admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-01-24T17:00:32.072783+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-01-24 17:03:56 +00:00
parent 9c512325f0
commit b8e02dcf26
108 changed files with 6167 additions and 613 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
CVE-2020/CVE-2020-133xx/CVE-2020-13377.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-13377",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-12T11:15:12.560",
"lastModified": "2024-11-21T05:01:07.813",
"lastModified": "2025-01-24T16:15:27.070",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-22"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [

32
CVE-2020/CVE-2020-133xx/CVE-2020-13378.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-13378",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-12T01:15:09.023",
"lastModified": "2024-11-21T05:01:07.997",
"lastModified": "2025-01-24T16:15:27.830",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-78"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [

45
CVE-2021/CVE-2021-427xx/CVE-2021-42718.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2021-42718",
"sourceIdentifier": "security@replicated.com",
"published": "2025-01-23T23:15:07.717",
"lastModified": "2025-01-23T23:15:07.717",
"vulnStatus": "Received",
"lastModified": "2025-01-24T15:15:08.273",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Information Disclosure in API in Replicated Replicated Classic versions prior to 2.53.1 on all platforms allows authenticated users with Admin Console access to retrieve sensitive data, including application secrets, via accessing container definitions with environment variables through the Admin Console API on port 8800.\n\nThis CVE was originally reserved in 2021 and later publicly disclosed by Replicated on their website on 21 October 2021. However, it mistakenly remained in the Reserved But Public (RBP) status with the CVE Numbering Authority (CNA). Please note that this product reached its end of life on 31 December 2024. Publishing this CVE with the CNA was required to comply with CNA rules, despite the fact that the issue was disclosed and fixed four years ago, and the affected product is no longer supported as of 2024.\n\nSummary of VulnerabilityThis advisory discloses a low severity security vulnerability in the versions of Replicated Classic listed above (\u201cAffected Replicated Classic Versions\u201d)\n\nDescriptionReplicated Classic versions prior to 2.53.1 have an authenticated API from the Replicated Admin Console that may expose sensitive data including application secrets, depending on how the application manifests are written. A user with valid credentials and access to the Admin Console port (8800) on the Replicated Classic server can retrieve container definitions including environment variables which may contain passwords and other secrets depending on how the application is configured.\n\nThis data is shared over authenticated sessions to the Admin Console only, and was never displayed or used in the application processing. To remediate this issue, we removed the sensitive data from the API, sending only the data to the Admin Console that was needed.\n\nTimelineThis issue was discovered during a security review on 16 September 2021.\nPatched versions were released on 23 September 2021.\nThis advisory was published on 21 October 2021.\n\n\nThe CVE Numbering Authority (CNA) notified Replicated on 23 January 2025 that the CVE was still in Reserved But Public (RBP) status. Upon discovering the oversight in updating the status to published with the CNA, Replicated submitted the updated report on the same day, 23 January 2025."
},
{
"lang": "es",
"value": "Divulgaci\u00f3n de informaci\u00f3n en la API en Replicated Las versiones cl\u00e1sicas de Replicated anteriores a la 2.53.1 en todas las plataformas permiten a los usuarios autenticados con acceso a la Consola de administraci\u00f3n recuperar datos confidenciales, incluidos los secretos de la aplicaci\u00f3n, mediante el acceso a las definiciones de contenedor con variables de entorno a trav\u00e9s de la API de la Consola de administraci\u00f3n en el puerto 8800. Esta CVE se reserv\u00f3 originalmente en 2021 y luego Replicated la divulg\u00f3 p\u00fablicamente en su sitio web el 21 de octubre de 2021. Sin embargo, permaneci\u00f3 por error en el estado Reservado pero p\u00fablico (RBP) con la Autoridad de numeraci\u00f3n de CVE (CNA). Tenga en cuenta que este producto lleg\u00f3 al final de su vida \u00fatil el 31 de diciembre de 2024. La publicaci\u00f3n de este CVE con la CNA fue necesaria para cumplir con las reglas de la CNA, a pesar del hecho de que el problema se divulg\u00f3 y solucion\u00f3 hace cuatro a\u00f1os, y el producto afectado ya no recibe soporte a partir de 2024. Resumen de la vulnerabilidadEste aviso revela una vulnerabilidad de seguridad de baja gravedad en las versiones de Replicated Classic enumeradas anteriormente (\"Versiones de Replicated Classic afectadas\") Descripci\u00f3nLas versiones de Replicated Classic anteriores a 2.53.1 tienen una API autenticada de la Consola de administraci\u00f3n de Replicated que puede exponer datos confidenciales, incluidos secretos de la aplicaci\u00f3n, seg\u00fan c\u00f3mo se escriban los manifiestos de la aplicaci\u00f3n. Un usuario con credenciales v\u00e1lidas y acceso al puerto de la Consola de administraci\u00f3n (8800) en el servidor de Replicated Classic puede recuperar definiciones de contenedor, incluidas variables de entorno que pueden contener contrase\u00f1as y otros secretos seg\u00fan c\u00f3mo est\u00e9 configurada la aplicaci\u00f3n. Estos datos se comparten a trav\u00e9s de sesiones autenticadas solo con la Consola de administraci\u00f3n, y nunca se mostraron ni se usaron en el procesamiento de la aplicaci\u00f3n. Para solucionar este problema, eliminamos los datos confidenciales de la API y enviamos solo los datos necesarios a la consola de administraci\u00f3n. Cronolog\u00edaEste problema se descubri\u00f3 durante una revisi\u00f3n de seguridad el 16 de septiembre de 2021. Las versiones parcheadas se publicaron el 23 de septiembre de 2021. Este aviso se public\u00f3 el 21 de octubre de 2021. La autoridad de numeraci\u00f3n de CVE (CNA) notific\u00f3 a Replicated el 23 de enero de 2025 que la CVE todav\u00eda estaba en estado de reservada pero p\u00fablica (RBP). Al descubrir el descuido al actualizar el estado a publicado con la CNA, Replicated envi\u00f3 el informe actualizado el mismo d\u00eda, 23 de enero de 2025."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-922"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://www.replicated.com/cve-2021-42718",

11
CVE-2021/CVE-2021-470xx/CVE-2021-47035.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47035",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-02-28T09:15:39.757",
"lastModified": "2025-01-09T15:15:16.310",
"vulnStatus": "Analyzed",
"lastModified": "2025-01-24T16:15:28.167",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -106,13 +106,6 @@
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c848416cc05afc1589edba04fe00b85c2f797ee3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/eea53c5816889ee8b64544fa2e9311a81184ff9c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",

10
CVE-2021/CVE-2021-473xx/CVE-2021-47315.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-47315",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-21T15:15:18.860",
"lastModified": "2024-11-21T06:35:51.877",
"lastModified": "2025-01-24T16:15:28.320",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -41,14 +41,6 @@
"url": "https://git.kernel.org/stable/c/94bc2fe46102d1e060fc749c0c19511e76c9995f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b7a2bcb4a3731d68f938207f75ed3e1d41774510",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/bd051b3e184fa56eeb6276ee913ba4d48069024b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d0d04b95e8ed0223844a1d58497c686fe2e4a955",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"

32
CVE-2021/CVE-2021-474xx/CVE-2021-47490.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47490",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-22T09:15:10.837",
"lastModified": "2025-01-06T19:57:02.840",
"vulnStatus": "Analyzed",
"lastModified": "2025-01-24T16:15:28.487",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -133,34 +133,6 @@
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/960b1fdfc39aba8f41e9e27b2de0c925c74182d9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/bbc920fb320f1c241cc34ac85edaa0058922246a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/bd99782f3ca491879e8524c89b1c0f40071903bd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c21b4002214c1c7e7b627b9b53375612f7aab6db",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/0db55f9a1bafbe3dac750ea669de9134922389b5",
"source": "af854a3a-2127-422b-91ae-364da2661108",

41
CVE-2022/CVE-2022-470xx/CVE-2022-47090.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-47090",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-24T14:15:29.983",
"lastModified": "2025-01-24T14:15:29.983",
"vulnStatus": "Received",
"lastModified": "2025-01-24T15:15:09.350",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -11,7 +11,42 @@
"value": "GPAC MP4box 2.1-DEV-rev574-g9d5bb184b contains a buffer overflow in gf_vvc_read_pps_bs_internal function of media_tools/av_parsers.c, check needed for num_exp_tile_columns"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"references": [
{
"url": "https://github.com/gpac/gpac/commit/48760768611f6766bf9e7378bb7cc66cebd6e49d",

32
CVE-2022/CVE-2022-478xx/CVE-2022-47879.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-47879",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-12T14:15:09.567",
"lastModified": "2024-11-21T07:32:27.340",
"lastModified": "2025-01-24T16:15:28.653",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.6,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"configurations": [

9
CVE-2022/CVE-2022-488xx/CVE-2022-48853.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-48853",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-07-16T13:15:12.380",
"lastModified": "2024-11-21T07:34:12.970",
"lastModified": "2025-01-24T16:15:28.903",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -154,13 +154,6 @@
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d4d975e7921079f877f828099bb8260af335508f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ddbd89deb7d32b1fbb879f48d68fda1a8ac58e8e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",

32
CVE-2023/CVE-2023-207xx/CVE-2023-20719.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-20719",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-05-15T22:15:11.273",
"lastModified": "2024-11-21T07:41:24.780",
"lastModified": "2025-01-24T16:15:29.153",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-20"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-207xx/CVE-2023-20720.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-20720",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-05-15T22:15:11.313",
"lastModified": "2024-11-21T07:41:24.890",
"lastModified": "2025-01-24T15:15:09.510",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-20"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-207xx/CVE-2023-20721.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-20721",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-05-15T22:15:11.350",
"lastModified": "2024-11-21T07:41:24.990",
"lastModified": "2025-01-24T15:15:09.697",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.5,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-20"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-207xx/CVE-2023-20726.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-20726",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-05-15T22:15:11.433",
"lastModified": "2024-11-21T07:41:25.530",
"lastModified": "2025-01-24T15:15:09.850",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 3.3,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-862"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [

22
CVE-2023/CVE-2023-20xx/CVE-2023-2088.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-2088",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-05-12T21:15:09.430",
"lastModified": "2024-11-21T07:57:54.757",
"lastModified": "2025-01-24T16:15:31.020",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},

32
CVE-2023/CVE-2023-26xx/CVE-2023-2662.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-2662",
"sourceIdentifier": "xpdf@xpdfreader.com",
"published": "2023-05-11T21:15:09.873",
"lastModified": "2024-11-21T07:59:01.810",
"lastModified": "2025-01-24T16:15:31.363",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -52,6 +52,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -75,6 +95,16 @@
"value": "CWE-369"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-369"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-26xx/CVE-2023-2663.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-2663",
"sourceIdentifier": "xpdf@xpdfreader.com",
"published": "2023-05-11T21:15:10.043",
"lastModified": "2024-11-21T07:59:01.930",
"lastModified": "2025-01-24T16:15:31.577",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -52,6 +52,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
}
]
},
@ -75,6 +95,16 @@
"value": "CWE-674"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-674"
}
]
}
],
"configurations": [

