1nico 2) mediante BUG() desde el bloque de c\u00f3digo anterior. Ahora perm\u00edtanme explicar c\u00f3mo se produce el p\u00e1nico en los \"sectors\" sobredimensionados. En el bloque de c\u00f3digo 5, replace_key se genera mediante la macro KEY(). De la definici\u00f3n de macro KEY(), [bloque de c\u00f3digo 7] 71 #define KEY(inode, offset, size) \\ 72 ((struct bkey) { \\ 73 .high = (1ULL << 63) | ((__u64) ( tama\u00f1o) << 20) | (inodo), \\ 74 .low = (desplazamiento) \\ 75 }) Aqu\u00ed 'tama\u00f1o' es un ancho de 16 bits incrustado en el miembro 'alto' de 64 bits de la estructura bkey. Pero en el bloque de c\u00f3digo 1, si \"KEY_START(k) - bio->bi_iter.bi_sector\" es muy probable que sea mayor que (1<<16) - 1, lo que hace que el c\u00e1lculo del tama\u00f1o de la clave b en el bloque de c\u00f3digo 5 se desborde. En un informe de error, el valor del par\u00e1metro 'sectors' es 131072 (= 1 << 17), los 'sectors' desbordados dan como resultado s->insert_bio_sectors desbordados en el bloque de c\u00f3digo 4, luego convierte el campo de tama\u00f1o de s->iop.replace_key en sea 0 en el bloque de c\u00f3digo 5. Luego, el tama\u00f1o 0 s->iop.replace_key se inserta en el \u00e1rbol B+ interno como clave de verificaci\u00f3n de falta de cach\u00e9 (una clave especial para detectar y evitar una ejecuci\u00f3n entre la solicitud de escritura normal y la solicitud de lectura faltante de cach\u00e9) como, [bloque de c\u00f3digo 8] 915 ret = ---truncado---"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.12.11",
"matchCriteriaId": "FB3C9604-BFC9-4C0B-BA5C-974549F97FF6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0CBAD0FC-C281-4666-AB2F-F8E6E1165DF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc2:*:*:*:*:*:*",
"matchCriteriaId": "96AC23B2-D46A-49D9-8203-8E1BEDCA8532"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc3:*:*:*:*:*:*",
"matchCriteriaId": "DA610E30-717C-4700-9F77-A3C9244F3BFD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc4:*:*:*:*:*:*",
"matchCriteriaId": "1ECD33F5-85BE-430B-8F86-8D7BD560311D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc5:*:*:*:*:*:*",
"matchCriteriaId": "CF351855-2437-4CF5-AD7C-BDFA51F27683"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/41fe8d088e96472f63164e213de44ec77be69478",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/555002a840ab88468e252b0eedf0b05e2ce7099c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/41fe8d088e96472f63164e213de44ec77be69478",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/555002a840ab88468e252b0eedf0b05e2ce7099c",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

207
CVE-2021/CVE-2021-472xx/CVE-2021-47276.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47276",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-21T15:15:15.983",
"lastModified": "2024-11-21T06:35:46.860",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-30T14:46:07.833",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,71 +15,240 @@
"value": " En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: ftrace: no lea ciegamente la direcci\u00f3n IP en ftrace_bug(). Se inform\u00f3 que un error en arm64 provoc\u00f3 que se usara una direcci\u00f3n IP incorrecta para actualizar a un nop en ftrace_init() , pero la ruta de error (con raz\u00f3n) devolvi\u00f3 -EINVAL y no -EFAULT, ya que el error provoc\u00f3 que ocurriera m\u00e1s de un error. Pero debido a que se devolvi\u00f3 -EINVAL, ftrace_bug() intent\u00f3 informar qu\u00e9 hab\u00eda en la ubicaci\u00f3n de la direcci\u00f3n IP y leerlo directamente. Esto provoc\u00f3 que la m\u00e1quina entrara en p\u00e1nico, ya que la IP no apuntaba a una direcci\u00f3n de memoria v\u00e1lida. En su lugar, lea la direcci\u00f3n IP con copy_from_kernel_nofault() para acceder de forma segura a la memoria y, si falla, informe que la direcci\u00f3n fall\u00f3; de lo contrario, informe qu\u00e9 hab\u00eda en esa ubicaci\u00f3n."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-706"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.6.28",
"versionEndExcluding": "4.4.273",
"matchCriteriaId": "224F5847-99C4-401E-A5D6-712A45CC534F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.5",
"versionEndExcluding": "4.9.273",
"matchCriteriaId": "484D222B-5082-4E28-BF0F-B52766353015"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.10",
"versionEndExcluding": "4.14.237",
"matchCriteriaId": "83CDDAD5-5539-46C9-9255-C1DAC38F7905"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.195",
"matchCriteriaId": "23EECCE9-4D4C-4684-AB00-10C938F5DDC1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.126",
"matchCriteriaId": "876275F9-BEC7-40E8-9D7F-A20729A4A4FF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.44",
"matchCriteriaId": "DA547B08-9D25-467B-AD0D-8460FE4EE70D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.12.11",
"matchCriteriaId": "F914A757-FAFD-407E-9031-21F66635D5EA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0CBAD0FC-C281-4666-AB2F-F8E6E1165DF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc2:*:*:*:*:*:*",
"matchCriteriaId": "96AC23B2-D46A-49D9-8203-8E1BEDCA8532"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc3:*:*:*:*:*:*",
"matchCriteriaId": "DA610E30-717C-4700-9F77-A3C9244F3BFD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc4:*:*:*:*:*:*",
"matchCriteriaId": "1ECD33F5-85BE-430B-8F86-8D7BD560311D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc5:*:*:*:*:*:*",
"matchCriteriaId": "CF351855-2437-4CF5-AD7C-BDFA51F27683"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/0bc62e398bbd9e600959e610def5109957437b28",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3e4ddeb68751fb4fb657199aed9cfd5d02796875",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4aedc2bc2b32c93555f47c95610efb89cc1ec09b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6c14133d2d3f768e0a35128faac8aa6ed4815051",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7e4e824b109f1d41ccf223fbb0565d877d6223a2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/862dcc14f2803c556bdd73b43c27b023fafce2fb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/97524384762c1fb9b3ded931498dd2047bd0de81",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/acf671ba79c1feccc3ec7cfdcffead4efcec49e7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/0bc62e398bbd9e600959e610def5109957437b28",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3e4ddeb68751fb4fb657199aed9cfd5d02796875",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4aedc2bc2b32c93555f47c95610efb89cc1ec09b",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6c14133d2d3f768e0a35128faac8aa6ed4815051",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7e4e824b109f1d41ccf223fbb0565d877d6223a2",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/862dcc14f2803c556bdd73b43c27b023fafce2fb",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/97524384762c1fb9b3ded931498dd2047bd0de81",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/acf671ba79c1feccc3ec7cfdcffead4efcec49e7",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

