admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-21 17:41:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-01-30T19:00:35.932541+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-01-30 19:04:03 +00:00
parent ce19d2a50d
commit c1f0896f08
84 changed files with 4965 additions and 482 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
CVE-2017/CVE-2017-111xx/CVE-2017-11197.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2017-11197",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-03T20:15:09.083",
"lastModified": "2024-11-21T03:07:18.827",
"lastModified": "2025-01-30T18:15:26.697",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},

32
CVE-2020/CVE-2020-224xx/CVE-2020-22429.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-22429",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-03T20:15:09.780",
"lastModified": "2024-11-21T05:13:16.593",
"lastModified": "2025-01-30T18:15:27.603",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-416"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [

22
CVE-2022/CVE-2022-316xx/CVE-2022-31643.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-31643",
"sourceIdentifier": "hp-security-alert@hp.com",
"published": "2023-04-28T16:15:09.640",
"lastModified": "2024-11-21T07:05:00.397",
"lastModified": "2025-01-30T17:15:10.763",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},

32
CVE-2022/CVE-2022-358xx/CVE-2022-35898.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-35898",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-01T20:15:14.463",
"lastModified": "2024-11-21T07:11:54.387",
"lastModified": "2025-01-30T17:15:11.687",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-287"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-295"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-403xx/CVE-2022-40302.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-40302",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-03T12:16:27.423",
"lastModified": "2024-11-21T07:21:15.930",
"lastModified": "2025-01-30T17:15:11.930",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-125"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-484xx/CVE-2022-48483.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-48483",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-02T05:15:28.057",
"lastModified": "2024-11-21T07:33:25.313",
"lastModified": "2025-01-30T17:15:12.333",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-22"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [

8
CVE-2023/CVE-2023-24xx/CVE-2023-2428.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-2428",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-04-30T01:15:09.493",
"lastModified": "2024-11-21T07:58:36.097",
"lastModified": "2025-01-30T17:15:15.810",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -60,7 +60,7 @@
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -115,6 +115,10 @@
"tags": [
"Permissions Required"
]
},
{
"url": "https://huntr.com/bounties/cee65b6d-b003-4e6a-9d14-89aa94bee43e",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

8
CVE-2023/CVE-2023-24xx/CVE-2023-2429.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-2429",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-04-30T03:15:08.750",
"lastModified": "2024-11-21T07:58:36.217",
"lastModified": "2025-01-30T17:15:15.950",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -60,7 +60,7 @@
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -115,6 +115,10 @@
"tags": [
"Permissions Required"
]
},
{
"url": "https://huntr.com/bounties/20d3a0b3-2693-4bf1-b196-10741201a540",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

32
CVE-2023/CVE-2023-24xx/CVE-2023-2445.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-2445",
"sourceIdentifier": "security@devolutions.net",
"published": "2023-05-02T14:15:09.207",
"lastModified": "2024-11-21T07:58:37.847",
"lastModified": "2025-01-30T17:15:16.080",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "NVD-CWE-Other"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-346"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-260xx/CVE-2023-26089.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-26089",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-02T20:15:10.707",
"lastModified": "2024-11-21T07:50:45.270",
"lastModified": "2025-01-30T17:15:12.933",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-798"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-798"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-265xx/CVE-2023-26546.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-26546",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-02T20:15:10.757",
"lastModified": "2024-11-21T07:51:43.327",
"lastModified": "2025-01-30T17:15:13.160",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "NVD-CWE-Other"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"configurations": [

22
CVE-2023/CVE-2023-269xx/CVE-2023-26987.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-26987",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-01T22:15:09.483",
"lastModified": "2024-11-21T07:52:09.637",
"lastModified": "2025-01-30T17:15:13.323",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},

32
CVE-2023/CVE-2023-270xx/CVE-2023-27035.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-27035",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-01T22:15:09.547",
"lastModified": "2024-11-21T07:52:12.960",
"lastModified": "2025-01-30T17:15:13.507",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -52,6 +52,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -65,6 +85,16 @@
"value": "CWE-276"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
}
],
"configurations": [

22
CVE-2023/CVE-2023-271xx/CVE-2023-27108.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-27108",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-01T22:15:09.617",
"lastModified": "2024-11-21T07:52:20.257",
"lastModified": "2025-01-30T17:15:13.723",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},

12
CVE-2023/CVE-2023-278xx/CVE-2023-27892.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-27892",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-02T21:15:09.337",
"lastModified": "2024-11-21T07:53:38.733",
"lastModified": "2025-01-30T17:15:13.877",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -65,6 +65,16 @@
"value": "CWE-125"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [

78
CVE-2023/CVE-2023-290xx/CVE-2023-29080.json Normal file
View File

@ -0,0 +1,78 @@
{
"id": "CVE-2023-29080",
"sourceIdentifier": "PSIRT-CNA@flexerasoftware.com",
"published": "2025-01-30T18:15:28.437",
"lastModified": "2025-01-30T18:15:28.437",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Potential privilege escalation vulnerability in Revenera InstallShield versions 2022 R2 and 2021 R2\u00a0due to adding\u00a0InstallScript custom action to a Basic MSI or InstallScript MSI project extracting few binaries to a predefined writable folder during installation time. The standard user account has write access to these files and folders, hence replacing them during installation time can lead to a DLL hijacking vulnerability."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "PSIRT-CNA@flexerasoftware.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "HIGH",
"vulnerableSystemIntegrity": "HIGH",
"vulnerableSystemAvailability": "HIGH",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "PSIRT-CNA@flexerasoftware.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-552"
}
]
}
],
"references": [
{
"url": "https://community.revenera.com/s/article/cve-2023-29080-security-patch-for-the-possible-privileged-escalation-scenarios-identified-in-installshield-nbsp",
"source": "PSIRT-CNA@flexerasoftware.com"
}
]
}