34
CVE-2023/CVE-2023-26xx/CVE-2023-2682.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-2682",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-12T13:15:09.477",
"lastModified": "2024-11-21T07:59:04.553",
"lastModified": "2025-01-24T16:15:31.980",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -15,7 +15,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
@ -35,6 +35,26 @@
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -90,6 +110,16 @@
"value": "CWE-77"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-298xx/CVE-2023-29808.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-29808",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-12T01:15:09.707",
"lastModified": "2024-11-21T07:57:32.400",
"lastModified": "2025-01-24T16:15:29.357",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-298xx/CVE-2023-29809.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-29809",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-12T01:15:09.743",
"lastModified": "2024-11-21T07:57:32.547",
"lastModified": "2025-01-24T16:15:29.680",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-298xx/CVE-2023-29818.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-29818",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-12T11:15:12.887",
"lastModified": "2024-11-21T07:57:32.827",
"lastModified": "2025-01-24T16:15:29.943",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "NVD-CWE-Other"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-298xx/CVE-2023-29819.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-29819",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-12T11:15:12.923",
"lastModified": "2024-11-21T07:57:32.987",
"lastModified": "2025-01-24T16:15:30.210",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-269"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-298xx/CVE-2023-29820.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-29820",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-12T11:15:12.960",
"lastModified": "2024-11-21T07:57:33.133",
"lastModified": "2025-01-24T16:15:30.470",
"vulnStatus": "Modified",
"cveTags": [
{
@ -39,6 +39,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -52,6 +72,16 @@
"value": "CWE-668"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-552"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-299xx/CVE-2023-29983.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-29983",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-12T11:15:12.997",
"lastModified": "2024-11-21T07:57:43.140",
"lastModified": "2025-01-24T16:15:30.773",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-301xx/CVE-2023-30130.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-30130",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-12T11:15:13.097",
"lastModified": "2024-11-21T07:59:49.403",
"lastModified": "2025-01-24T16:15:32.220",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-94"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-302xx/CVE-2023-30246.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-30246",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-12T11:15:13.133",
"lastModified": "2024-11-21T07:59:56.270",
"lastModified": "2025-01-24T16:15:32.490",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-311xx/CVE-2023-31146.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-31146",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-11T21:15:10.240",
"lastModified": "2024-11-21T08:01:29.300",
"lastModified": "2025-01-24T16:15:32.803",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -52,6 +52,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
}
]
},
@ -65,6 +85,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-316xx/CVE-2023-31620.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-31620",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-15T15:15:12.237",
"lastModified": "2024-11-21T08:02:06.120",
"lastModified": "2025-01-24T15:15:10.067",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-316xx/CVE-2023-31621.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-31621",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-15T15:15:12.300",
"lastModified": "2024-11-21T08:02:06.273",
"lastModified": "2025-01-24T15:15:10.273",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-319xx/CVE-2023-31920.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-31920",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-12T14:15:09.963",
"lastModified": "2024-11-21T08:02:23.767",
"lastModified": "2025-01-24T16:15:33.003",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-617"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-617"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-319xx/CVE-2023-31921.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-31921",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-12T14:15:10.007",
"lastModified": "2024-11-21T08:02:23.900",
"lastModified": "2025-01-24T16:15:33.267",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-617"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-617"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-319xx/CVE-2023-31922.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-31922",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-12T14:15:10.043",
"lastModified": "2024-11-21T08:02:24.040",
"lastModified": "2025-01-24T16:15:33.490",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-319xx/CVE-2023-31983.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-31983",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-12T16:15:09.820",
"lastModified": "2024-11-21T08:02:28.327",
"lastModified": "2025-01-24T16:15:33.787",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-77"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-319xx/CVE-2023-31985.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-31985",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-12T12:15:09.800",
"lastModified": "2024-11-21T08:02:28.473",
"lastModified": "2025-01-24T16:15:34.033",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-77"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-320xx/CVE-2023-32058.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-32058",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-11T21:15:10.397",
"lastModified": "2024-11-21T08:02:37.770",
"lastModified": "2025-01-24T16:15:34.267",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -52,6 +52,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -65,6 +85,16 @@
"value": "CWE-190"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
],
"configurations": [

52
CVE-2023/CVE-2023-399xx/CVE-2023-39990.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39990",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-06-19T13:15:54.157",
"lastModified": "2024-11-21T08:16:11.787",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-24T16:08:44.243",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -51,14 +71,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:strangerstudios:paid_memberships_pro:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.2.4",
"matchCriteriaId": "8D13C3B1-7E06-46A9-87E3-8C477FB7895A"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/pmpro-courses/wordpress-paid-memberships-pro-courses-for-membership-add-on-plugin-1-2-3-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://patchstack.com/database/vulnerability/pmpro-courses/wordpress-paid-memberships-pro-courses-for-membership-add-on-plugin-1-2-3-broken-access-control-vulnerability?_s_id=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

44
CVE-2024/CVE-2024-103xx/CVE-2024-10312.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-10312",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-29T08:15:12.330",
"lastModified": "2024-10-29T14:34:04.427",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-24T16:38:39.150",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -42,23 +42,57 @@
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:exclusiveaddons:exclusive_addons_for_elementor:*:*:*:*:free:wordpress:*:*",
"versionEndExcluding": "2.7.5",
"matchCriteriaId": "0CF78C76-F4D7-4FE7-B637-D058F4620C3E"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3175285/exclusive-addons-for-elementor",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/dc931943-13f3-4ab1-b70f-c234253ca269?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

60
CVE-2024/CVE-2024-136xx/CVE-2024-13698.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-13698",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-24T16:15:34.597",
"lastModified": "2025-01-24T16:15:34.597",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Jobify - Job Board WordPress Theme for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the 'download_image_via_ai' and 'generate_image_via_ai' functions in all versions up to, and including, 4.2.7. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application to upload files in an image format, and to generate AI images using the site's OpenAI key."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://themeforest.net/item/jobify-wordpress-job-board-theme/5247604",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/393811e4-71dd-4359-80fa-5a3d146439bb?source=cve",
"source": "security@wordfence.com"
}
]
}

113
CVE-2024/CVE-2024-16xx/CVE-2024-1633.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1633",
"sourceIdentifier": "cve@asrg.io",
"published": "2024-02-19T17:15:08.347",
"lastModified": "2024-11-21T08:50:58.023",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-24T15:21:06.727",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 0.5,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 2.0,
"baseSeverity": "LOW",
"attackVector": "PHYSICAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 0.5,
"impactScore": 1.4
}
]
},
@ -49,16 +69,101 @@
"value": "CWE-190"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:renesas:arm-trusted-firmware:rcar_gen3_2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A34F3FE3-C1EE-4C6B-8323-D82590784CA5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:renesas:r-car_d3e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B20C33B-DBE7-41B5-8934-A457D0406247"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:renesas:r-car_e3e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB57A69-E624-4CE6-B3BE-3095DD52DF21"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:renesas:r-car_h3e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16309BD2-C8EE-49BE-9C0E-6785AD5B5AE8"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:renesas:r-car_h3ne:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5AA982FE-883B-488E-8C33-956FFEE78124"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:renesas:r-car_m3e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5C59110-27F5-4D0D-83D1-293A154CEC54"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:renesas:r-car_m3ne:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B33C8369-B9E4-47E2-AA28-64E320B88E3E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:renesas:r-car_v3h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4E89977-FF22-49AD-A250-A5259BCF2899"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:renesas:r-car_v3h2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D4041BE-312D-4BEE-85A6-09B8BD71627D"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:renesas:r-car_v3m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5EBC200B-D7C2-4075-92EC-A508A11F1379"
}
]
}
]
}
],
"references": [
{
"url": "https://asrg.io/security-advisories/CVE-2024-1633/",
"source": "cve@asrg.io"
"source": "cve@asrg.io",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://asrg.io/security-advisories/CVE-2024-1633/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

70
CVE-2024/CVE-2024-236xx/CVE-2024-23607.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23607",
"sourceIdentifier": "f5sirt@f5.com",
"published": "2024-02-14T17:15:13.857",
"lastModified": "2024-11-21T08:57:59.680",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-24T16:03:56.080",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -49,16 +69,58 @@
"value": "CWE-22"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:f5:f5os-a:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.3.0",
"versionEndExcluding": "1.4.0",
"matchCriteriaId": "B177AF06-AD07-4659-8A64-F2E36BC79B22"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:f5:f5os-c:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.3.0",
"versionEndExcluding": "1.6.0",
"matchCriteriaId": "E0D3FD97-C360-447E-8974-CE1A85D1D720"
}
]
}
]
}
],
"references": [
{
"url": "https://my.f5.com/manage/s/article/K000132800",
"source": "f5sirt@f5.com"
"source": "f5sirt@f5.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://my.f5.com/manage/s/article/K000132800",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

68
CVE-2024/CVE-2024-249xx/CVE-2024-24966.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-24966",
"sourceIdentifier": "f5sirt@f5.com",
"published": "2024-02-14T17:15:15.213",
"lastModified": "2024-11-21T09:00:03.660",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-24T16:03:35.577",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.5,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -49,16 +69,56 @@
"value": "CWE-863"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:f5:f5os-a:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "84917001-4C06-4F16-9765-DB9989232446"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:f5:f5os-c:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.3.0",
"versionEndExcluding": "1.6.0",
"matchCriteriaId": "E0D3FD97-C360-447E-8974-CE1A85D1D720"
}
]
}
]
}
],
"references": [
{
"url": "https://my.f5.com/manage/s/article/K000133111",
"source": "f5sirt@f5.com"
"source": "f5sirt@f5.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://my.f5.com/manage/s/article/K000133111",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

76
CVE-2024/CVE-2024-249xx/CVE-2024-24989.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-24989",
"sourceIdentifier": "f5sirt@f5.com",
"published": "2024-02-14T17:15:15.513",
"lastModified": "2024-11-21T09:00:05.640",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-24T16:02:33.600",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,24 +69,68 @@
"value": "CWE-476"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:nginx_open_source:1.25.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1C76731D-187B-4EB2-90C0-54B0507F6C96"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:nginx_plus:r31:-:*:*:*:*:*:*",
"matchCriteriaId": "8248517E-D805-4928-8252-2168472341EF"
}
]
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/05/30/4",
"source": "f5sirt@f5.com"
"source": "f5sirt@f5.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://my.f5.com/manage/s/article/K000138444",
"source": "f5sirt@f5.com"
"source": "f5sirt@f5.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/05/30/4",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://my.f5.com/manage/s/article/K000138444",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

88
CVE-2024/CVE-2024-249xx/CVE-2024-24990.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-24990",
"sourceIdentifier": "f5sirt@f5.com",
"published": "2024-02-14T17:15:15.713",
"lastModified": "2024-11-21T09:00:05.750",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-24T16:01:36.367",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,24 +69,80 @@
"value": "CWE-416"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:nginx_open_source:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.25.0",
"versionEndExcluding": "1.25.4",
"matchCriteriaId": "7F1D106D-58A7-4CF4-95CD-5B36A8D54F2C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:nginx_plus:r30:-:*:*:*:*:*:*",
"matchCriteriaId": "96BF2B19-52C7-4051-BA58-CAE6F912B72F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:nginx_plus:r30:p1:*:*:*:*:*:*",
"matchCriteriaId": "4EBEC829-7EED-487E-974D-BBA704DFBF0A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:nginx_plus:r31:-:*:*:*:*:*:*",
"matchCriteriaId": "8248517E-D805-4928-8252-2168472341EF"
}
]
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/05/30/4",
"source": "f5sirt@f5.com"
"source": "f5sirt@f5.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://my.f5.com/manage/s/article/K000138445",
"source": "f5sirt@f5.com"
"source": "f5sirt@f5.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/05/30/4",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://my.f5.com/manage/s/article/K000138445",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