206
CVE-2021/CVE-2021-472xx/CVE-2021-47277.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47277",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-21T15:15:16.053",
"lastModified": "2024-11-21T06:35:46.993",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-30T14:30:29.513",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,71 +15,239 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: kvm: evite ataques basados en especulacion desde accesos a memslot fuera de rango. El mecanismo de KVM para acceder a la memoria del invitado traduce una direcci\u00f3n f\u00edsica del invitado (gpa) a una direcci\u00f3n virtual del host usando el bot\u00f3n derecho. gpa desplazado (tambi\u00e9n conocido como gfn) y una estructura kvm_memory_slot. La traducci\u00f3n se realiza en __gfn_to_hva_memslot usando la siguiente f\u00f3rmula: hva = slot->userspace_addr + (gfn - slot->base_gfn) * PAGE_SIZE Se espera que gfn est\u00e9 dentro de los l\u00edmites de la memoria f\u00edsica del hu\u00e9sped. Sin embargo, un invitado puede acceder a direcciones f\u00edsicas no v\u00e1lidas de tal manera que el gfn no sea v\u00e1lido. __gfn_to_hva_memslot se llama desde kvm_vcpu_gfn_to_hva_prot, que primero recupera un memslot a trav\u00e9s de __gfn_to_memslot. Si bien __gfn_to_memslot verifica que el gfn est\u00e9 dentro de los l\u00edmites de la memoria f\u00edsica del hu\u00e9sped o no, una CPU puede especular el resultado de la verificaci\u00f3n y continuar la ejecuci\u00f3n de manera especulativa usando un gfn ilegal. La especulaci\u00f3n puede resultar en el c\u00e1lculo de un hva fuera de los l\u00edmites. Si la direcci\u00f3n virtual del host resultante se utiliza para cargar otra direcci\u00f3n f\u00edsica de invitado, se trata efectivamente de un dispositivo Spectre que consta de dos lecturas consecutivas, la segunda de las cuales depende de los datos de la primera. En este momento no est\u00e1 claro si hay casos en los que esto sea explotable. El autor original de este parche inform\u00f3 un caso interesante que implica visitar tablas de p\u00e1ginas de invitados en x86. En este momento, estos no son vulnerables porque la lectura de hva pasa por get_user(), que contiene una barrera de especulaci\u00f3n LFENCE. Sin embargo, hay parches en progreso para x86 uaccess.h para enmascarar las direcciones del kernel en lugar de usar LFENCE; Una vez que aterrizan, un invitado podr\u00eda usar la especulaci\u00f3n para leer desde el espacio de direcciones del anillo 3 del VMM. Otras arquitecturas, como ARM, ya utilizan el m\u00e9todo de enmascaramiento de direcciones y ser\u00edan susceptibles a este mismo tipo de dispositivos de acceso dependientes de datos. Por lo tanto, este parche protege proactivamente contra estos ataques al enmascarar gfns fuera de los l\u00edmites en __gfn_to_hva_memslot, lo que bloquea la especulaci\u00f3n sobre hvas no v\u00e1lidos. Sean Christopherson se\u00f1al\u00f3 que este parche no cubre kvm_read_guest_offset_cached. Sin embargo, esto se limita a unos pocos bytes despu\u00e9s del final de la cach\u00e9 y, por lo tanto, es poco probable que sea \u00fatil en el contexto de la construcci\u00f3n de una cadena de accesos dependientes de datos."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.4.273",
"matchCriteriaId": "2A209A4F-1F96-4D92-BCA6-A12D00C4404B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.5",
"versionEndExcluding": "4.9.273",
"matchCriteriaId": "484D222B-5082-4E28-BF0F-B52766353015"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.10",
"versionEndExcluding": "4.14.237",
"matchCriteriaId": "83CDDAD5-5539-46C9-9255-C1DAC38F7905"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.195",
"matchCriteriaId": "23EECCE9-4D4C-4684-AB00-10C938F5DDC1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.126",
"matchCriteriaId": "876275F9-BEC7-40E8-9D7F-A20729A4A4FF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.44",
"matchCriteriaId": "DA547B08-9D25-467B-AD0D-8460FE4EE70D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.12.11",
"matchCriteriaId": "F914A757-FAFD-407E-9031-21F66635D5EA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0CBAD0FC-C281-4666-AB2F-F8E6E1165DF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc2:*:*:*:*:*:*",
"matchCriteriaId": "96AC23B2-D46A-49D9-8203-8E1BEDCA8532"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc3:*:*:*:*:*:*",
"matchCriteriaId": "DA610E30-717C-4700-9F77-A3C9244F3BFD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc4:*:*:*:*:*:*",
"matchCriteriaId": "1ECD33F5-85BE-430B-8F86-8D7BD560311D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc5:*:*:*:*:*:*",
"matchCriteriaId": "CF351855-2437-4CF5-AD7C-BDFA51F27683"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/22b87fb17a28d37331bb9c1110737627b17f6781",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3098b86390a6b9ea52657689f08410baf130ceff",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/361ce3b917aff93123e9e966d8608655c967f438",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/740621309b25bbf619b8a0ba5fd50a8e58989441",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7af299b97734c7e7f465b42a2139ce4d77246975",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/bff1fbf0cf0712686f1df59a83fba6e31d2746a0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/da27a83fd6cc7780fea190e1f5c19e87019da65c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ed0e2a893092c7fcb4ff7ba74e5efce53a6f5940",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/22b87fb17a28d37331bb9c1110737627b17f6781",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3098b86390a6b9ea52657689f08410baf130ceff",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/361ce3b917aff93123e9e966d8608655c967f438",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/740621309b25bbf619b8a0ba5fd50a8e58989441",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7af299b97734c7e7f465b42a2139ce4d77246975",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/bff1fbf0cf0712686f1df59a83fba6e31d2746a0",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/da27a83fd6cc7780fea190e1f5c19e87019da65c",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ed0e2a893092c7fcb4ff7ba74e5efce53a6f5940",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

139
CVE-2021/CVE-2021-472xx/CVE-2021-47282.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47282",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-21T15:15:16.430",
"lastModified": "2024-11-21T06:35:47.563",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-30T14:30:12.573",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,39 +15,156 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: spi: bcm2835: corrige el acceso fuera de los l\u00edmites con m\u00e1s de 4 esclavos. La confirmaci\u00f3n 571e31fa60b3 (\"spi: bcm2835: valor de registro CS de cach\u00e9 para ->prepare_message()\") limit\u00f3 el n\u00famero de esclavos a 3 en tiempo de compilaci\u00f3n. La limitaci\u00f3n fue necesaria por una matriz de tama\u00f1o est\u00e1tico prepare_cs[] en los datos privados del controlador que contiene un valor de registro por esclavo. La confirmaci\u00f3n buscaba hacer cumplir la limitaci\u00f3n en tiempo de ejecuci\u00f3n estableciendo num_chipselect del controlador en 3: spi_add_device() rechaza los esclavos con una selecci\u00f3n de chip m\u00e1s alta. Sin embargo, la confirmaci\u00f3n omiti\u00f3 que num_chipselect solo limita el n\u00famero de selecciones de chips *nativas*. Si se especifican selecciones de chips GPIO en el \u00e1rbol de dispositivos para m\u00e1s de 3 esclavos, of_spi_get_gpio_numbers() genera silenciosamente num_chipselect y el resultado son accesos fuera de los l\u00edmites a la matriz de tama\u00f1o est\u00e1tico prepare_cs[]. Como soluci\u00f3n curita que se puede volver a transferir a estable, aumente la cantidad de esclavos permitidos a 24 (lo que \"deber\u00eda ser suficiente para cualquiera\"), aplique la limitaci\u00f3n en esclavo -> configuraci\u00f3n y revierta num_chipselect a 3 (que es la cantidad de nativos selecciones de chips admitidas por el controlador). Una pr\u00f3xima confirmaci\u00f3n para la pr\u00f3xima permitir\u00e1 una cantidad arbitraria de esclavos."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.4",
"versionEndExcluding": "5.4.126",
"matchCriteriaId": "6D23A3FF-8CE4-41A1-9E6A-8138FDC413F6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.44",
"matchCriteriaId": "DA547B08-9D25-467B-AD0D-8460FE4EE70D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.12.11",
"matchCriteriaId": "F914A757-FAFD-407E-9031-21F66635D5EA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0CBAD0FC-C281-4666-AB2F-F8E6E1165DF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc2:*:*:*:*:*:*",
"matchCriteriaId": "96AC23B2-D46A-49D9-8203-8E1BEDCA8532"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc3:*:*:*:*:*:*",
"matchCriteriaId": "DA610E30-717C-4700-9F77-A3C9244F3BFD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc4:*:*:*:*:*:*",
"matchCriteriaId": "1ECD33F5-85BE-430B-8F86-8D7BD560311D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc5:*:*:*:*:*:*",
"matchCriteriaId": "CF351855-2437-4CF5-AD7C-BDFA51F27683"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/01415ff85a24308059e06ca3e97fd7bf75648690",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/13817d466eb8713a1ffd254f537402f091d48444",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/82a8ffba54d31e97582051cb56ba1f988018681e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b5502580cf958b094f3b69dfe4eece90eae01fbc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/01415ff85a24308059e06ca3e97fd7bf75648690",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/13817d466eb8713a1ffd254f537402f091d48444",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/82a8ffba54d31e97582051cb56ba1f988018681e",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b5502580cf958b094f3b69dfe4eece90eae01fbc",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

107
CVE-2021/CVE-2021-472xx/CVE-2021-47286.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47286",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-21T15:15:16.723",
"lastModified": "2024-11-21T06:35:48.023",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-30T14:26:35.967",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,31 +15,120 @@
"value": " En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: bus: mhi: core: valida el ID del canal al procesar la finalizaci\u00f3n del comando MHI lee el ID del canal del elemento del anillo de eventos enviado por el dispositivo, que puede tener cualquier valor entre 0 y 255. Para evitar accesos fuera de los l\u00edmites, agregue una verificaci\u00f3n del n\u00famero m\u00e1ximo de canales admitidos por el controlador y aquellos canales que a\u00fan no est\u00e1n configurados para omitir el procesamiento de ese elemento del anillo de eventos."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.7",
"versionEndExcluding": "5.10.54",
"matchCriteriaId": "ACAFA789-29AA-41E7-9D88-F49BCA874252"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.13.6",
"matchCriteriaId": "512C22FC-1524-4E6F-9E62-4F4B7B6E0576"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.14:rc1:*:*:*:*:*:*",
"matchCriteriaId": "71268287-21A8-4488-AA4F-23C473153131"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.14:rc2:*:*:*:*:*:*",
"matchCriteriaId": "23B9E5C6-FAB5-4A02-9E39-27C8787B0991"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/3efec3b4b16fc7af25676a94230a8ab2a3bb867c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/546362a9ef2ef40b57c6605f14e88ced507f8dd0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/aed4f5b51aba41e2afd7cfda20a0571a6a67dfe9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3efec3b4b16fc7af25676a94230a8ab2a3bb867c",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/546362a9ef2ef40b57c6605f14e88ced507f8dd0",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/aed4f5b51aba41e2afd7cfda20a0571a6a67dfe9",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

22
CVE-2022/CVE-2022-04xx/CVE-2022-0421.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-0421",
"sourceIdentifier": "contact@wpscan.com",
"published": "2022-11-21T11:15:19.153",
"lastModified": "2024-11-21T06:38:35.540",
"lastModified": "2025-04-30T15:15:50.137",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},

22
CVE-2022/CVE-2022-15xx/CVE-2022-1578.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-1578",
"sourceIdentifier": "contact@wpscan.com",
"published": "2022-11-21T11:15:19.887",
"lastModified": "2024-11-21T06:41:00.377",
"lastModified": "2025-04-30T15:15:51.100",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},

22
CVE-2022/CVE-2022-15xx/CVE-2022-1579.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-1579",
"sourceIdentifier": "contact@wpscan.com",
"published": "2022-11-21T11:15:19.960",
"lastModified": "2024-11-21T06:41:00.493",
"lastModified": "2025-04-30T15:15:51.260",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},

22
CVE-2022/CVE-2022-15xx/CVE-2022-1581.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-1581",
"sourceIdentifier": "contact@wpscan.com",
"published": "2022-11-21T11:15:20.037",
"lastModified": "2024-11-21T06:41:00.723",
"lastModified": "2025-04-30T15:15:51.403",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},

32
CVE-2022/CVE-2022-204xx/CVE-2022-20427.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-20427",
"sourceIdentifier": "security@android.com",
"published": "2022-11-17T23:15:12.967",
"lastModified": "2024-11-21T06:42:47.557",
"lastModified": "2025-04-30T14:15:24.230",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-204xx/CVE-2022-20428.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-20428",
"sourceIdentifier": "security@android.com",
"published": "2022-11-17T23:15:13.490",
"lastModified": "2024-11-21T06:42:47.667",
"lastModified": "2025-04-30T15:15:51.553",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-204xx/CVE-2022-20459.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-20459",
"sourceIdentifier": "security@android.com",
"published": "2022-11-17T23:15:13.730",
"lastModified": "2024-11-21T06:42:51.173",
"lastModified": "2025-04-30T15:15:51.723",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-20"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-204xx/CVE-2022-20460.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-20460",
"sourceIdentifier": "security@android.com",
"published": "2022-11-17T23:15:14.070",
"lastModified": "2024-11-21T06:42:51.290",
"lastModified": "2025-04-30T15:15:51.880",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-292xx/CVE-2022-29275.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-29275",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-15T21:15:36.607",
"lastModified": "2024-11-21T06:58:51.080",
"lastModified": "2025-04-30T15:15:52.093",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.5,
"impactScore": 6.0
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.5,
"impactScore": 6.0
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-119"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-292xx/CVE-2022-29276.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-29276",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-15T22:15:10.087",
"lastModified": "2024-11-21T06:58:51.230",
"lastModified": "2025-04-30T15:15:52.360",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.5,
"impactScore": 6.0
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.5,
"impactScore": 6.0
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-292xx/CVE-2022-29277.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-29277",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-15T22:15:10.933",
"lastModified": "2024-11-21T06:58:51.380",
"lastModified": "2025-04-30T15:15:52.540",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.0,
"impactScore": 6.0
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.0,
"impactScore": 6.0
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-292xx/CVE-2022-29278.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-29278",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-15T22:15:11.117",
"lastModified": "2024-11-21T06:58:51.567",
"lastModified": "2025-04-30T15:15:52.750",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.5,
"impactScore": 6.0
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.5,
"impactScore": 6.0
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-754"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-754"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-292xx/CVE-2022-29279.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-29279",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-15T22:15:11.277",
"lastModified": "2024-11-21T06:58:51.713",
"lastModified": "2025-04-30T15:15:52.927",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.5,
"impactScore": 6.0
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.5,
"impactScore": 6.0
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-119"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-302xx/CVE-2022-30257.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-30257",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-21T22:15:09.773",
"lastModified": "2024-11-21T07:02:27.173",
"lastModified": "2025-04-30T15:15:53.110",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-706"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-706"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-302xx/CVE-2022-30258.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-30258",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-21T22:15:12.110",
"lastModified": "2024-11-21T07:02:27.317",
"lastModified": "2025-04-30T15:15:53.293",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-706"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-706"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-302xx/CVE-2022-30283.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-30283",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-15T21:15:36.810",
"lastModified": "2024-11-21T07:02:29.650",
"lastModified": "2025-04-30T15:15:53.467",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 6.0
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 6.0
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-367"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-367"
}
]
}
],
"configurations": [

22
CVE-2022/CVE-2022-33xx/CVE-2022-3336.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-3336",
"sourceIdentifier": "contact@wpscan.com",
"published": "2022-11-21T11:15:20.340",
"lastModified": "2024-11-21T07:19:19.313",
"lastModified": "2025-04-30T14:15:24.720",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},

12
CVE-2022/CVE-2022-343xx/CVE-2022-34318.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-34318",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2022-12-12T13:15:12.367",
"lastModified": "2024-11-21T07:09:17.337",
"lastModified": "2025-04-30T15:15:53.763",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-1021"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1021"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-364xx/CVE-2022-36432.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-36432",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-17T05:15:14.290",
"lastModified": "2024-11-21T07:12:59.810",
"lastModified": "2025-04-30T15:15:53.997",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

22
CVE-2022/CVE-2022-36xx/CVE-2022-3600.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-3600",
"sourceIdentifier": "contact@wpscan.com",
"published": "2022-11-21T11:15:20.410",
"lastModified": "2025-02-07T19:44:53.660",
"lastModified": "2025-04-30T14:15:24.883",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},

32
CVE-2022/CVE-2022-381xx/CVE-2022-38165.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-38165",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-17T23:15:18.003",
"lastModified": "2024-11-21T07:15:55.400",
"lastModified": "2025-04-30T15:15:54.190",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-388xx/CVE-2022-38871.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-38871",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-18T23:15:20.117",
"lastModified": "2024-11-21T07:17:12.870",
"lastModified": "2025-04-30T14:15:24.510",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-400"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-408xx/CVE-2022-40846.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-40846",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-15T03:15:14.713",
"lastModified": "2024-11-21T07:22:08.607",
"lastModified": "2025-04-30T15:15:54.480",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-408xx/CVE-2022-40847.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-40847",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-15T02:15:11.270",
"lastModified": "2024-11-21T07:22:08.760",
"lastModified": "2025-04-30T15:15:54.687",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-78"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-413xx/CVE-2022-41395.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-41395",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-15T03:15:14.887",
"lastModified": "2024-11-21T07:23:08.853",
"lastModified": "2025-04-30T15:15:54.867",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-78"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-413xx/CVE-2022-41396.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-41396",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-15T03:15:15.067",
"lastModified": "2024-11-21T07:23:09.007",
"lastModified": "2025-04-30T15:15:55.063",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-78"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-420xx/CVE-2022-42053.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-42053",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-15T03:15:15.187",
"lastModified": "2024-11-21T07:24:18.170",
"lastModified": "2025-04-30T15:15:55.243",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-78"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-420xx/CVE-2022-42058.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-42058",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-15T03:15:15.307",
"lastModified": "2024-11-21T07:24:18.587",
"lastModified": "2025-04-30T15:15:55.433",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-421xx/CVE-2022-42118.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-42118",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-15T01:15:12.410",
"lastModified": "2024-11-21T07:24:23.750",
"lastModified": "2025-04-30T15:15:55.630",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-421xx/CVE-2022-42119.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-42119",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-15T01:15:12.587",
"lastModified": "2024-11-21T07:24:23.913",
"lastModified": "2025-04-30T15:15:55.870",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-421xx/CVE-2022-42125.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-42125",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-15T01:15:13.200",
"lastModified": "2024-11-21T07:24:24.877",
"lastModified": "2025-04-30T15:15:56.050",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-22"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-421xx/CVE-2022-42126.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-42126",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-15T01:15:13.267",
"lastModified": "2024-11-21T07:24:25.027",
"lastModified": "2025-04-30T15:15:56.240",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-421xx/CVE-2022-42127.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-42127",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-15T01:15:13.347",
"lastModified": "2024-11-21T07:24:25.180",
"lastModified": "2025-04-30T15:15:56.417",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-276"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-421xx/CVE-2022-42128.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-42128",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-15T01:15:13.430",
"lastModified": "2024-11-21T07:24:25.337",
"lastModified": "2025-04-30T15:15:56.587",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-276"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-421xx/CVE-2022-42131.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-42131",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-15T02:15:12.087",
"lastModified": "2024-11-21T07:24:25.820",
"lastModified": "2025-04-30T15:15:56.773",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.2,
"impactScore": 2.5
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.2,
"impactScore": 2.5
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-295"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-295"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-421xx/CVE-2022-42132.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-42132",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-15T02:15:12.240",
"lastModified": "2024-11-21T07:24:25.987",
"lastModified": "2025-04-30T15:15:56.963",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-200"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"configurations": [

22
CVE-2022/CVE-2022-428xx/CVE-2022-42892.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-42892",
"sourceIdentifier": "productcert@siemens.com",
"published": "2022-11-17T17:15:12.880",
"lastModified": "2024-11-21T07:25:32.580",
"lastModified": "2025-04-30T15:15:57.157",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},

22
CVE-2022/CVE-2022-428xx/CVE-2022-42893.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-42893",
"sourceIdentifier": "productcert@siemens.com",
"published": "2022-11-17T17:15:13.207",
"lastModified": "2024-11-21T07:25:32.710",
"lastModified": "2025-04-30T15:15:57.337",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},