56
CVE-2024/CVE-2024-250xx/CVE-2024-25034.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-25034",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-01-24T16:15:34.747",
"lastModified": "2025-01-24T16:15:34.747",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Planning Analytics 2.0 and 2.1 could be vulnerable to malicious file upload by not validating the type of file in the File Manager T1 process. Attackers can make use of this weakness and upload malicious executable files into the system that can be sent to victims for performing further attacks."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7168387",
"source": "psirt@us.ibm.com"
}
]
}

84
CVE-2024/CVE-2024-25xx/CVE-2024-2503.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2503",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-05-02T17:15:17.810",
"lastModified": "2024-11-21T09:09:53.790",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-24T16:37:14.727",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,33 +36,101 @@
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:exclusiveaddons:exclusive_addons_for_elementor:*:*:*:*:free:wordpress:*:*",
"versionEndExcluding": "2.6.9.3",
"matchCriteriaId": "03EFE00F-283B-4081-8E6D-65BDFE7BC17E"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/exclusive-addons-for-elementor/tags/2.6.9.1/includes/template-parts/tmpl-post-grid.php#L103",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3065677%40exclusive-addons-for-elementor%2Ftrunk&old=3051927%40exclusive-addons-for-elementor%2Ftrunk&sfp_email=&sfph_mail=#file51",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2bd53172-ddfa-481a-818d-626b9db6fe41?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/exclusive-addons-for-elementor/tags/2.6.9.1/includes/template-parts/tmpl-post-grid.php#L103",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3065677%40exclusive-addons-for-elementor%2Ftrunk&old=3051927%40exclusive-addons-for-elementor%2Ftrunk&sfp_email=&sfph_mail=#file51",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2bd53172-ddfa-481a-818d-626b9db6fe41?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

229
CVE-2024/CVE-2024-25xx/CVE-2024-2550.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2550",
"sourceIdentifier": "psirt@paloaltonetworks.com",
"published": "2024-11-14T10:15:04.137",
"lastModified": "2024-11-15T13:58:08.913",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-24T16:02:49.703",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -59,6 +59,28 @@
"providerUrgency": "AMBER"
}
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
@ -71,12 +93,213 @@
"value": "CWE-476"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.2.0",
"versionEndExcluding": "10.2.7",
"matchCriteriaId": "243077CD-5021-4DF3-8AC7-5B14F7FD9710"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.0.0",
"versionEndExcluding": "11.0.6",
"matchCriteriaId": "47CBEECE-EA41-4A58-8AE9-D695C76D4019"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.1.0",
"versionEndExcluding": "11.1.4",
"matchCriteriaId": "459485B4-47FF-4A5F-9249-AE0445A0096A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h1:*:*:*:*:*:*",
"matchCriteriaId": "B3AAD4BA-22DD-43D3-91F1-8A6F5FBBF029"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h12:*:*:*:*:*:*",
"matchCriteriaId": "AA4994CB-6591-4B44-A5D7-3CDF540B97DE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h16:*:*:*:*:*:*",
"matchCriteriaId": "A6AB7874-FE24-42AC-8E3A-822A70722126"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h18:*:*:*:*:*:*",
"matchCriteriaId": "34B083B9-CC1B-43CD-9A16-C018F7FA2DDB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h19:*:*:*:*:*:*",
"matchCriteriaId": "0D88CC33-7E32-4E82-8A94-70759E910510"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h3:*:*:*:*:*:*",
"matchCriteriaId": "776E06EC-2FDA-4664-AB43-9F6BE9B897CA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h6:*:*:*:*:*:*",
"matchCriteriaId": "CBE09375-A863-42FF-813F-C20679D7C45C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h8:*:*:*:*:*:*",
"matchCriteriaId": "1311961A-0EF6-488E-B0C2-EDBD508587C9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:-:*:*:*:*:*:*",
"matchCriteriaId": "5D64390F-F870-4DBF-B0FE-BCDFE58C8685"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h10:*:*:*:*:*:*",
"matchCriteriaId": "F70FC9DF-10C9-4AE5-B64B-3153E2E4E9E8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h13:*:*:*:*:*:*",
"matchCriteriaId": "C3D6D552-6F33-496A-A505-5F59DF3B487B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h15:*:*:*:*:*:*",
"matchCriteriaId": "D1ECD1DC-5A05-4E4F-97F5-136CE777FAB3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h3:*:*:*:*:*:*",
"matchCriteriaId": "CBA2B4FA-16C2-41B9-856D-EDC0CAF7A164"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h4:*:*:*:*:*:*",
"matchCriteriaId": "E5E6A893-2994-40A3-AF35-8AF068B0DE42"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:-:*:*:*:*:*:*",
"matchCriteriaId": "D814F3A3-5E9D-426D-A654-1346D9ECE9B3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h1:*:*:*:*:*:*",
"matchCriteriaId": "8C7E9211-7041-4720-B4B9-3EA95D425263"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h11:*:*:*:*:*:*",
"matchCriteriaId": "CEB258EE-2C6E-4A63-B04C-89C5F76B0878"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h14:*:*:*:*:*:*",
"matchCriteriaId": "0F481B0E-2353-4AB0-8A98-B0EFBC409868"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h16:*:*:*:*:*:*",
"matchCriteriaId": "3F7FC771-527F-4619-B785-6AE1F4722074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h9:*:*:*:*:*:*",
"matchCriteriaId": "4E9EB9C6-78BA-4C66-A4BD-856BF27388CE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:-:*:*:*:*:*:*",
"matchCriteriaId": "03C5ABF2-8C53-4376-8A64-6CB34E18E77C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h2:*:*:*:*:*:*",
"matchCriteriaId": "872BC747-512A-4872-AC86-E7F1DC589F47"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h3:*:*:*:*:*:*",
"matchCriteriaId": "67F527D0-F85B-4B83-AEA5-BA636FC89210"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h4:*:*:*:*:*:*",
"matchCriteriaId": "6CF8F985-7E51-49E6-857A-FAAF027F5611"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h5:*:*:*:*:*:*",
"matchCriteriaId": "B437DCEA-ABA3-41CA-B320-97EC430F1122"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h7:*:*:*:*:*:*",
"matchCriteriaId": "593AFE7A-CB37-4156-A2B8-646A317F3176"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h9:*:*:*:*:*:*",
"matchCriteriaId": "A9F032C2-3202-479B-8C70-277F6871A4A4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:-:*:*:*:*:*:*",
"matchCriteriaId": "DF83EAA1-49E1-4AD0-A049-F1B3065950BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h1:*:*:*:*:*:*",
"matchCriteriaId": "BE3F7369-9F35-409A-9F47-45A959592DFA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h4:*:*:*:*:*:*",
"matchCriteriaId": "E9DB4DA9-2262-4E9E-B3A1-49D261D01295"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h7:*:*:*:*:*:*",
"matchCriteriaId": "4852E738-990C-4DD2-8252-D4625D843A99"
}
]
}
]
}
],
"references": [
{
"url": "https://security.paloaltonetworks.com/CVE-2024-2550",
"source": "psirt@paloaltonetworks.com"
"source": "psirt@paloaltonetworks.com",
"tags": [
"Vendor Advisory"
]
}
]
}

94
CVE-2024/CVE-2024-25xx/CVE-2024-2551.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2551",
"sourceIdentifier": "psirt@paloaltonetworks.com",
"published": "2024-11-14T10:15:04.547",
"lastModified": "2024-11-15T13:58:08.913",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-24T16:03:41.910",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -59,6 +59,28 @@
"providerUrgency": "AMBER"
}
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
@ -71,12 +93,78 @@
"value": "CWE-476"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.1.0",
"versionEndExcluding": "10.1.14",
"matchCriteriaId": "19D52DC1-4441-4C88-B209-9B86FCC2162F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.2.0",
"versionEndExcluding": "10.2.4",
"matchCriteriaId": "D61F01F8-1598-4078-9D98-BFF5B62F3BA5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.0.0",
"versionEndExcluding": "11.0.5",
"matchCriteriaId": "06B9F11D-D5EF-487A-8E43-9AE14307CCE5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:-:*:*:*:*:*:*",
"matchCriteriaId": "135588B5-6771-46A3-98B0-39B4873FD6FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h2:*:*:*:*:*:*",
"matchCriteriaId": "20673F1E-733D-41C4-A644-C482431C26EC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h3:*:*:*:*:*:*",
"matchCriteriaId": "156DA55E-4152-47BF-A067-136EEC9ADE22"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h4:*:*:*:*:*:*",
"matchCriteriaId": "C2D2F5C4-7ACC-4514-ADBD-3948158B93CC"
}
]
}
]
}
],
"references": [
{
"url": "https://security.paloaltonetworks.com/CVE-2024-2551",
"source": "psirt@paloaltonetworks.com"
"source": "psirt@paloaltonetworks.com",
"tags": [
"Vendor Advisory"
]
}
]
}