22
CVE-2022/CVE-2022-428xx/CVE-2022-42894.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-42894",
"sourceIdentifier": "productcert@siemens.com",
"published": "2022-11-17T17:15:13.433",
"lastModified": "2024-11-21T07:25:32.830",
"lastModified": "2025-04-30T15:15:57.507",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},

32
CVE-2022/CVE-2022-429xx/CVE-2022-42903.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-42903",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-17T22:15:10.840",
"lastModified": "2024-11-21T07:25:34.270",
"lastModified": "2025-04-30T15:15:57.673",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 3.3,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-862"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-429xx/CVE-2022-42904.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-42904",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-18T21:15:11.563",
"lastModified": "2024-11-21T07:25:34.440",
"lastModified": "2025-04-30T14:15:25.133",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-429xx/CVE-2022-42954.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-42954",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-17T05:15:15.133",
"lastModified": "2024-11-21T07:25:40.733",
"lastModified": "2025-04-30T15:15:57.860",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

22
CVE-2022/CVE-2022-429xx/CVE-2022-42982.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-42982",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-17T05:15:15.440",
"lastModified": "2024-11-21T07:25:44.240",
"lastModified": "2025-04-30T14:15:25.340",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},

32
CVE-2022/CVE-2022-430xx/CVE-2022-43096.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-43096",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-17T23:15:23.810",
"lastModified": "2024-11-21T07:25:55.033",
"lastModified": "2025-04-30T15:15:58.047",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 0.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1191"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-431xx/CVE-2022-43138.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-43138",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-17T17:15:13.543",
"lastModified": "2024-11-21T07:25:58.543",
"lastModified": "2025-04-30T14:15:25.540",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-Other"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-431xx/CVE-2022-43140.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-43140",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-17T17:15:13.613",
"lastModified": "2024-11-21T07:25:58.720",
"lastModified": "2025-04-30T14:15:25.740",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-918"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-432xx/CVE-2022-43265.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-43265",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-15T21:15:38.577",
"lastModified": "2024-11-21T07:26:10.140",
"lastModified": "2025-04-30T15:15:58.230",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-434"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-433xx/CVE-2022-43308.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-43308",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-18T04:15:16.603",
"lastModified": "2024-11-21T07:26:14.757",
"lastModified": "2025-04-30T14:15:25.927",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-269"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-436xx/CVE-2022-43673.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-43673",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-18T20:15:10.193",
"lastModified": "2024-11-21T07:27:01.090",
"lastModified": "2025-04-30T14:15:26.123",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.0,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.0,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-532"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-532"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-436xx/CVE-2022-43693.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-43693",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-14T17:15:10.433",
"lastModified": "2024-11-21T07:27:03.677",
"lastModified": "2025-04-30T15:15:58.473",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-352"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-436xx/CVE-2022-43694.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-43694",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-14T19:15:24.813",
"lastModified": "2024-11-21T07:27:03.840",
"lastModified": "2025-04-30T15:15:58.720",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-440xx/CVE-2022-44003.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-44003",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-16T23:15:12.017",
"lastModified": "2024-11-21T07:27:30.427",
"lastModified": "2025-04-30T14:15:26.320",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-440xx/CVE-2022-44004.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-44004",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-16T23:15:12.297",
"lastModified": "2024-11-21T07:27:30.573",
"lastModified": "2025-04-30T14:15:26.520",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-640"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-640"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-440xx/CVE-2022-44005.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-44005",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-16T23:15:12.613",
"lastModified": "2024-11-21T07:27:30.717",
"lastModified": "2025-04-30T14:15:26.717",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-639"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-639"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-442xx/CVE-2022-44204.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-44204",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-18T17:15:10.123",
"lastModified": "2024-11-21T07:27:45.053",
"lastModified": "2025-04-30T14:15:26.907",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-120"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-443xx/CVE-2022-44378.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-44378",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-18T18:15:10.473",
"lastModified": "2024-11-21T07:27:56.650",
"lastModified": "2025-04-30T14:15:27.430",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-451xx/CVE-2022-45132.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-45132",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-18T23:15:29.637",
"lastModified": "2024-11-21T07:28:49.160",
"lastModified": "2025-04-30T15:15:58.903",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-94"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"configurations": [

12
CVE-2022/CVE-2022-451xx/CVE-2022-45163.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-45163",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-18T23:15:29.807",
"lastModified": "2024-11-21T07:28:52.180",
"lastModified": "2025-04-30T15:15:59.090",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-203"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-203"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-453xx/CVE-2022-45380.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-45380",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2022-11-15T20:15:11.480",
"lastModified": "2024-11-21T07:29:09.103",
"lastModified": "2025-04-30T15:15:59.297",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-453xx/CVE-2022-45381.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-45381",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2022-11-15T20:15:11.567",
"lastModified": "2024-11-21T07:29:09.217",
"lastModified": "2025-04-30T15:15:59.470",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-22"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-453xx/CVE-2022-45382.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-45382",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2022-11-15T20:15:11.647",
"lastModified": "2024-11-21T07:29:09.340",
"lastModified": "2025-04-30T14:15:27.683",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-453xx/CVE-2022-45383.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-45383",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2022-11-15T20:15:11.730",
"lastModified": "2024-11-21T07:29:09.450",
"lastModified": "2025-04-30T14:15:27.883",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-863"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"configurations": [

22
CVE-2022/CVE-2022-454xx/CVE-2022-45473.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-45473",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-18T18:15:10.700",
"lastModified": "2024-11-21T07:29:18.763",
"lastModified": "2025-04-30T15:15:59.640",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},

89
CVE-2023/CVE-2023-225xx/CVE-2023-22512.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22512",
"sourceIdentifier": "security@atlassian.com",
"published": "2024-01-16T18:15:09.130",
"lastModified": "2025-03-17T23:15:16.143",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-04-30T13:34:35.110",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "security@atlassian.com",
@ -39,14 +61,73 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.6",
"versionEndExcluding": "7.19.14",
"matchCriteriaId": "902E46F9-334A-41FF-B018-5EF723F3F1A5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.0.0",
"versionEndExcluding": "8.5.1",
"matchCriteriaId": "6864ADF8-9209-4E0A-989A-4BEA4ABC3601"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.6",
"versionEndExcluding": "7.19.14",
"matchCriteriaId": "14D4E84F-17C0-40DF-9234-063D03434DB5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.0.0",
"versionEndExcluding": "8.5.1",
"matchCriteriaId": "A2C6F3F1-6E32-4083-A8F6-149C85F31626"
}
]
}
]
}
],
"references": [
{
"url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1283691616",
"source": "security@atlassian.com"
"source": "security@atlassian.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://jira.atlassian.com/browse/CONFSERVER-91258",
"source": "security@atlassian.com"
"source": "security@atlassian.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
}
]
}

75
CVE-2023/CVE-2023-225xx/CVE-2023-22514.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22514",
"sourceIdentifier": "security@atlassian.com",
"published": "2024-01-16T18:15:09.170",
"lastModified": "2025-03-18T17:15:39.890",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-04-30T15:48:04.253",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "security@atlassian.com",
@ -39,14 +61,59 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:sourcetree:*:*:*:*:*:windows:*:*",
"versionStartIncluding": "3.4.0",
"versionEndExcluding": "3.4.15",
"matchCriteriaId": "5B6BE8EF-BAC2-41E9-9D16-A4E99BCF6E58"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:sourcetree:*:*:*:*:*:macos:*:*",
"versionStartIncluding": "4.1.0",
"versionEndExcluding": "4.2.5",
"matchCriteriaId": "BFD4799A-F207-47AF-8840-5921E43CF365"
}
]
}
]
}
],
"references": [
{
"url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1299929380",
"source": "security@atlassian.com"
"source": "security@atlassian.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://jira.atlassian.com/browse/SRCTREE-8076",
"source": "security@atlassian.com"
"source": "security@atlassian.com",
"tags": [
"Vendor Advisory",
"Issue Tracking"
]
}
]
}

32
CVE-2023/CVE-2023-54xx/CVE-2023-5482.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-5482",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-11-01T18:15:09.973",
"lastModified": "2024-11-21T08:41:51.757",
"lastModified": "2025-04-30T15:15:59.840",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-345"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-345"
}
]
}
],
"configurations": [

64
CVE-2024/CVE-2024-112xx/CVE-2024-11299.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-11299",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-04-22T12:15:14.677",
"lastModified": "2025-04-23T14:08:13.383",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-04-30T14:52:15.387",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,16 +69,50 @@
"value": "CWE-200"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:caseproof:memberpress:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.11.37",
"matchCriteriaId": "DF8A0E29-E17E-4716-B46B-2F5A5302C2CF"
}
]
}
]
}
],
"references": [
{
"url": "https://memberpress.com/change-log/#1.12.0",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/787cd2bb-489f-471a-82e0-073b4766b45a?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