271
CVE-2024/CVE-2024-25xx/CVE-2024-2552.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2552",
"sourceIdentifier": "psirt@paloaltonetworks.com",
"published": "2024-11-14T10:15:04.957",
"lastModified": "2024-11-15T13:58:08.913",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-24T16:04:14.430",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -59,6 +59,28 @@
"providerUrgency": "AMBER"
}
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
@ -71,12 +93,255 @@
"value": "CWE-22"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.2.0",
"versionEndExcluding": "10.2.7",
"matchCriteriaId": "243077CD-5021-4DF3-8AC7-5B14F7FD9710"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.0.0",
"versionEndExcluding": "11.0.6",
"matchCriteriaId": "47CBEECE-EA41-4A58-8AE9-D695C76D4019"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.1.0",
"versionEndExcluding": "11.1.4",
"matchCriteriaId": "459485B4-47FF-4A5F-9249-AE0445A0096A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.2.0",
"versionEndExcluding": "11.2.4",
"matchCriteriaId": "7E4D3A51-0A40-4B19-AAFC-A2484B1CF5D7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:-:*:*:*:*:*:*",
"matchCriteriaId": "A8C42D98-CF8F-456B-9D57-80BBDC2C8E74"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h1:*:*:*:*:*:*",
"matchCriteriaId": "B3AAD4BA-22DD-43D3-91F1-8A6F5FBBF029"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h12:*:*:*:*:*:*",
"matchCriteriaId": "AA4994CB-6591-4B44-A5D7-3CDF540B97DE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h16:*:*:*:*:*:*",
"matchCriteriaId": "A6AB7874-FE24-42AC-8E3A-822A70722126"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h18:*:*:*:*:*:*",
"matchCriteriaId": "34B083B9-CC1B-43CD-9A16-C018F7FA2DDB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h19:*:*:*:*:*:*",
"matchCriteriaId": "0D88CC33-7E32-4E82-8A94-70759E910510"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h3:*:*:*:*:*:*",
"matchCriteriaId": "776E06EC-2FDA-4664-AB43-9F6BE9B897CA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h6:*:*:*:*:*:*",
"matchCriteriaId": "CBE09375-A863-42FF-813F-C20679D7C45C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h8:*:*:*:*:*:*",
"matchCriteriaId": "1311961A-0EF6-488E-B0C2-EDBD508587C9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:-:*:*:*:*:*:*",
"matchCriteriaId": "5D64390F-F870-4DBF-B0FE-BCDFE58C8685"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h10:*:*:*:*:*:*",
"matchCriteriaId": "F70FC9DF-10C9-4AE5-B64B-3153E2E4E9E8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h13:*:*:*:*:*:*",
"matchCriteriaId": "C3D6D552-6F33-496A-A505-5F59DF3B487B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h15:*:*:*:*:*:*",
"matchCriteriaId": "D1ECD1DC-5A05-4E4F-97F5-136CE777FAB3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h3:*:*:*:*:*:*",
"matchCriteriaId": "CBA2B4FA-16C2-41B9-856D-EDC0CAF7A164"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h4:*:*:*:*:*:*",
"matchCriteriaId": "E5E6A893-2994-40A3-AF35-8AF068B0DE42"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:-:*:*:*:*:*:*",
"matchCriteriaId": "D814F3A3-5E9D-426D-A654-1346D9ECE9B3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h1:*:*:*:*:*:*",
"matchCriteriaId": "8C7E9211-7041-4720-B4B9-3EA95D425263"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h11:*:*:*:*:*:*",
"matchCriteriaId": "CEB258EE-2C6E-4A63-B04C-89C5F76B0878"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h14:*:*:*:*:*:*",
"matchCriteriaId": "0F481B0E-2353-4AB0-8A98-B0EFBC409868"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h16:*:*:*:*:*:*",
"matchCriteriaId": "3F7FC771-527F-4619-B785-6AE1F4722074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h9:*:*:*:*:*:*",
"matchCriteriaId": "4E9EB9C6-78BA-4C66-A4BD-856BF27388CE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:-:*:*:*:*:*:*",
"matchCriteriaId": "03C5ABF2-8C53-4376-8A64-6CB34E18E77C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h2:*:*:*:*:*:*",
"matchCriteriaId": "872BC747-512A-4872-AC86-E7F1DC589F47"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h3:*:*:*:*:*:*",
"matchCriteriaId": "67F527D0-F85B-4B83-AEA5-BA636FC89210"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h4:*:*:*:*:*:*",
"matchCriteriaId": "6CF8F985-7E51-49E6-857A-FAAF027F5611"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h5:*:*:*:*:*:*",
"matchCriteriaId": "B437DCEA-ABA3-41CA-B320-97EC430F1122"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h7:*:*:*:*:*:*",
"matchCriteriaId": "593AFE7A-CB37-4156-A2B8-646A317F3176"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h9:*:*:*:*:*:*",
"matchCriteriaId": "A9F032C2-3202-479B-8C70-277F6871A4A4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:-:*:*:*:*:*:*",
"matchCriteriaId": "2B3D7DBA-C90C-451D-94C3-8B7066826308"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h1:*:*:*:*:*:*",
"matchCriteriaId": "010F170D-438E-4A57-98B9-E7522FD95FC3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h2:*:*:*:*:*:*",
"matchCriteriaId": "AD8795BE-5CC2-443D-99AD-BD6985CADBA7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h3:*:*:*:*:*:*",
"matchCriteriaId": "F3D096D4-E60E-4D4C-9122-C36B775B4A6F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h4:*:*:*:*:*:*",
"matchCriteriaId": "FEE28628-E969-44FC-B577-066DB98BBDA0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h6:*:*:*:*:*:*",
"matchCriteriaId": "C69B22C4-6E7D-4F39-B86C-D408670CDC42"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:-:*:*:*:*:*:*",
"matchCriteriaId": "DF83EAA1-49E1-4AD0-A049-F1B3065950BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h1:*:*:*:*:*:*",
"matchCriteriaId": "BE3F7369-9F35-409A-9F47-45A959592DFA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h4:*:*:*:*:*:*",
"matchCriteriaId": "E9DB4DA9-2262-4E9E-B3A1-49D261D01295"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h7:*:*:*:*:*:*",
"matchCriteriaId": "4852E738-990C-4DD2-8252-D4625D843A99"
}
]
}
]
}
],
"references": [
{
"url": "https://security.paloaltonetworks.com/CVE-2024-2552",
"source": "psirt@paloaltonetworks.com"
"source": "psirt@paloaltonetworks.com",
"tags": [
"Vendor Advisory"
]
}
]
}

9
CVE-2024/CVE-2024-268xx/CVE-2024-26885.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-26885",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-17T11:15:10.210",
"lastModified": "2024-11-21T09:03:17.910",
"lastModified": "2025-01-24T16:15:35.030",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -117,13 +117,6 @@
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/225da02acdc97af01b6bc6ce1a3e5362bf01d3fb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/250051acc21f9d4c5c595e4fcb55986ea08c4691",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",

10
CVE-2024/CVE-2024-268xx/CVE-2024-26886.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-26886",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-17T11:15:10.253",
"lastModified": "2024-12-04T18:15:13.987",
"lastModified": "2025-01-24T16:15:35.193",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -52,10 +52,6 @@
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/0625d7c240b307b78640dcd823cb738cb900a8ba",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/2c9e2df022ef8b9d7fac58a04a2ef4ed25288955",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
@ -68,10 +64,6 @@
"url": "https://git.kernel.org/stable/c/817e8138ce86001b2fa5c63d6ede756e205a01f7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/cb8adca52f306563d958a863bb0cbae9c184d1ae",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f7b94bdc1ec107c92262716b073b3e816d4784fb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"

10
CVE-2024/CVE-2024-268xx/CVE-2024-26889.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-26889",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-17T11:15:10.380",
"lastModified": "2024-11-21T09:03:18.463",
"lastModified": "2025-01-24T16:15:35.380",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -60,18 +60,10 @@
"url": "https://git.kernel.org/stable/c/2edce8e9a99dd5e4404259d52e754fdc97fb42c2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/4c69abb4d41ece30d9f4cfdf51cf3ee838f48723",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/54a03e4ac1a41edf8a5087bd59f8241b0de96d3d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/68644bf5ec6baaff40fc39b3529c874bfda709bd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/6d5a9d4a7bcbb7534ce45a18a52e7bd23e69d8ac",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"

34
CVE-2024/CVE-2024-269xx/CVE-2024-26920.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-26920",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-17T16:15:08.407",
"lastModified": "2024-11-21T09:03:23.117",
"lastModified": "2025-01-24T16:15:35.563",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -21,22 +21,6 @@
"url": "https://git.kernel.org/stable/c/0958b33ef5a04ed91f61cef4760ac412080c4e08",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/2450a69d2ee75d1f0112d509ac82ef98f5ad6b5f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/26ebeffff238488466fa578be3b35b8a46e69906",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/2a3073d58382157ab396734ed4e421ba9e969db1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/34925d01baf3ee62ab21c21efd9e2c44c24c004a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/36be97e9eb535fe3008a5cb040b1e56f29f2e398",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
@ -45,26 +29,10 @@
"url": "https://git.kernel.org/stable/c/4b001ef14baab16b553a002cb9979e31b8fc0c6b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/56cfbe60710772916a5ba092c99542332b48e870",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/6022c065c9ec465d84cebff8f480db083e4ee06b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/8ffd5590f4d6ef5460acbeac7fbdff7025f9b419",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b5085b5ac1d96ea2a8a6240f869655176ce44197",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/bcf4a115a5068f3331fafb8c176c1af0da3d8b19",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/0958b33ef5a04ed91f61cef4760ac412080c4e08",
"source": "af854a3a-2127-422b-91ae-364da2661108"

24
CVE-2024/CVE-2024-270xx/CVE-2024-27022.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-27022",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-01T06:15:21.110",
"lastModified": "2024-11-21T09:03:41.010",
"lastModified": "2025-01-24T16:15:35.707",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -105,17 +105,6 @@
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/04b0c41912349aff11a1bbaef6a722bd7fbb90ac",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/0c42f7e039aba3de6d7dbf92da708e2b2ecba557",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/35e351780fa9d8240dd6f7e4f245f9ea37e96c19",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
@ -130,17 +119,6 @@
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/cec11fa2eb512ebe3a459c185f4aca1d44059bbf",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/dd782da470761077f4d1120e191f1a35787cda6e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/04b0c41912349aff11a1bbaef6a722bd7fbb90ac",
"source": "af854a3a-2127-422b-91ae-364da2661108"

64
CVE-2024/CVE-2024-281xx/CVE-2024-28192.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-28192",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-03-13T21:16:00.823",
"lastModified": "2024-11-21T09:05:59.927",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-24T15:11:10.747",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
@ -53,16 +73,52 @@
"value": "CWE-943"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:yooooomi:your_spotify:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.8.0",
"matchCriteriaId": "4B8BF8EC-918E-446C-B00C-345B7A707F07"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/Yooooomi/your_spotify/security/advisories/GHSA-c8wf-wcjc-2pvm",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
},
{
"url": "https://github.com/Yooooomi/your_spotify/security/advisories/GHSA-c8wf-wcjc-2pvm",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
]
}
]
}

61
CVE-2024/CVE-2024-289xx/CVE-2024-28951.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-28951",
"sourceIdentifier": "scy@openharmony.io",
"published": "2024-04-02T07:15:45.030",
"lastModified": "2024-11-21T09:07:15.640",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-24T16:25:21.360",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -49,16 +69,49 @@
"value": "CWE-416"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:openatom:openharmony:4.0:-:*:*:-:*:*:*",
"matchCriteriaId": "0E24BA59-D8E5-438B-A046-3CF5CA940833"
}
]
}
]
}
],
"references": [
{
"url": "https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-04.md",
"source": "scy@openharmony.io"
"source": "scy@openharmony.io",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-04.md",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

65
CVE-2024/CVE-2024-290xx/CVE-2024-29006.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-29006",
"sourceIdentifier": "security@apache.org",
"published": "2024-04-04T08:15:06.810",
"lastModified": "2024-11-21T09:07:21.387",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-24T16:19:05.217",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,7 +15,30 @@
"value": "De forma predeterminada, el servidor de administraci\u00f3n de CloudStack respeta el encabezado HTTP x-forwarded-for y lo registra como la IP de origen de una solicitud de API. Esto podr\u00eda provocar una omisi\u00f3n de autenticaci\u00f3n y otros problemas operativos si un atacante decide falsificar su direcci\u00f3n IP de esta manera. Se recomienda a los usuarios actualizar a la versi\u00f3n 4.18.1.1 o 4.19.0.1 de CloudStack, que soluciona este problema."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@apache.org",
@ -28,14 +51,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:cloudstack:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.11.0.0",
"versionEndExcluding": "4.18.1.1",
"matchCriteriaId": "B50170D1-71D1-4F1E-A1A8-0611D6AD9765"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:cloudstack:4.19.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51E212EC-AC62-4533-B3B2-A660807F0C1F"
}
]
}
]
}
],
"references": [
{
"url": "https://lists.apache.org/thread/82f46pv7mvh95ybto5hn8wlo6g8jhjvp",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List",
"Vendor Advisory"
]
},
{
"url": "https://lists.apache.org/thread/82f46pv7mvh95ybto5hn8wlo6g8jhjvp",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Vendor Advisory"
]
}
]
}