948
CVE-2024/CVE-2024-202xx/CVE-2024-20259.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20259",
"sourceIdentifier": "psirt@cisco.com",
"published": "2024-03-27T17:15:50.913",
"lastModified": "2024-11-21T08:52:07.937",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-30T15:19:23.213",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 4.0
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0
}
]
},
@ -49,16 +69,936 @@
"value": "CWE-122"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E306B09C-CB48-4067-B60C-5F738555EEAC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "CD446C51-E713-4E46-8328-0A0477D140D2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "4FF0DD16-D76A-45EA-B01A-20C71AEFA3B4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.1t:*:*:*:*:*:*:*",
"matchCriteriaId": "4BDD0CEC-4A19-438D-B2A1-8664A1D8F3C4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8B4D4659-A304-459F-8AB3-ED6D84B44C0F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4B7EE7C7-D6C1-4C35-8C80-EAF3FC7E7EFA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "B51FA707-8DB1-4596-9122-D4BFEF17F400"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1r:*:*:*:*:*:*:*",
"matchCriteriaId": "C04DF35A-1B6F-420A-8D84-74EB41BF3700"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1v:*:*:*:*:*:*:*",
"matchCriteriaId": "211CC9B2-6108-4C50-AB31-DC527C43053E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "75CCB5F1-27F5-4FF9-8389-0A9ABCF7F070"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "08DCCBA3-82D2-4444-B5D3-E5FC58D024F9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "128F95D7-E49F-4B36-8F47-823C0298449E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "E21B3881-37E9-4C00-9336-12C9C28D1B61"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.1w:*:*:*:*:*:*:*",
"matchCriteriaId": "E54599DB-A85E-4EEA-9985-2CBF90E28A08"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.1x:*:*:*:*:*:*:*",
"matchCriteriaId": "4046C325-7EDB-4C95-AA98-541BEC8F9E0F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.1z:*:*:*:*:*:*:*",
"matchCriteriaId": "E5B70A3D-CBE1-4218-A7B4-F85741A57BD7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2B270A04-9961-4E99-806B-441CD674AFBD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "1360069D-0358-4746-8C3F-44C2A40988D7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C5DD2403-113B-4100-8BD4-90E1927E6648"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DAF73937-BCE2-4BEF-B4B0-83212DA4A6C8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.4a:*:*:*:*:*:*:*",
"matchCriteriaId": "2DDB1E60-C2A9-4570-BE80-F3D478A53738"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.4b:*:*:*:*:*:*:*",
"matchCriteriaId": "9841799A-87E2-46AE-807A-824981EAB35A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.4c:*:*:*:*:*:*:*",
"matchCriteriaId": "0CEF022B-271F-4017-B74B-82748D5EBA01"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6B2902D8-3A7B-4C47-9BC6-8CA4C580A346"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "8871B890-78F4-4D9D-AEFF-6A393493C51E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.5b:*:*:*:*:*:*:*",
"matchCriteriaId": "9E489AC5-A445-44FF-AA85-F0915577384E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "917BA05C-2A18-4C68-B508-85C2B5A94416"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "06337791-7D8D-4EAA-BACC-4E270F377B3E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "336A8630-653C-4E28-8DE1-76CDD8573980"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.8a:*:*:*:*:*:*:*",
"matchCriteriaId": "0A1767AE-7D9F-4BAA-90E1-CF8314CD0B53"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5A6B707B-4543-41F1-83DF-49A93BF56FB1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.4.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "DC8F611B-D347-4A21-90E6-56CF4D8A35A3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.4.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "D9A92CE4-B4B0-4C14-AE11-8DFE511406F3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "274E3E6F-4280-4EAE-B102-1BE57FE1F1D2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.4.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "46B52A51-51DB-4A12-AB1D-8D9605226599"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "938B0720-8CA7-43BA-9708-5CE9EC7A565A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.5.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "D4BE7166-DBD3-4CE6-A14A-725FE896B85E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4DE62C4B-7C06-4907-BADE-416C1618D2D9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "0C60DF3F-DBD9-4BBF-812E-4BB0C47BDF3C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1w:*:*:*:*:*:*:*",
"matchCriteriaId": "26FEE2E2-DD85-4006-8895-0BDA04E8EE4C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1x:*:*:*:*:*:*:*",
"matchCriteriaId": "A0CD237B-2843-4D37-87D7-AE6D1A53458A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1y:*:*:*:*:*:*:*",
"matchCriteriaId": "1B80614B-6362-45F0-B305-2F137B053DCF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1z:*:*:*:*:*:*:*",
"matchCriteriaId": "47B20C7E-1C9C-4EF4-91E4-388643C4B9C0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1z1:*:*:*:*:*:*:*",
"matchCriteriaId": "EB7966A0-D84D-47F7-AED9-D041BCDA6703"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "04D19D8C-FACF-49B4-BA99-CC3A3FDADAFB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0B78942C-BEE1-4D18-9075-8E1D991BF621"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "5B306D35-4A13-4D23-8EC2-D000E8ADCDA5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9F21093D-1036-4F6B-B90F-ACE1EF99EA33"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "280D24C6-A2BF-46E8-B512-6A3FA7833922"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "1F903F51-ABF4-49B0-A5BA-A6B51F79666F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E3F244E7-8EE9-4E58-83FA-EEDD3C8F792D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.6a:*:*:*:*:*:*:*",
"matchCriteriaId": "5238B1D1-740D-4B37-A0CB-1B3343E55D05"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "38B87B17-C653-40AC-8AE4-066BB1123C88"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.7.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "9012A66E-82C4-4ACF-A4BB-37EC54B87B50"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.7.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "9C945710-7DC3-43D9-9FBE-F2A1B8666C73"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "849C6FF1-F7C0-4021-BCA2-A791C87E4F37"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7592C7E3-3735-425F-A276-9EE03224CD5E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.8.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "1103BE75-EB64-4A9A-801E-EDE6A1F861F5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5B0C2129-8149-4362-827C-A5494C9D398B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "7452C7E9-6241-42C5-9A7F-13C0BD38A2B4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1w:*:*:*:*:*:*:*",
"matchCriteriaId": "38C48FC4-5362-4B61-8B8C-7CAFFB81045E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1x:*:*:*:*:*:*:*",
"matchCriteriaId": "2BC43383-DF99-4D38-A220-0A202623B36A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1x1:*:*:*:*:*:*:*",
"matchCriteriaId": "B7E6CD08-EC7E-42C1-B2C2-CA5E154545A0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1y:*:*:*:*:*:*:*",
"matchCriteriaId": "DE62DC68-E882-49E7-AAD2-2F73637FFB4A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1y1:*:*:*:*:*:*:*",
"matchCriteriaId": "57CD29C9-C629-48B0-ABDD-CEC3DEB6FB11"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D197445E-EC12-429C-BDD4-F63FA5C1B3E3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "BD27DF50-9E81-4EC5-BA73-513F1DFB972C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "51EA3EAA-A379-467E-AF9A-FCFBACAE49C7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "4FC63AAF-758F-4A70-9738-96E75A0A1DDA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E67BE408-8DCF-491F-9EA9-E368565C1B49"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.4a:*:*:*:*:*:*:*",
"matchCriteriaId": "D9CFE98A-FBA5-4837-BBD9-3C875ECEBF1B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "42FAEC29-D754-49D6-85F1-F5DDFAF6E80F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.10.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "CCE76032-948F-444F-BA5D-72A34D1CD382"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.10.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "9A965A2A-129C-45C3-BCB1-2860F583D020"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F313F2EC-F3D6-4639-934C-402DDA3DA806"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.11.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "4AFB2CA6-8332-4E4D-BDB4-C3B770D3AD6C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.11.99sw:*:*:*:*:*:*:*",
"matchCriteriaId": "6F7C157F-5569-4072-805F-7AF598F6B56F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1BF0778B-015D-481B-BAC0-40667F3453D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "1EEBC0EB-0DBB-4530-AFC4-AA0036469656"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.1w:*:*:*:*:*:*:*",
"matchCriteriaId": "66D0DB87-6BB7-4FCF-BF20-6D4D48D72B79"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "749040C6-A21A-4EF3-8213-42EE01CFA303"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9105:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F3CCCFE-88CC-4F7B-8958-79CA62516EA9"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9105ax:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C76DACE3-7D3B-4FE6-8567-0C9D43FF7A7E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9105axi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19F93DF4-67DB-4B30-AC22-60C67DF32DB2"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9105axw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "59C77B06-3C22-4092-AAAB-DB099A0B16A6"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9105i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93510CF6-232E-4FBD-BF01-79070306FB97"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9105w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "77BE20A3-964E-46D3-ACA2-B53A175027D9"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9115:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4081C532-3B10-4FBF-BB22-5BA17BC6FCF8"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9115_ap:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56A3430C-9AF7-4604-AD95-FCF2989E9EB0"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9115ax:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36E2B891-4F41-4D0D-BAA2-0256C0565BDE"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9115axe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE4C56A6-E843-498A-A17B-D3D1B01E70E7"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9115axi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F050F416-44C3-474C-9002-321A33F288D6"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9117:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FCE2220-E2E6-4A17-9F0A-2C927FAB4AA5"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9117_ap:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4AE36E2-E7E9-4E49-8BFF-615DACFC65C1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9117ax:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA8798F4-35BB-4F81-9385-B0274BFAAF15"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9117axi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A699C5C-CD03-4263-952F-5074B470F20E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A47C2D6F-8F90-4D74-AFE1-EAE954021F46"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9120_ap:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C04889F8-3C2A-41AA-9DC9-5A4A4BBE60E7"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9120ax:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5889AFA2-752E-4EDD-A837-5C003025B25C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9120axe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46D41CFE-784B-40EE-9431-8097428E5892"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9120axi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D148A27-85B6-4883-96B5-343C8D32F23B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9120axp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "735CA950-672C-4787-8910-48AD07868FDE"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9124:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C11EF240-7599-4138-B7A7-17E4479F5B83"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9124ax:-:*:*:*:*:*:*:*",
"matchCriteriaId": "53852300-C1D2-4F84-B8DA-4EDBCB374075"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9124axd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E987C945-4D6D-4BE5-B6F0-784B7E821D11"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9124axi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B434C6D7-F583-4D2B-9275-38A5EC4ECC30"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9124d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D7E3AD79-8F3B-4E8E-8226-2B5101F1A3D2"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9124e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B64B8AB-DD2A-4306-8546-1D64E24868F4"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9124i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "54712AF5-EF16-4F83-99BB-D3B8D93AF986"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9130:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1C8E35A-5A9B-4D56-A753-937D5CFB5B19"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9130_ap:-:*:*:*:*:*:*:*",
"matchCriteriaId": "248A3FFC-C33C-4336-A37C-67B6046556E5"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9130ax:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CADEB5A-5147-4420-A825-BAB07BD60AA2"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9130axe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4EC1F736-6240-4FA2-9FEC-D8798C9D287C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9130axi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "169E5354-07EA-4639-AB4B-20D2B9DE784C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9136:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09185C81-6FDF-4E6D-B8F7-E4B5D77909F4"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9162:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9347227-9FA8-46B6-96EF-713543376296"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9164:-:*:*:*:*:*:*:*",
"matchCriteriaId": "96E81F0A-5B5C-4DD3-A56F-C7BF53D4B070"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9166:-:*:*:*:*:*:*:*",
"matchCriteriaId": "774AEB3E-5D6A-4E66-B0B4-C014A7C180E6"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9166d1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5133F50-F67C-4195-B18F-887EFC88FA52"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC4A5C56-0D08-4423-AEBD-33EDF172FCF9"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9200cx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7670A322-31C2-4A8A-86E9-09D63C52E4C2"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9200l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D6376BE-3A69-469C-B6A9-2EFB55A3B87F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0972076B-5C87-44B3-90EC-4C200B89318A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9300-24p-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3765B3DB-8B1B-46EF-AF7D-ED1EB2079C3A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9300-24p-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74AED057-2458-4DE0-8D51-ABD766D07F68"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9300-24s-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19538C03-5FB8-4401-8B21-489C629D7E7D"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9300-24s-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B26D7061-F471-4DF0-A892-ED132958B84A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9300-24t-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "033ED443-80E7-4012-9825-07AAC0D44B96"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9300-24t-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD3F3CC6-A349-47B1-B282-B6458683C191"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9300-24u-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB24EF21-1C10-48A7-BC68-FFC842A28D12"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9300-24u-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED0625A2-BF14-4552-83D8-AEE0A04EA023"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9300-24ux-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD0D6ED6-AE64-4E20-B9CD-3EAA22709CFF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9300-24ux-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21AFDC0D-7629-424E-827B-C8A8767324C3"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9300-48p-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A263CFF2-A659-405B-90EA-51E49B25C6D3"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9300-48p-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CEFBD449-217D-4569-99F7-D56B853A3E07"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9300-48s-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7ED668FC-D1A5-4175-A234-23760BA6E788"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9300-48s-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D650C48-9241-42F7-87A9-20733329489A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9300-48t-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3ED16A65-9AFF-4825-95D1-162FBA0F566D"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9300-48t-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82D345E7-8208-41AC-B11A-4425D29E98A1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9300-48u-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E386D461-F1C1-4970-B056-D6119E74D449"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9300-48u-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "99F3A466-F665-4132-ABC4-2DFC0A7E2B55"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9300-48un-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3395168-FF2E-4CB6-AABE-5E36DEB241CA"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9300-48un-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F525CBC-1CE6-4CAB-B1C1-DFA7EA462EF0"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9300-48uxm-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "226F985C-4669-4D0A-9DB4-CB1465B37B02"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9300-48uxm-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B736A43-6F4E-40A9-84E4-D9E251489234"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2FF888F-46F5-4A79-BB88-BB2EC2D27E24"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9300l-24p-4g-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26437DA7-2EFE-4CA2-8DB0-9FECBEFAE4EA"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9300l-24p-4g-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E99CA124-7D86-463B-A31E-A7836B7493E6"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9300l-24p-4x-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E014B028-8DD9-428C-B705-8F428F145932"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9300l-24p-4x-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A6C44229-A842-49B2-AD3E-79C83DB63EBE"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9300l-24t-4g-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D56D21F-0F55-4AB1-AB9B-8EAE08F4BEDA"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9300l-24t-4g-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3C0441D-A7AC-4B4E-970A-3A441C2F66B0"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9300l-24t-4x-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5306E847-C718-4C83-9C97-8AB498DC4A88"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9300l-24t-4x-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18287CEF-B574-4498-A256-567CA6E6CA7C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9300l-48p-4g-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E9AAA2C-495E-4FD1-9050-264FDC25254B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9300l-48p-4g-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5713043E-2535-4540-B3EF-41FAC40BECE9"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9300l-48p-4x-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0C0C18E5-45B9-49D2-A4AB-DD8D5CB04C5C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9300l-48p-4x-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67701D77-8B03-446A-AE22-4B8CCCD6F029"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9300l-48t-4g-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B0BEAE3-2056-4B7B-8D7C-AEE3DC86CC2A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9300l-48t-4g-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "831A2390-7170-4FC0-A95E-3DAB1791017D"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9300l-48t-4x-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F788CBC4-782F-4A43-AC80-4AEF1C43A22D"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9300l-48t-4x-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "493989DC-8F1B-45C9-AD11-38B97B958C9C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9300l_stack:-:*:*:*:*:*:*:*",
"matchCriteriaId": "419ABFB5-2C27-4EBE-98EF-8A8B718CD1F9"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9300lm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA0DBB2E-DB15-47E1-B8F2-3AC0B1197C5F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9300x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F168FB20-0C44-4A5B-910A-04B9517545C2"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "737F22AB-C5A9-4A18-BA3D-38A222491397"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9407r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5508320-8318-41A8-8026-4A61907C1CD7"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9600x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4035136-CC10-4DDD-92AF-9DC41D19CF8A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A48E6CF0-7A3B-4D11-8D02-0CD38F2420E9"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9800-40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B9ED0E5-CB20-4106-9CF2-8EB587B33543"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9800-80:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B0E620C-8E09-4F7C-A326-26013173B993"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9800-cl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF93F1C8-669F-4ECB-8D81-ECDA7B550175"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9800-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E0BA345-B7D7-4975-9199-4DC7875BBFD0"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9800-l-c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E9EA95F-4E39-4D9C-8A84-D1F6014A4A40"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:catalyst_9800-l-f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA0BC769-C244-41BD-BE80-E67F4E1CDDA4"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:dn-apl-tta-m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CB3ECBF-694B-4799-BF3D-DA47DB2263BF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:dn-apl-tta-m-rf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C69116C-5E42-482D-8CBA-4AC3A34DAA85"
}
]
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dhcp-dos-T3CXPO9z",
"source": "psirt@cisco.com"
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dhcp-dos-T3CXPO9z",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