105
CVE-2024/CVE-2024-298xx/CVE-2024-29834.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-29834",
"sourceIdentifier": "security@apache.org",
"published": "2024-04-02T20:15:09.607",
"lastModified": "2024-11-21T09:08:26.233",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-24T16:21:24.170",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
@ -51,30 +71,99 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:pulsar:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.7.1",
"versionEndIncluding": "2.10.6",
"matchCriteriaId": "6F72E981-1033-4288-B32A-D8BA23842F0A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:pulsar:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.11.0",
"versionEndIncluding": "2.11.4",
"matchCriteriaId": "BA0ADBDB-CBD3-465A-8A24-CA20BE0F2965"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:pulsar:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.0.0",
"versionEndExcluding": "3.0.4",
"matchCriteriaId": "39CB0C2C-FFA0-47AD-AE95-33EDCD69D747"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:pulsar:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.1.0",
"versionEndIncluding": "3.1.3",
"matchCriteriaId": "3B345AA3-0ACC-4953-B214-F505CDB077F6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:pulsar:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.2.0",
"versionEndExcluding": "3.2.2",
"matchCriteriaId": "92141F66-6615-4D09-9CD1-FB2341B7194E"
}
]
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/04/02/2",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread/v0ltl94k9lg28qfr1f54hpkvvsjc5bj5",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List",
"Vendor Advisory"
]
},
{
"url": "https://pulsar.apache.org/security/CVE-2024-29834/",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/04/02/2",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread/v0ltl94k9lg28qfr1f54hpkvvsjc5bj5",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Vendor Advisory"
]
},
{
"url": "https://pulsar.apache.org/security/CVE-2024-29834/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

138
CVE-2024/CVE-2024-310xx/CVE-2024-31079.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-31079",
"sourceIdentifier": "f5sirt@f5.com",
"published": "2024-05-29T16:15:09.800",
"lastModified": "2024-11-21T09:12:48.597",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-24T16:01:04.653",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.2,
"impactScore": 2.5
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.2,
"impactScore": 2.5
}
]
},
@ -49,40 +69,138 @@
"value": "CWE-121"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:nginx_open_source:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.25.0",
"versionEndExcluding": "1.26.1",
"matchCriteriaId": "CA79B55D-E494-4961-81C6-80363BE46FE0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:nginx_plus:r30:-:*:*:*:*:*:*",
"matchCriteriaId": "96BF2B19-52C7-4051-BA58-CAE6F912B72F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:nginx_plus:r30:p1:*:*:*:*:*:*",
"matchCriteriaId": "4EBEC829-7EED-487E-974D-BBA704DFBF0A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:nginx_plus:r30:p2:*:*:*:*:*:*",
"matchCriteriaId": "D0648596-D1F5-4A7A-B7F8-104E3AF26317"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:nginx_plus:r31:-:*:*:*:*:*:*",
"matchCriteriaId": "8248517E-D805-4928-8252-2168472341EF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:nginx_plus:r31:p1:*:*:*:*:*:*",
"matchCriteriaId": "9D5BB4C0-B862-4CDD-AA54-1BC1BDF27005"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*",
"matchCriteriaId": "CA277A6C-83EC-4536-9125-97B84C4FAF59"
}
]
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/05/30/4",
"source": "f5sirt@f5.com"
"source": "f5sirt@f5.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD/",
"source": "f5sirt@f5.com"
"source": "f5sirt@f5.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/",
"source": "f5sirt@f5.com"
"source": "f5sirt@f5.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://my.f5.com/manage/s/article/K000139611",
"source": "f5sirt@f5.com"
"source": "f5sirt@f5.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/05/30/4",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://my.f5.com/manage/s/article/K000139611",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

81
CVE-2024/CVE-2024-31xx/CVE-2024-3131.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-3131",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-04-01T17:16:19.970",
"lastModified": "2024-11-21T09:28:58.147",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-24T16:27:37.137",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
],
"cvssMetricV2": [
@ -76,38 +96,79 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oretnom23:computer_laboratory_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5A1D4E41-0B2D-4D1E-9AA9-CB4366C91AC4"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/ycxdzj/CVE_Hunter/blob/main/SQL-7.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.258874",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?id.258874",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?submit.308184",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/ycxdzj/CVE_Hunter/blob/main/SQL-7.md",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.258874",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?id.258874",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?submit.308184",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

91
CVE-2024/CVE-2024-31xx/CVE-2024-3139.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-3139",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-04-01T23:15:08.733",
"lastModified": "2024-11-21T09:28:58.927",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-24T16:29:06.287",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
],
"cvssMetricV2": [
@ -74,40 +94,91 @@
"value": "CWE-285"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-639"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oretnom23:computer_laboratory_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5A1D4E41-0B2D-4D1E-9AA9-CB4366C91AC4"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/Sospiro014/zday1/blob/main/Laboratory_Management_System.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.258914",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?id.258914",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?submit.308207",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/Sospiro014/zday1/blob/main/Laboratory_Management_System.md",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.258914",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?id.258914",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?submit.308207",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

81
CVE-2024/CVE-2024-31xx/CVE-2024-3140.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-3140",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-04-01T23:15:09.393",
"lastModified": "2024-11-21T09:28:59.070",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-24T16:30:02.737",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
],
"cvssMetricV2": [
@ -76,38 +96,79 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oretnom23:computer_laboratory_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5A1D4E41-0B2D-4D1E-9AA9-CB4366C91AC4"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/Sospiro014/zday1/blob/main/xss_1.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.258915",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?id.258915",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?submit.308214",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/Sospiro014/zday1/blob/main/xss_1.md",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.258915",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?id.258915",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?submit.308214",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

138
CVE-2024/CVE-2024-327xx/CVE-2024-32760.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-32760",
"sourceIdentifier": "f5sirt@f5.com",
"published": "2024-05-29T16:15:10.043",
"lastModified": "2024-11-21T09:15:40.530",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-24T16:21:55.993",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
@ -49,40 +69,138 @@
"value": "CWE-787"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:nginx_open_source:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.25.0",
"versionEndExcluding": "1.26.1",
"matchCriteriaId": "CA79B55D-E494-4961-81C6-80363BE46FE0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:nginx_plus:r30:-:*:*:*:*:*:*",
"matchCriteriaId": "96BF2B19-52C7-4051-BA58-CAE6F912B72F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:nginx_plus:r30:p1:*:*:*:*:*:*",
"matchCriteriaId": "4EBEC829-7EED-487E-974D-BBA704DFBF0A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:nginx_plus:r30:p2:*:*:*:*:*:*",
"matchCriteriaId": "D0648596-D1F5-4A7A-B7F8-104E3AF26317"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:nginx_plus:r31:-:*:*:*:*:*:*",
"matchCriteriaId": "8248517E-D805-4928-8252-2168472341EF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:nginx_plus:r31:p1:*:*:*:*:*:*",
"matchCriteriaId": "9D5BB4C0-B862-4CDD-AA54-1BC1BDF27005"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*",
"matchCriteriaId": "CA277A6C-83EC-4536-9125-97B84C4FAF59"
}
]
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/05/30/4",
"source": "f5sirt@f5.com"
"source": "f5sirt@f5.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD/",
"source": "f5sirt@f5.com"
"source": "f5sirt@f5.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/",
"source": "f5sirt@f5.com"
"source": "f5sirt@f5.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://my.f5.com/manage/s/article/K000139609",
"source": "f5sirt@f5.com"
"source": "f5sirt@f5.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/05/30/4",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://my.f5.com/manage/s/article/K000139609",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

81
CVE-2024/CVE-2024-32xx/CVE-2024-3251.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-3251",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-04-03T10:15:09.257",
"lastModified": "2024-11-21T09:29:14.820",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-24T16:31:37.807",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -76,38 +96,79 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oretnom23:computer_laboratory_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5A1D4E41-0B2D-4D1E-9AA9-CB4366C91AC4"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/0xAlmighty/Vulnerability-Research/blob/main/SourceCodester/CLMS/SourceCodester-CLMS-SQLi.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.259100",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?id.259100",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?submit.309091",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/0xAlmighty/Vulnerability-Research/blob/main/SourceCodester/CLMS/SourceCodester-CLMS-SQLi.md",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.259100",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?id.259100",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?submit.309091",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

77
CVE-2024/CVE-2024-33xx/CVE-2024-3383.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-3383",
"sourceIdentifier": "psirt@paloaltonetworks.com",
"published": "2024-04-10T17:15:57.000",
"lastModified": "2024-11-21T09:29:30.393",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-24T15:29:26.313",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.2,
"impactScore": 5.2
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
}
]
},
@ -49,16 +69,65 @@
"value": "CWE-282"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.1.0",
"versionEndExcluding": "10.1.11",
"matchCriteriaId": "77695C8C-9732-4605-A160-A5159BD8B49C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.2.0",
"versionEndExcluding": "10.2.5",
"matchCriteriaId": "831B815F-436B-40D2-AFBA-9BE7275C2BEB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.0.0",
"versionEndExcluding": "11.0.3",
"matchCriteriaId": "A6B9B8A6-A4A7-4C14-9D22-50FEF531F15D"
}
]
}
]
}
],
"references": [
{
"url": "https://security.paloaltonetworks.com/CVE-2024-3383",
"source": "psirt@paloaltonetworks.com"
"source": "psirt@paloaltonetworks.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://security.paloaltonetworks.com/CVE-2024-3383",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

89
CVE-2024/CVE-2024-33xx/CVE-2024-3384.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-3384",
"sourceIdentifier": "psirt@paloaltonetworks.com",
"published": "2024-04-10T17:15:57.217",
"lastModified": "2024-11-21T09:29:30.517",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-24T15:54:56.557",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,16 +69,77 @@
"value": "CWE-1286"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.1.0",
"versionEndExcluding": "8.1.24",
"matchCriteriaId": "F7D77695-CFDE-4BAE-8C8B-E389CC5C7A3F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.0.0",
"versionEndExcluding": "9.0.17",
"matchCriteriaId": "89A55C5F-8E01-42C4-BE93-D683900C07BE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.1.0",
"versionEndExcluding": "9.1.15",
"matchCriteriaId": "88CE0E44-13FF-4FD0-94D2-0C0823A7A70E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.0.0",
"versionEndExcluding": "10.0.12",
"matchCriteriaId": "71F1F86A-8158-4BE8-B509-5F50421DA829"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:9.1.15:-:*:*:*:*:*:*",
"matchCriteriaId": "7D461A2C-0DD3-4E11-B3BB-ECDFAE85064A"
}
]
}
]
}
],
"references": [
{
"url": "https://security.paloaltonetworks.com/CVE-2024-3384",
"source": "psirt@paloaltonetworks.com"
"source": "psirt@paloaltonetworks.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://security.paloaltonetworks.com/CVE-2024-3384",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

143
CVE-2024/CVE-2024-33xx/CVE-2024-3385.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-3385",
"sourceIdentifier": "psirt@paloaltonetworks.com",
"published": "2024-04-10T17:15:57.410",
"lastModified": "2024-11-21T09:29:30.643",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-24T15:55:48.127",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -53,16 +73,131 @@
"value": "CWE-476"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.0.0",
"versionEndIncluding": "9.0.16",
"matchCriteriaId": "E954D7B2-125D-4246-BEC8-4A5E0DFEC580"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.1.0",
"versionEndExcluding": "9.1.17",
"matchCriteriaId": "9F9FFBA6-7008-422B-9CF1-E37CA62081EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.1.0",
"versionEndExcluding": "10.1.12",
"matchCriteriaId": "AC18B586-8FE2-4362-9F60-490FCB52569F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.2.0",
"versionEndExcluding": "10.2.8",
"matchCriteriaId": "C430BDF9-C688-47F9-BE38-D75460AE5B17"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.0.0",
"versionEndExcluding": "11.0.3",
"matchCriteriaId": "A6B9B8A6-A4A7-4C14-9D22-50FEF531F15D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:9.0.17:-:*:*:*:*:*:*",
"matchCriteriaId": "CDAE9753-EF8D-4B15-A73C-0EF56FE6C78C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:9.0.17:h1:*:*:*:*:*:*",
"matchCriteriaId": "2A142EE1-E516-4582-9A7E-6E4C74FB3991"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:paloaltonetworks:pa-5410:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C702B085-D739-4E06-805F-D01144279071"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:paloaltonetworks:pa-5420:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29237799-7DF5-478C-AE36-EC8E8416EAB7"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:paloaltonetworks:pa-5430:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CEB69E29-2974-4963-96D6-E0C08D7777F4"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:paloaltonetworks:pa-5440:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1F7914EA-FEA6-4911-9A47-4F516BEE6663"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:paloaltonetworks:pa-5445:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37BC54A5-071C-4F62-87EB-2314CA019B08"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:paloaltonetworks:pa-7050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1536A4E4-D769-45C8-B85C-4A1A4F4AAEC0"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:paloaltonetworks:pa-7080:-:*:*:*:*:*:*:*",
"matchCriteriaId": "01AEF722-2554-4B30-8821-84B20F3BA8CC"
}
]
}
]
}
],
"references": [
{
"url": "https://security.paloaltonetworks.com/CVE-2024-3385",
"source": "psirt@paloaltonetworks.com"
"source": "psirt@paloaltonetworks.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://security.paloaltonetworks.com/CVE-2024-3385",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

128
CVE-2024/CVE-2024-33xx/CVE-2024-3386.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-3386",
"sourceIdentifier": "psirt@paloaltonetworks.com",
"published": "2024-04-10T17:15:57.593",
"lastModified": "2024-11-21T09:29:30.777",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-24T15:58:52.233",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
@ -49,16 +69,116 @@
"value": "CWE-436"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-436"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.0.0",
"versionEndExcluding": "9.0.16",
"matchCriteriaId": "0E3757E3-17C0-4D42-A31A-78F40A774F41"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.1.0",
"versionEndExcluding": "9.1.17",
"matchCriteriaId": "9F9FFBA6-7008-422B-9CF1-E37CA62081EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.0.0",
"versionEndExcluding": "10.0.13",
"matchCriteriaId": "49DA2985-ADAA-4B26-B015-8B49D783B6D2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.1.0",
"versionEndIncluding": "10.1.8",
"matchCriteriaId": "8B759077-C985-4005-8907-32E0C6CDFC10"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.2.0",
"versionEndExcluding": "10.2.4",
"matchCriteriaId": "D61F01F8-1598-4078-9D98-BFF5B62F3BA5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.0.0",
"versionEndExcluding": "11.0.1",
"matchCriteriaId": "77DF6A1B-2E69-4216-8740-3B1FF95E15A0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:9.0.17:-:*:*:*:*:*:*",
"matchCriteriaId": "CDAE9753-EF8D-4B15-A73C-0EF56FE6C78C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:9.0.17:h1:*:*:*:*:*:*",
"matchCriteriaId": "2A142EE1-E516-4582-9A7E-6E4C74FB3991"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "74E22763-558D-4B53-9452-BBD0C07366D9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h1:*:*:*:*:*:*",
"matchCriteriaId": "F5B9B574-5F3D-46B5-B9D8-2015997A63D5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:-:*:*:*:*:*:*",
"matchCriteriaId": "135588B5-6771-46A3-98B0-39B4873FD6FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:-:*:*:*:*:*:*",
"matchCriteriaId": "10A69DAE-5AD5-4E1C-9DF0-C7B7BB023B66"
}
]
}
]
}
],
"references": [
{
"url": "https://security.paloaltonetworks.com/CVE-2024-3386",
"source": "psirt@paloaltonetworks.com"
"source": "psirt@paloaltonetworks.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://security.paloaltonetworks.com/CVE-2024-3386",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

152
CVE-2024/CVE-2024-33xx/CVE-2024-3388.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-3388",
"sourceIdentifier": "psirt@paloaltonetworks.com",
"published": "2024-04-10T17:15:57.970",
"lastModified": "2024-11-21T09:29:31.047",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-24T16:16:18.310",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.1,
"impactScore": 1.4
}
]
},
@ -53,16 +73,140 @@
"value": "CWE-863"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-269"
},
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.1.0",
"versionEndExcluding": "8.1.26",
"matchCriteriaId": "E37C0550-B96B-4A7F-A330-F2D7F4756D8D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.0.0",
"versionEndExcluding": "9.0.17",
"matchCriteriaId": "89A55C5F-8E01-42C4-BE93-D683900C07BE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.1.0",
"versionEndExcluding": "9.1.17",
"matchCriteriaId": "9F9FFBA6-7008-422B-9CF1-E37CA62081EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.1.0",
"versionEndExcluding": "10.1.11",
"matchCriteriaId": "77695C8C-9732-4605-A160-A5159BD8B49C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.2.0",
"versionEndExcluding": "10.2.7",
"matchCriteriaId": "243077CD-5021-4DF3-8AC7-5B14F7FD9710"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.0.0",
"versionEndExcluding": "11.0.3",
"matchCriteriaId": "A6B9B8A6-A4A7-4C14-9D22-50FEF531F15D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:9.0.17:-:*:*:*:*:*:*",
"matchCriteriaId": "CDAE9753-EF8D-4B15-A73C-0EF56FE6C78C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:9.0.17:h1:*:*:*:*:*:*",
"matchCriteriaId": "2A142EE1-E516-4582-9A7E-6E4C74FB3991"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:-:*:*:*:*:*:*",
"matchCriteriaId": "F6242E26-AF44-4A19-ADD3-CBB798A862D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:h1:*:*:*:*:*:*",
"matchCriteriaId": "72EF4202-7A13-4528-B928-CC34B76725B4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:h3:*:*:*:*:*:*",
"matchCriteriaId": "8E58BF5C-037D-45B1-8867-D510EC0F80B9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:-:*:*:*:*:*:*",
"matchCriteriaId": "A8C42D98-CF8F-456B-9D57-80BBDC2C8E74"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h1:*:*:*:*:*:*",
"matchCriteriaId": "B3AAD4BA-22DD-43D3-91F1-8A6F5FBBF029"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:paloaltonetworks:prisma_access:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FFB6FBC7-DEEB-4571-BCF9-92345A4B614A"
}
]
}
]
}
],
"references": [
{
"url": "https://security.paloaltonetworks.com/CVE-2024-3388",
"source": "psirt@paloaltonetworks.com"
"source": "psirt@paloaltonetworks.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://security.paloaltonetworks.com/CVE-2024-3388",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

138
CVE-2024/CVE-2024-341xx/CVE-2024-34161.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-34161",
"sourceIdentifier": "f5sirt@f5.com",
"published": "2024-05-29T16:15:10.270",
"lastModified": "2024-11-21T09:18:13.217",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-24T16:20:57.617",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
@ -49,40 +69,138 @@
"value": "CWE-416"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:nginx_open_source:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.25.0",
"versionEndExcluding": "1.26.1",
"matchCriteriaId": "CA79B55D-E494-4961-81C6-80363BE46FE0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:nginx_plus:r30:-:*:*:*:*:*:*",
"matchCriteriaId": "96BF2B19-52C7-4051-BA58-CAE6F912B72F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:nginx_plus:r30:p1:*:*:*:*:*:*",
"matchCriteriaId": "4EBEC829-7EED-487E-974D-BBA704DFBF0A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:nginx_plus:r30:p2:*:*:*:*:*:*",
"matchCriteriaId": "D0648596-D1F5-4A7A-B7F8-104E3AF26317"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:nginx_plus:r31:-:*:*:*:*:*:*",
"matchCriteriaId": "8248517E-D805-4928-8252-2168472341EF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:nginx_plus:r31:p1:*:*:*:*:*:*",
"matchCriteriaId": "9D5BB4C0-B862-4CDD-AA54-1BC1BDF27005"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*",
"matchCriteriaId": "CA277A6C-83EC-4536-9125-97B84C4FAF59"
}
]
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/05/30/4",
"source": "f5sirt@f5.com"
"source": "f5sirt@f5.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD/",
"source": "f5sirt@f5.com"
"source": "f5sirt@f5.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/",
"source": "f5sirt@f5.com"
"source": "f5sirt@f5.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://my.f5.com/manage/s/article/K000139627",
"source": "f5sirt@f5.com"
"source": "f5sirt@f5.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/05/30/4",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://my.f5.com/manage/s/article/K000139627",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

138
CVE-2024/CVE-2024-352xx/CVE-2024-35200.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35200",
"sourceIdentifier": "f5sirt@f5.com",
"published": "2024-05-29T16:15:10.497",
"lastModified": "2024-11-21T09:19:55.233",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-24T16:15:15.340",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
@ -49,40 +69,138 @@
"value": "CWE-476"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:nginx_open_source:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.25.0",
"versionEndExcluding": "1.26.1",
"matchCriteriaId": "CA79B55D-E494-4961-81C6-80363BE46FE0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:nginx_plus:r30:-:*:*:*:*:*:*",
"matchCriteriaId": "96BF2B19-52C7-4051-BA58-CAE6F912B72F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:nginx_plus:r30:p1:*:*:*:*:*:*",
"matchCriteriaId": "4EBEC829-7EED-487E-974D-BBA704DFBF0A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:nginx_plus:r30:p2:*:*:*:*:*:*",
"matchCriteriaId": "D0648596-D1F5-4A7A-B7F8-104E3AF26317"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:nginx_plus:r31:-:*:*:*:*:*:*",
"matchCriteriaId": "8248517E-D805-4928-8252-2168472341EF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:nginx_plus:r31:p1:*:*:*:*:*:*",
"matchCriteriaId": "9D5BB4C0-B862-4CDD-AA54-1BC1BDF27005"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*",
"matchCriteriaId": "CA277A6C-83EC-4536-9125-97B84C4FAF59"
}
]
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/05/30/4",
"source": "f5sirt@f5.com"
"source": "f5sirt@f5.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD/",
"source": "f5sirt@f5.com"
"source": "f5sirt@f5.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/",
"source": "f5sirt@f5.com"
"source": "f5sirt@f5.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://my.f5.com/manage/s/article/K000139612",
"source": "f5sirt@f5.com"
"source": "f5sirt@f5.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/05/30/4",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://my.f5.com/manage/s/article/K000139612",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