478
CVE-2024/CVE-2024-202xx/CVE-2024-20291.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20291",
"sourceIdentifier": "psirt@cisco.com",
"published": "2024-02-29T01:43:59.000",
"lastModified": "2024-11-21T08:52:14.173",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-04-30T14:15:10.367",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
@ -49,16 +69,466 @@
"value": "CWE-284"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(10\\):*:*:*:*:*:*:*",
"matchCriteriaId": "350F10D8-221B-4A47-8BF6-CCC421878243"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(11\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C0B4E497-95AE-45FC-8F89-A7959CA9AF4E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(12\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7385A37A-FC89-44E6-8BD9-C35B2F22714F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_3000_in_standalone_nx-os_mode:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D194B648-4932-482A-88F9-F65E5F5239FC"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CED628B5-97A8-4B26-AA40-BEC854982157"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_34200yc-sm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA52D5C1-13D8-4D23-B022-954CCEF491F1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_9000_in_standalone_nx-os_mode:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1DA62800-F5DC-48DA-8C81-D684EA8EBB9F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-fx3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19C3A385-319E-4137-8D9A-13B5555897EB"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40E40F42-632A-47DF-BE33-DC25B826310B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C70911ED-371A-4EB6-8DDD-DCE3A21FDBAE"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx3h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16C64136-89C2-443C-AF7B-BED81D3DE25A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx3p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBEF7F26-BB47-44BD-872E-130820557C23"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "102F91CD-DFB6-43D4-AE5B-DA157A696230"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5394DE31-3863-4CA9-B7B1-E5227183100D"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE4BB834-2C00-4384-A78E-AF3BCDDC58AF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E6678B8A-D905-447E-BE7E-6BFB4CC5DAFE"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CE49B45-F2E9-491D-9C29-1B46E9CE14E2"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_9332d-gx2b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02C3CE6D-BD54-48B1-A188-8E53DA001424"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_9332d-h2r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "498991F7-39D6-428C-8C7D-DD8DC72A0346"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_93400ld-h1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D2DFCA0-36D8-48BC-B20D-84509EB5FF66"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_9348d-gx2a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73DC1E93-561E-490C-AE0E-B02BAB9A7C8E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fx3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12DA2DE5-8ADA-4D6A-BC1A-9C06FA163B1C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF467E2-4567-426E-8F48-39669E0F514C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68EA1FEF-B6B6-49FE-A0A4-5387F76303F8"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_9364c-h1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F2EC055-B309-4F1F-A646-FA47AE344D27"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_9364d-gx2a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40D6DB7F-C025-4971-9615-73393ED61078"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_9364e-sg2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA4E79EC-8CA8-4515-A333-89C0ECFAB15E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_9408:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8D5D5E2-B40B-475D-9EF3-8441016E37E9"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_9804:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A10C9C0A-C96A-4B45-90D0-6ED457EB5F4C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nexus_9808:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3284D16F-3275-4F8D-8AE4-D413DE19C4FA"
}
]
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-po-acl-TkyePgvL",
"source": "psirt@cisco.com"
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-po-acl-TkyePgvL",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