10
CVE-2024/CVE-2024-359xx/CVE-2024-35995.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-35995",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-20T10:15:13.597",
"lastModified": "2024-12-27T13:15:20.103",
"lastModified": "2025-01-24T16:15:35.870",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -29,18 +29,10 @@
"url": "https://git.kernel.org/stable/c/2f4a4d63a193be6fd530d180bb13c3592052904c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/4949affd5288b867cdf115f5b08d6166b2027f87",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/6cb6b12b78dcd8867a3fdbb1b6d0ed1df2b208d1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b54c4632946ae42f2b39ed38abd909bbf78cbcc2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/01fc53be672acae37e611c80cc0b4f3939584de3",
"source": "af854a3a-2127-422b-91ae-364da2661108"

56
CVE-2024/CVE-2024-406xx/CVE-2024-40693.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-40693",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-01-24T16:15:36.003",
"lastModified": "2025-01-24T16:15:36.003",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Planning Analytics 2.0 and 2.1 could be vulnerable to malicious file upload by not validating the content of the file uploaded to the web interface. Attackers can make use of this weakness and upload malicious executable files into the system, and it can be sent to victim for performing further attacks."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7168387",
"source": "psirt@us.ibm.com"
}
]
}

56
CVE-2024/CVE-2024-407xx/CVE-2024-40706.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-40706",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-01-24T16:15:36.150",
"lastModified": "2025-01-24T16:15:36.150",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM InfoSphere Information Server 11.7 could allow a remote user to obtain sensitive version information that could aid in further attacks against the system."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-497"
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7169826",
"source": "psirt@us.ibm.com"
}
]
}

56
CVE-2024/CVE-2024-417xx/CVE-2024-41757.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-41757",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-01-24T16:15:36.297",
"lastModified": "2025-01-24T16:15:36.297",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Concert Software 1.0.0 and 1.0.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-311"
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7173596",
"source": "psirt@us.ibm.com"
}
]
}

16
CVE-2024/CVE-2024-420xx/CVE-2024-42067.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-42067",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-07-29T16:15:06.323",
"lastModified": "2024-11-21T09:33:31.323",
"lastModified": "2025-01-24T16:15:36.447",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -84,20 +84,6 @@
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/08f6c05feb1db21653e98ca84ea04ca032d014c7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9fef36cad60d4226f9d06953cd56d1d2f9119730",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e60adf513275c3a38e5cb67f7fd12387e43a3ff5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",

16
CVE-2024/CVE-2024-420xx/CVE-2024-42068.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-42068",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-07-29T16:15:06.387",
"lastModified": "2024-11-21T09:33:31.457",
"lastModified": "2025-01-24T16:15:36.613",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -112,13 +112,6 @@
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e3540e5a7054d6daaf9a1415a48aacb092112a89",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e4f602e3ff749ba770bf8ff10196e18358de6720",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
@ -126,13 +119,6 @@
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/fdd411af8178edc6b7bf260f8fa4fba1bedd0a6d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/05412471beba313ecded95aa17b25fe84bb2551a",
"source": "af854a3a-2127-422b-91ae-364da2661108",

10
CVE-2024/CVE-2024-449xx/CVE-2024-44949.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-44949",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-04T19:15:30.040",
"lastModified": "2024-12-19T19:15:07.270",
"lastModified": "2025-01-24T16:15:36.763",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -86,10 +86,6 @@
"url": "https://git.kernel.org/stable/c/00baca74fb5879e5f9034b6156671301f500f8ee",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/3dfd8991ad33b10c2fb027a4cfcf57579fa786c1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/533de2f470baac40d3bf622fe631f15231a03c9f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
@ -110,10 +106,6 @@
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/dadac97f066a67334268132c1e2d0fd599fbcbec",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

56
CVE-2024/CVE-2024-450xx/CVE-2024-45077.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-45077",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-01-24T16:15:36.903",
"lastModified": "2025-01-24T16:15:36.903",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Maximo Asset Management 7.6.1.3 MXAPIASSET API is vulnerable to unrestricted file upload which allows authenticated low privileged user to upload restricted file types with a simple method of adding a dot to the end of the file name if Maximo is installed on Windows operating system."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-98"
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7174819",
"source": "psirt@us.ibm.com"
}
]
}

94
CVE-2024/CVE-2024-46xx/CVE-2024-4618.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-4618",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-05-15T02:15:10.333",
"lastModified": "2024-11-21T09:43:13.690",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-24T16:37:51.287",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,41 +36,115 @@
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:exclusiveaddons:exclusive_addons_for_elementor:*:*:*:*:free:wordpress:*:*",
"versionEndExcluding": "2.6.9.7",
"matchCriteriaId": "0C0BB825-359B-4D2B-A8E3-D65B4A342CE3"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/exclusive-addons-for-elementor/tags/2.6.9.6/elements/team-member/team-member.php#L1696",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3083582/#file4",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://wordpress.org/plugins/exclusive-addons-for-elementor/#developers",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2e82478c-e476-4cdf-ab72-f578331058e2?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/exclusive-addons-for-elementor/tags/2.6.9.6/elements/team-member/team-member.php#L1696",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3083582/#file4",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://wordpress.org/plugins/exclusive-addons-for-elementor/#developers",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2e82478c-e476-4cdf-ab72-f578331058e2?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

23
CVE-2024/CVE-2024-476xx/CVE-2024-47683.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-47683",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T12:15:05.210",
"lastModified": "2024-12-27T13:15:20.820",
"lastModified": "2025-01-24T16:15:37.083",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -112,13 +112,6 @@
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/6f9c39e8169384d2a5ca9bf323a0c1b81b3d0f3a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7c887efda1201110211fed8921a92a713e0b6bcd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
@ -132,20 +125,6 @@
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a53841b074cc196c3caaa37e1f15d6bc90943b97",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d45c64d933586d409d3f1e0ecaca4da494b1d9c6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

10
CVE-2024/CVE-2024-499xx/CVE-2024-49926.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-49926",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T18:15:14.623",
"lastModified": "2025-01-02T14:15:07.770",
"lastModified": "2025-01-24T16:15:37.237",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -84,10 +84,6 @@
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/224fd631c41b81697aa622d38615bfbf446b91cf",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/3104bddc666ff64b90491868bbc4c7ebdd90aedf",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
@ -95,10 +91,6 @@
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/acddb87620142f38fda834cd1ec661512ca59241",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b3b2431ed27f4ebc28e26cdf005c1de42dc60bdf",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",

13
CVE-2024/CVE-2024-500xx/CVE-2024-50010.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-50010",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T19:15:04.523",
"lastModified": "2024-12-05T14:15:21.263",
"lastModified": "2025-01-24T16:15:37.430",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -98,20 +98,9 @@
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b8b0e9650eeb6637b4e1cf3d6aaf0e96f87862e7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c9b77438077d5a20c79ead95bcdaf9bd4797baaf",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d62ba2a5536df83473a2ac15ab302258e3845251",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

32
CVE-2024/CVE-2024-502xx/CVE-2024-50282.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-50282",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-19T02:16:30.540",
"lastModified": "2024-11-21T21:14:20.060",
"vulnStatus": "Analyzed",
"lastModified": "2025-01-24T16:15:37.570",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -142,20 +142,6 @@
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/17f5f18085acb5e9d8d13d84a4e12bb3aff2bd64",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/25d7e84343e1235b667cf5226c3934fdf36f0df6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/2faaee36e6e30f9efc7fa6bcb0bdcbe05c23f51f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
@ -177,26 +163,12 @@
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7ccd781794d247589104a791caab491e21218fba",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8906728f2fbd6504cb488f4afdd66af28f330a7a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/aaf6160a4b7f9ee3cd91aa5b3251f5dbe2170f42",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

41
CVE-2024/CVE-2024-571xx/CVE-2024-57184.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-57184",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-24T14:15:31.793",
"lastModified": "2025-01-24T14:15:31.793",
"vulnStatus": "Received",
"lastModified": "2025-01-24T15:15:10.523",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -11,7 +11,42 @@
"value": "An issue was discovered in GPAC v0.8.0, as demonstrated by MP4Box. It contains a heap-based buffer overflow in gf_m2ts_process_pmt in media_tools/mpegts.c:2163 that can cause a denial of service (DOS) via a crafted MP4 file."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"references": [
{
"url": "https://github.com/gpac/gpac/commit/8c5e847185d74462d674ee7d28fb46c29dae6dd2",

96
CVE-2024/CVE-2024-59xx/CVE-2024-5913.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5913",
"sourceIdentifier": "psirt@paloaltonetworks.com",
"published": "2024-07-10T19:15:11.837",
"lastModified": "2024-11-21T09:48:34.290",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-24T16:00:42.420",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 0.2,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9
}
]
},
@ -49,16 +69,84 @@
"value": "CWE-20"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.1.0",
"versionEndExcluding": "10.1.14",
"matchCriteriaId": "19D52DC1-4441-4C88-B209-9B86FCC2162F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.2.0",
"versionEndExcluding": "10.2.10",
"matchCriteriaId": "ECC53672-829D-4995-A75A-CE8D3C38A3A3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.0.0",
"versionEndExcluding": "11.0.5",
"matchCriteriaId": "06B9F11D-D5EF-487A-8E43-9AE14307CCE5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.1.0",
"versionEndExcluding": "11.1.4",
"matchCriteriaId": "459485B4-47FF-4A5F-9249-AE0445A0096A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.2.0",
"versionEndExcluding": "11.2.1",
"matchCriteriaId": "68053EEE-7CCC-4345-9700-F5FA6F606EDB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:-:*:*:*:*:*:*",
"matchCriteriaId": "B41A7115-A370-49E1-B162-24803E6DD2CB"
}
]
}
]
}
],
"references": [
{
"url": "https://security.paloaltonetworks.com/CVE-2024-5913",
"source": "psirt@paloaltonetworks.com"
"source": "psirt@paloaltonetworks.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://security.paloaltonetworks.com/CVE-2024-5913",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

67
CVE-2024/CVE-2024-59xx/CVE-2024-5917.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5917",
"sourceIdentifier": "psirt@paloaltonetworks.com",
"published": "2024-11-14T10:15:08.607",
"lastModified": "2025-01-15T23:15:09.910",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-24T16:04:54.887",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -59,6 +59,28 @@
"providerUrgency": "AMBER"
}
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
@ -71,12 +93,51 @@
"value": "CWE-918"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.1.0",
"versionEndExcluding": "10.1.7",
"matchCriteriaId": "98999D32-B8D9-4D47-94D9-6383D31D0518"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.2.0",
"versionEndExcluding": "10.2.2",
"matchCriteriaId": "22513B1B-6022-4732-8CD4-6E74E40D664A"
}
]
}
]
}
],
"references": [
{
"url": "https://security.paloaltonetworks.com/CVE-2024-5917",
"source": "psirt@paloaltonetworks.com"
"source": "psirt@paloaltonetworks.com",
"tags": [
"Vendor Advisory"
]
}
]
}

74
CVE-2024/CVE-2024-59xx/CVE-2024-5919.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5919",
"sourceIdentifier": "psirt@paloaltonetworks.com",
"published": "2024-11-14T10:15:09.027",
"lastModified": "2024-11-15T13:58:08.913",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-24T16:06:00.323",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -59,6 +59,28 @@
"providerUrgency": "AMBER"
}
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
@ -71,12 +93,58 @@
"value": "CWE-611"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-611"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.1.0",
"versionEndExcluding": "10.1.10",
"matchCriteriaId": "8F25D99D-0E7C-469B-977E-FCBD0AB2373E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.2.0",
"versionEndExcluding": "10.2.5",
"matchCriteriaId": "831B815F-436B-40D2-AFBA-9BE7275C2BEB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.0.0",
"versionEndExcluding": "11.0.2",
"matchCriteriaId": "8A69845B-51CA-4612-BCBA-96EF92F01D2F"
}
]
}
]
}
],
"references": [
{
"url": "https://security.paloaltonetworks.com/CVE-2024-5919",
"source": "psirt@paloaltonetworks.com"
"source": "psirt@paloaltonetworks.com",
"tags": [
"Vendor Advisory"
]
}
]
}

81
CVE-2024/CVE-2024-59xx/CVE-2024-5920.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5920",
"sourceIdentifier": "psirt@paloaltonetworks.com",
"published": "2024-11-14T10:15:09.223",
"lastModified": "2024-11-15T13:58:08.913",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-24T16:06:43.023",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -59,6 +59,28 @@
"providerUrgency": "AMBER"
}
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
@ -71,12 +93,65 @@
"value": "CWE-79"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.1.0",
"versionEndExcluding": "10.1.14",
"matchCriteriaId": "19D52DC1-4441-4C88-B209-9B86FCC2162F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.2.0",
"versionEndExcluding": "10.2.11",
"matchCriteriaId": "3B10307C-3EED-4014-AA02-122C6A112D66"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.0.0",
"versionEndExcluding": "11.0.6",
"matchCriteriaId": "47CBEECE-EA41-4A58-8AE9-D695C76D4019"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.1.0",
"versionEndExcluding": "11.1.4",
"matchCriteriaId": "459485B4-47FF-4A5F-9249-AE0445A0096A"
}
]
}
]
}
],
"references": [
{
"url": "https://security.paloaltonetworks.com/CVE-2024-5920",
"source": "psirt@paloaltonetworks.com"
"source": "psirt@paloaltonetworks.com",
"tags": [
"Vendor Advisory"
]
}
]
}

65
CVE-2024/CVE-2024-76xx/CVE-2024-7634.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7634",
"sourceIdentifier": "f5sirt@f5.com",
"published": "2024-08-22T18:15:10.553",
"lastModified": "2024-08-23T16:18:28.547",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-24T16:14:16.497",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -80,6 +80,26 @@
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
]
},
@ -93,12 +113,51 @@
"value": "CWE-22"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:nginx_agent:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.17.0",
"versionEndExcluding": "2.37.0",
"matchCriteriaId": "B54DC1BB-2696-41DE-BC93-22EF05D2214C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:nginx_instance_manager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.3.1",
"versionEndExcluding": "2.17.2",
"matchCriteriaId": "C029BDAC-95E1-4CCC-835D-954064A4F26E"
}
]
}
]
}
],
"references": [
{
"url": "https://my.f5.com/manage/s/article/K000140630",
"source": "f5sirt@f5.com"
"source": "f5sirt@f5.com",
"tags": [
"Vendor Advisory"
]
}
]
}

56
CVE-2024/CVE-2024-94xx/CVE-2024-9490.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-9490",
"sourceIdentifier": "product-security@silabs.com",
"published": "2025-01-24T15:15:10.683",
"lastModified": "2025-01-24T15:15:10.683",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "DLL hijacking vulnerabilities, caused by an uncontrolled search path in Silicon Labs (8-bit) IDE installer can lead to privilege escalation and arbitrary code execution when running the impacted installer."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@silabs.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "product-security@silabs.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
}
],
"references": [
{
"url": "https://community.silabs.com/068Vm00000JUQwd",
"source": "product-security@silabs.com"
}
]
}

56
CVE-2024/CVE-2024-94xx/CVE-2024-9491.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-9491",
"sourceIdentifier": "product-security@silabs.com",
"published": "2025-01-24T15:15:10.817",
"lastModified": "2025-01-24T15:15:10.817",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "DLL hijacking vulnerabilities, caused by an uncontrolled search path in Configuration Wizard 2 installer can lead to privilege escalation and arbitrary code execution when running the impacted installer."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@silabs.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "product-security@silabs.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
}
],
"references": [
{
"url": "https://community.silabs.com/068Vm00000JUQwd",
"source": "product-security@silabs.com"
}
]
}

56
CVE-2024/CVE-2024-94xx/CVE-2024-9492.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-9492",
"sourceIdentifier": "product-security@silabs.com",
"published": "2025-01-24T15:15:10.940",
"lastModified": "2025-01-24T15:15:10.940",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "DLL hijacking vulnerabilities, caused by an uncontrolled search path in Flash Programming Utility installer can lead to privilege escalation and arbitrary code execution when running the impacted installer."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@silabs.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "product-security@silabs.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
}
],
"references": [
{
"url": "https://community.silabs.com/068Vm00000JUQwd",
"source": "product-security@silabs.com"
}
]
}

56
CVE-2024/CVE-2024-94xx/CVE-2024-9493.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-9493",
"sourceIdentifier": "product-security@silabs.com",
"published": "2025-01-24T15:15:11.070",
"lastModified": "2025-01-24T15:15:11.070",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "DLL hijacking vulnerabilities, caused by an uncontrolled search path in the\u00a0\n\nToolStick\n\n installer can lead to privilege escalation and arbitrary code execution when running the impacted installer."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@silabs.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "product-security@silabs.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
}
],
"references": [
{
"url": "https://community.silabs.com/068Vm00000JUQwd",
"source": "product-security@silabs.com"
}
]
}

56
CVE-2024/CVE-2024-94xx/CVE-2024-9494.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-9494",
"sourceIdentifier": "product-security@silabs.com",
"published": "2025-01-24T15:15:11.197",
"lastModified": "2025-01-24T15:15:11.197",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "DLL hijacking vulnerabilities, caused by an uncontrolled search path in the\u00a0\n\n\n\nCP210 VCP Win 2k\n\n\n\n installer can lead to privilege escalation and arbitrary code execution when running the impacted installer."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@silabs.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "product-security@silabs.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
}
],
"references": [
{
"url": "https://community.silabs.com/068Vm00000JUQwd",
"source": "product-security@silabs.com"
}
]
}

56
CVE-2024/CVE-2024-94xx/CVE-2024-9495.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-9495",
"sourceIdentifier": "product-security@silabs.com",
"published": "2025-01-24T15:15:11.323",
"lastModified": "2025-01-24T15:15:11.323",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "DLL hijacking vulnerabilities, caused by an uncontrolled search path in the\u00a0CP210x VCP Windows \n\n\n\n installer can lead to privilege escalation and arbitrary code execution when running the impacted installer."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@silabs.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "product-security@silabs.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
}
],
"references": [
{
"url": "https://community.silabs.com/068Vm00000JUQwd",
"source": "product-security@silabs.com"
}
]
}

86
CVE-2024/CVE-2024-94xx/CVE-2024-9496.json Normal file
View File

@ -0,0 +1,86 @@
{
"id": "CVE-2024-9496",
"sourceIdentifier": "product-security@silabs.com",
"published": "2025-01-24T15:15:11.450",
"lastModified": "2025-01-24T15:15:11.450",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "DLL hijacking vulnerabilities, caused by an uncontrolled search path in the\u00a0USBXpress Dev Kit\n\n \n\n\n\n installer can lead to privilege escalation and arbitrary code execution when running the impacted installer."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@silabs.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 6.0
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "product-security@silabs.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
}
],
"references": [
{
"url": "https://community.silabs.com/068Vm00000JUQwd",
"source": "product-security@silabs.com"
}
]
}

86
CVE-2024/CVE-2024-94xx/CVE-2024-9497.json Normal file
View File

@ -0,0 +1,86 @@
{
"id": "CVE-2024-9497",
"sourceIdentifier": "product-security@silabs.com",
"published": "2025-01-24T15:15:11.620",
"lastModified": "2025-01-24T15:15:11.620",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "DLL hijacking vulnerabilities, caused by an uncontrolled search path in the\u00a0USBXpress 4 SDK\n\n \n\n\n\n installer can lead to privilege escalation and arbitrary code execution when running the impacted installer."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@silabs.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 6.0
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "product-security@silabs.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
}
],
"references": [
{
"url": "https://community.silabs.com/068Vm00000JUQwd",
"source": "product-security@silabs.com"
}
]
}

86
CVE-2024/CVE-2024-94xx/CVE-2024-9498.json Normal file
View File

@ -0,0 +1,86 @@
{
"id": "CVE-2024-9498",
"sourceIdentifier": "product-security@silabs.com",
"published": "2025-01-24T15:15:11.793",
"lastModified": "2025-01-24T15:15:11.793",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "DLL hijacking vulnerabilities, caused by an uncontrolled search path in the\u00a0USBXpress SDK\n\n \n\n\n\n installer can lead to privilege escalation and arbitrary code execution when running the impacted installer."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@silabs.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 6.0
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "product-security@silabs.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
}
],
"references": [
{
"url": "https://community.silabs.com/068Vm00000JUQwd",
"source": "product-security@silabs.com"
}
]
}

86
CVE-2024/CVE-2024-94xx/CVE-2024-9499.json Normal file
View File

@ -0,0 +1,86 @@
{
"id": "CVE-2024-9499",
"sourceIdentifier": "product-security@silabs.com",
"published": "2025-01-24T15:15:11.967",
"lastModified": "2025-01-24T15:15:11.967",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "DLL hijacking vulnerabilities, caused by an uncontrolled search path in the\u00a0USBXpress Win 98SE Dev Kit\u00a0installer can lead to privilege escalation and arbitrary code execution when running the impacted installer."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@silabs.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 6.0
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "product-security@silabs.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
}
],
"references": [
{
"url": "https://community.silabs.com/068Vm00000JUQwd",
"source": "product-security@silabs.com"
}
]
}

141
CVE-2025/CVE-2025-06xx/CVE-2025-0697.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2025-0697",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-01-24T15:15:12.130",
"lastModified": "2025-01-24T15:15:12.130",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, was found in Telstra Smart Modem Gen 2 up to 20250115. This affects an unknown part of the component HTTP Header Handler. The manipulation of the argument Content-Disposition leads to injection. It is possible to initiate the attack remotely. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "NONE",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"baseScore": 5.0,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-707"
}
]
}
],
"references": [
{
"url": "https://github.com/bloodbile/Telstra-RHI",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.293223",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.293223",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.480045",
"source": "cna@vuldb.com"
}
]
}

145
CVE-2025/CVE-2025-06xx/CVE-2025-0698.json Normal file
View File

@ -0,0 +1,145 @@
{
"id": "CVE-2025-0698",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-01-24T16:15:37.717",
"lastModified": "2025-01-24T16:15:37.717",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in JoeyBling bootplus up to 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d. It has been classified as critical. Affected is an unknown function of the file /admin/sys/menu/list. The manipulation of the argument sort/order leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseScore": 6.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/JoeyBling/bootplus/issues/19",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/JoeyBling/bootplus/issues/19#issue-2786879797",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.293226",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.293226",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.480827",
"source": "cna@vuldb.com"
}
]
}

Some files were not shown because too many files have changed in this diff Show More