32
CVE-2024/CVE-2024-203xx/CVE-2024-20345.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20345",
"sourceIdentifier": "psirt@cisco.com",
"published": "2024-03-06T17:15:09.973",
"lastModified": "2024-11-21T08:52:25.243",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-04-30T14:16:08.823",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -81,14 +81,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:appdynamics_controller:*:*:*:*:*:*:*:*",
"versionEndExcluding": "23.4.0",
"matchCriteriaId": "4B34D7E2-A2CD-4A47-B228-A2589650A4AB"
}
]
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-appd-traversal-m7N8mZpF",
"source": "psirt@cisco.com"
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-appd-traversal-m7N8mZpF",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

87
CVE-2024/CVE-2024-216xx/CVE-2024-21682.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21682",
"sourceIdentifier": "security@atlassian.com",
"published": "2024-02-20T18:15:51.063",
"lastModified": "2024-11-21T08:54:51.163",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-04-30T14:06:22.117",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "security@atlassian.com",
@ -51,38 +73,83 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:assets_discovery_data_center:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.0.0",
"versionEndExcluding": "6.2.1",
"matchCriteriaId": "92207FBE-A735-4744-9841-308C48C855EC"
}
]
}
]
}
],
"references": [
{
"url": "https://confluence.atlassian.com/assetapps/assets-discovery-3-2-1-cloud-6-2-1-data_center-1333987182.html",
"source": "security@atlassian.com"
"source": "security@atlassian.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1354501606",
"source": "security@atlassian.com"
"source": "security@atlassian.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://jira.atlassian.com/browse/JSDSERVER-15067",
"source": "security@atlassian.com"
"source": "security@atlassian.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://marketplace.atlassian.com/apps/1214668/assets-discovery?hosting=datacenter&tab=installation",
"source": "security@atlassian.com"
"source": "security@atlassian.com",
"tags": [
"Product"
]
},
{
"url": "https://confluence.atlassian.com/assetapps/assets-discovery-3-2-1-cloud-6-2-1-data_center-1333987182.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1354501606",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://jira.atlassian.com/browse/JSDSERVER-15067",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://marketplace.atlassian.com/apps/1214668/assets-discovery?hosting=datacenter&tab=installation",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
}
]
}

185
CVE-2024/CVE-2024-268xx/CVE-2024-26870.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26870",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-17T11:15:09.460",
"lastModified": "2024-11-21T09:03:15.490",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-04-30T14:24:09.883",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,67 +15,216 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: NFSv4.2: corrige el ERROR del kernel nfs4_listxattr en mm/usercopy.c:102 Una llamada a listxattr() con un tama\u00f1o de b\u00fafer = 0 devuelve el tama\u00f1o real del b\u00fafer necesario para un convocatoria posterior. Cuando el tama\u00f1o > 0, nfs4_listxattr() no devuelve un error porque generic_listxattr() o nfs4_listxattr_nfs4_label() consume exactamente todos los bytes, entonces el tama\u00f1o es 0 al llamar a nfs4_listxattr_nfs4_user(), lo que luego activa el siguiente ERROR del kernel: [99.403778] ERROR del kernel en mm/usercopy.c:102! [99.404063] Error interno: Ups - ERROR: 00000000f2000800 [#1] SMP [99.408463] CPU: 0 PID: 3310 Comm: python3 No contaminado 6.6.0-61.fc40.aarch64 #1 [ 99.415827] Seguimiento de llamadas: [ 99.41 5985] usercopy_abort+0x70/0xa0 [ 99.416227] __check_heap_object+0x134/0x158 [ 99.416505] check_heap_object+0x150/0x188 [ 99.416696] __check_object_size.part.0+0x78/0x168 [ 99.416886 ] __check_object_size+0x28/0x40 [ 99.417078] listxattr+0x8c/0x120 [ 99.417252] path_listxattr+0x78/0xe0 [ 99.417476] __arm64_sys_listxattr+0x28/0x40 [ 99.417723] invoke_syscall+0x78/0x100 [ 99.417929] 48/0xf0 [ 99.418186] do_el0_svc+0x24/0x38 [ 99.418376] el0_svc+0x3c/ 0x110 [ 99.418554] el0t_64_sync_handler+0x120/0x130 [ 99.418788] el0t_64_sync+0x194/0x198 [ 99.418994] C\u00f3digo: aa0003e3 d000a3e0 91310000 97f49bdb (d42 10000) El problema se reproduce cuando generic_listxattr() devuelve 'system.nfs4_acl', llamando as\u00ed a lisxattr() con tama\u00f1o = 16 activar\u00e1 el error. Agregue verificaci\u00f3n en nfs4_listxattr() para devolver el error ERANGE cuando se llama con un tama\u00f1o > 0 y el valor de retorno es mayor que el tama\u00f1o."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.9",
"versionEndExcluding": "5.10.214",
"matchCriteriaId": "A73BE1C2-BC30-4A60-80F0-7975135EB641"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.153",
"matchCriteriaId": "ACB69438-845D-4E3C-B114-3140611F9C0B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.83",
"matchCriteriaId": "121A07F6-F505-4C47-86BF-9BB6CC7B6C19"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.23",
"matchCriteriaId": "E00814DC-0BA7-431A-9926-80FEB4A96C68"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.7.11",
"matchCriteriaId": "9B95D3A6-E162-47D5-ABFC-F3FA74FA7CFD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.8",
"versionEndExcluding": "6.8.2",
"matchCriteriaId": "543A75FF-25B8-4046-A514-1EA8EDD87AB1"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/06e828b3f1b206de08ef520fc46a40b22e1869cb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/23bfecb4d852751d5e403557dd500bb563313baf",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/251a658bbfceafb4d58c76b77682c8bf7bcfad65",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4403438eaca6e91f02d272211c4d6b045092396b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/79cdcc765969d23f4e3d6ea115660c3333498768",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/80365c9f96015bbf048fdd6c8705d3f8770132bf",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9d52865ff28245fc2134da9f99baff603a24407a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/06e828b3f1b206de08ef520fc46a40b22e1869cb",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/23bfecb4d852751d5e403557dd500bb563313baf",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/251a658bbfceafb4d58c76b77682c8bf7bcfad65",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4403438eaca6e91f02d272211c4d6b045092396b",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/79cdcc765969d23f4e3d6ea115660c3333498768",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/80365c9f96015bbf048fdd6c8705d3f8770132bf",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9d52865ff28245fc2134da9f99baff603a24407a",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
}
]
}

45
CVE-2024/CVE-2024-275xx/CVE-2024-27570.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-27570",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-01T14:15:54.247",
"lastModified": "2025-03-14T01:15:38.783",
"vulnStatus": "Modified",
"lastModified": "2025-04-30T12:25:03.213",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -91,8 +91,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:libtor:lbt-t300_firmware:2.2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "7452B42B-25F1-4282-BD76-162C8CB43DD7"
"criteria": "cpe:2.3:o:libtor:lbt-t300-t390_firmware:2.2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "7DDF9A6F-EDBF-4792-A405-6B25535A956E"
}
]
},
@ -102,35 +102,8 @@
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:libtor:lbt-t300:*:*:*:*:*:*:*:*",
"matchCriteriaId": "25300159-D99C-412B-A2D7-AD8CAD76F4AA"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:libtor:lbt-t390_firmware:2.2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "335F6CC9-16B1-4F43-AC7E-491FEA67D5F6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:libtor:lbt-t390:*:*:*:*:*:*:*:*",
"matchCriteriaId": "09D462BE-FE16-4B3A-A19A-14E57EA4995E"
"criteria": "cpe:2.3:h:libtor:lbt-t300-t390:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0C1C1053-CBC9-4FD8-BBB5-47E9D63CFACD"
}
]
}
@ -142,14 +115,16 @@
"url": "https://github.com/cvdyfbwa/IoT_LBT_Router/blob/main/generate_conf_router.md",
"source": "cve@mitre.org",
"tags": [
"Exploit"
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/cvdyfbwa/IoT_LBT_Router/blob/main/generate_conf_router.md",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
"Exploit",
"Third Party Advisory"
]
}
]

94
CVE-2024/CVE-2024-495xx/CVE-2024-49559.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-49559",
"sourceIdentifier": "security_alert@emc.com",
"published": "2025-03-17T18:15:20.033",
"lastModified": "2025-03-17T18:15:20.033",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-04-30T14:30:13.570",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -49,24 +69,86 @@
"value": "CWE-1393"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:smartfabric_os10:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.5.4.0",
"versionEndExcluding": "10.5.4.14",
"matchCriteriaId": "14A2BCBC-C50A-4B11-9871-B84254872EEA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:smartfabric_os10:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.5.5.0",
"versionEndExcluding": "10.5.5.13",
"matchCriteriaId": "A05AAE8C-8DCD-44E9-AC99-0C32F9BD80E4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:smartfabric_os10:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.5.6.0",
"versionEndExcluding": "10.5.6.8",
"matchCriteriaId": "430E412C-6FB3-437C-90D7-C73CBF498801"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:smartfabric_os10:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.6.0.0",
"versionEndExcluding": "10.6.0.2",
"matchCriteriaId": "E8DC8731-306C-4D6B-84FA-3F13B9E677B1"
}
]
}
]
}
],
"references": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000289970/dsa-2025-070-security-update-for-dell-networking-os10-vulnerabilities",
"source": "security_alert@emc.com"
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.dell.com/support/kbdoc/en-us/000293638/dsa-2025-069-security-update-for-dell-networking-os10-vulnerabilities",
"source": "security_alert@emc.com"
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.dell.com/support/kbdoc/en-us/000294091/dsa-2025-079-security-update-for-dell-networking-os10-vulnerabilities",
"source": "security_alert@emc.com"
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.dell.com/support/kbdoc/en-us/000295014/dsa-2025-068-security-update-for-dell-networking-os10-vulnerabilities",
"source": "security_alert@emc.com"
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
]
}
]
}

77
CVE-2024/CVE-2024-564xx/CVE-2024-56406.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-56406",
"sourceIdentifier": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"published": "2025-04-13T14:15:14.527",
"lastModified": "2025-04-18T17:15:34.370",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-30T15:21:11.547",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -53,32 +53,93 @@
"value": "CWE-787"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.33.1",
"versionEndExcluding": "5.38.4",
"matchCriteriaId": "F34096A4-1439-4582-8133-8134388418D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.39.0",
"versionEndExcluding": "5.40.2",
"matchCriteriaId": "91EF91EF-222F-42C0-A506-0A57B98F1DA5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.41.0",
"versionEndIncluding": "5.41.10",
"matchCriteriaId": "87807B8D-271E-4B95-ADBC-2383FBD07335"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/Perl/perl5/commit/87f42aa0e0096e9a346c9672aa3a0bd3bef8c1dd.patch",
"source": "9b29abf9-4ab0-4765-b253-1875cd9b441e"
"source": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"tags": [
"Patch"
]
},
{
"url": "https://metacpan.org/release/SHAY/perl-5.38.4/changes",
"source": "9b29abf9-4ab0-4765-b253-1875cd9b441e"
"source": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"tags": [
"Release Notes"
]
},
{
"url": "https://metacpan.org/release/SHAY/perl-5.40.2/changes",
"source": "9b29abf9-4ab0-4765-b253-1875cd9b441e"
"source": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"tags": [
"Release Notes"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/04/13/3",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/04/13/4",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/04/13/5",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
}
]
}

43
CVE-2024/CVE-2024-576xx/CVE-2024-57698.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2024-57698",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-29T20:15:25.110",
"lastModified": "2025-04-29T20:15:25.110",
"lastModified": "2025-04-30T15:16:00.237",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue in modernwms v.1.0 allows an attacker view the MD5 hash of the administrator password and other attributes without authentication, even after initial configuration and password change. This happens due to excessive exposure of information and the lack of adequate access control on the /user/list?culture=en-us endpoint."
},
{
"lang": "es",
"value": "Un problema en modernwms v.1.0 permite a un atacante ver el hash MD5 de la contrase\u00f1a de administrador y otros atributos sin autenticaci\u00f3n, incluso despu\u00e9s de la configuraci\u00f3n inicial y el cambio de contrase\u00f1a. Esto se debe a la exposici\u00f3n excesiva de informaci\u00f3n y a la falta de un control de acceso adecuado en el endpoint /user/list?culture=en-us."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-281"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/rodolfomarianocy/xpl-ModernWMS",

40
CVE-2025/CVE-2025-15xx/CVE-2025-1524.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-1524",
"sourceIdentifier": "contact@wpscan.com",
"published": "2025-04-17T06:15:43.793",
"lastModified": "2025-04-17T20:21:48.243",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-30T15:47:00.377",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -39,10 +39,44 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:davidvongries:ultimate_dashboard:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.8.6",
"matchCriteriaId": "4E4AA857-6F04-4A2A-ADE9-3D646A622C8C"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/36aed1e4-05cb-42d2-b835-f6336f1a82cd/",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

40
CVE-2025/CVE-2025-15xx/CVE-2025-1525.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-1525",
"sourceIdentifier": "contact@wpscan.com",
"published": "2025-04-17T06:15:43.890",
"lastModified": "2025-04-17T20:21:48.243",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-04-30T15:46:20.947",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -39,10 +39,44 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:davidvongries:ultimate_dashboard:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.8.6",
"matchCriteriaId": "4E4AA857-6F04-4A2A-ADE9-3D646A622C8C"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/d457733f-72e9-45e2-ac07-4e1b94e46102/",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

8
CVE-2025/CVE-2025-217xx/CVE-2025-21756.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-21756",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-27T03:15:16.250",
"lastModified": "2025-03-24T17:32:35.823",
"vulnStatus": "Analyzed",
"lastModified": "2025-04-30T14:15:28.080",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -154,6 +154,10 @@
"tags": [
"Patch"
]
},
{
"url": "https://github.com/hoefler02/CVE-2025-21756/blob/main/x.c",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

57
CVE-2025/CVE-2025-233xx/CVE-2025-23382.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-23382",
"sourceIdentifier": "security_alert@emc.com",
"published": "2025-03-19T16:15:30.787",
"lastModified": "2025-03-19T16:15:30.787",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-04-30T14:43:56.590",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.3,
"impactScore": 3.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:N/A:N",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.3,
"impactScore": 4.0
}
]
},
@ -49,12 +69,43 @@
"value": "CWE-497"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dell:secure_connect_gateway:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.28.00.14",
"matchCriteriaId": "4159A473-5176-4F37-A7D3-EB0E0066ADD2"
}
]
}
]
}
],
"references": [
{
"url": "https://www.dell.com/support/kbdoc/en-uk/000291028/dell-secure-connect-gateway-security-update-for-multiple-third-party-component-vulnerabilities",
"source": "security_alert@emc.com"
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
]
}
]
}

56
CVE-2025/CVE-2025-243xx/CVE-2025-24341.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-24341",
"sourceIdentifier": "psirt@bosch.com",
"published": "2025-04-30T12:15:15.493",
"lastModified": "2025-04-30T12:15:15.493",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web application of ctrlX OS allows a remote authenticated (low-privileged) attacker to induce a Denial-of-Service (DoS) condition on the device via multiple crafted HTTP requests. In the worst case, a full power cycle is needed to regain control of the device."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@bosch.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@bosch.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"references": [
{
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-640452.html",
"source": "psirt@bosch.com"
}
]
}

56
CVE-2025/CVE-2025-243xx/CVE-2025-24342.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-24342",
"sourceIdentifier": "psirt@bosch.com",
"published": "2025-04-30T12:15:17.490",
"lastModified": "2025-04-30T12:15:17.490",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the login functionality of the web application of ctrlX OS allows a remote unauthenticated attacker to guess valid usernames via multiple crafted HTTP requests."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@bosch.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@bosch.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-204"
}
]
}
],
"references": [
{
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-640452.html",
"source": "psirt@bosch.com"
}
]
}

56
CVE-2025/CVE-2025-243xx/CVE-2025-24343.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-24343",
"sourceIdentifier": "psirt@bosch.com",
"published": "2025-04-30T12:15:17.903",
"lastModified": "2025-04-30T12:15:17.903",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the \u201cManages app data\u201d functionality of the web application of ctrlX OS allows a remote authenticated (low-privileged) attacker to write arbitrary files in arbitrary file system paths via a crafted HTTP request."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@bosch.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "psirt@bosch.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-23"
}
]
}
],
"references": [
{
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-640452.html",
"source": "psirt@bosch.com"
}
]
}

56
CVE-2025/CVE-2025-243xx/CVE-2025-24344.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-24344",
"sourceIdentifier": "psirt@bosch.com",
"published": "2025-04-30T12:15:18.120",
"lastModified": "2025-04-30T12:15:18.120",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the error notification messages of the web application of ctrlX OS allows a remote unauthenticated attacker to inject arbitrary HTML tags and, possibly, execute arbitrary client-side code in the context of another user's browser via a crafted HTTP request."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@bosch.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "psirt@bosch.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-81"
}
]
}
],
"references": [
{
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-640452.html",
"source": "psirt@bosch.com"
}
]
}

Some files were not shown because too many files have changed in this diff Show More