32
CVE-2023/CVE-2023-296xx/CVE-2023-29635.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-29635",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-01T16:15:11.240",
"lastModified": "2024-11-21T07:57:21.540",
"lastModified": "2025-01-30T17:15:14.053",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-434"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-296xx/CVE-2023-29636.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-29636",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-01T16:15:11.377",
"lastModified": "2024-11-21T07:57:21.680",
"lastModified": "2025-01-30T17:15:14.333",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-296xx/CVE-2023-29637.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-29637",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-01T16:15:11.433",
"lastModified": "2024-11-21T07:57:21.827",
"lastModified": "2025-01-30T17:15:14.483",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-296xx/CVE-2023-29638.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-29638",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-01T16:15:11.483",
"lastModified": "2024-11-21T07:57:21.963",
"lastModified": "2025-01-30T17:15:14.640",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-297xx/CVE-2023-29772.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-29772",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-02T13:15:24.957",
"lastModified": "2024-11-21T07:57:30.257",
"lastModified": "2025-01-30T17:15:14.800",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.1,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.1,
"impactScore": 2.7
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-297xx/CVE-2023-29778.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-29778",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-02T20:15:10.813",
"lastModified": "2024-11-21T07:57:30.547",
"lastModified": "2025-01-30T17:15:14.973",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-78"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-298xx/CVE-2023-29839.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-29839",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-03T03:15:08.137",
"lastModified": "2024-11-21T07:57:34.210",
"lastModified": "2025-01-30T18:15:29.010",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-298xx/CVE-2023-29867.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-29867",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-02T16:15:08.923",
"lastModified": "2024-11-21T07:57:36.250",
"lastModified": "2025-01-30T17:15:15.140",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-346"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-298xx/CVE-2023-29868.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-29868",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-02T16:15:08.977",
"lastModified": "2024-11-21T07:57:36.387",
"lastModified": "2025-01-30T17:15:15.297",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-346"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-299xx/CVE-2023-29918.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-29918",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-02T16:15:09.027",
"lastModified": "2024-11-21T07:57:38.590",
"lastModified": "2025-01-30T17:15:15.450",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-1236"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1236"
}
]
}
],
"configurations": [

22
CVE-2023/CVE-2023-300xx/CVE-2023-30061.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-30061",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-01T14:15:09.550",
"lastModified": "2024-11-21T07:59:45.550",
"lastModified": "2025-01-30T18:15:29.740",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},

22
CVE-2023/CVE-2023-300xx/CVE-2023-30063.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-30063",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-01T14:15:09.593",
"lastModified": "2024-11-21T07:59:45.707",
"lastModified": "2025-01-30T18:15:30.587",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},

32
CVE-2023/CVE-2023-304xx/CVE-2023-30403.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-30403",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-02T20:15:10.880",
"lastModified": "2024-11-21T08:00:07.907",
"lastModified": "2025-01-30T17:15:16.387",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-613"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-613"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-307xx/CVE-2023-30792.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-30792",
"sourceIdentifier": "cve-assign@fb.com",
"published": "2023-04-29T03:15:08.347",
"lastModified": "2024-11-21T08:00:54.883",
"lastModified": "2025-01-30T17:15:16.647",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-314xx/CVE-2023-31433.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-31433",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-02T20:15:11.080",
"lastModified": "2024-11-21T08:01:51.163",
"lastModified": "2025-01-30T17:15:17.030",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-314xx/CVE-2023-31434.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-31434",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-02T20:15:11.133",
"lastModified": "2024-11-21T08:01:51.303",
"lastModified": "2025-01-30T17:15:17.187",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

33
CVE-2024/CVE-2024-103xx/CVE-2024-10309.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-10309",
"sourceIdentifier": "contact@wpscan.com",
"published": "2025-01-30T06:15:28.827",
"lastModified": "2025-01-30T06:15:28.827",
"vulnStatus": "Received",
"lastModified": "2025-01-30T17:15:17.370",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -11,11 +11,38 @@
"value": "The Tracking Code Manager WordPress plugin before 2.4.0 does not sanitise and escape some of its metabox settings when outputing them in the page, which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"references": [
{
"url": "https://wpscan.com/vulnerability/9eb21250-34bd-4600-a0a5-7c5117f69f04/",
"source": "contact@wpscan.com"
},
{
"url": "https://wpscan.com/vulnerability/9eb21250-34bd-4600-a0a5-7c5117f69f04/",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

56
CVE-2024/CVE-2024-111xx/CVE-2024-11135.json
View File

@ -2,19 +2,43 @@
"id": "CVE-2024-11135",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-28T05:15:09.960",
"lastModified": "2025-01-28T05:15:09.960",
"vulnStatus": "Received",
"lastModified": "2025-01-30T18:03:45.843",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Eventer plugin for WordPress is vulnerable to SQL Injection via the 'event' parameter in the 'eventer_get_attendees' function in all versions up to, and including, 3.9.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."
},
{
"lang": "es",
"value": "El complemento Eventer para WordPress es vulnerable a la inyecci\u00f3n SQL a trav\u00e9s del par\u00e1metro 'event' en la funci\u00f3n 'eventer_get_attendees' en todas las versiones hasta la 3.9.8 y incluida, debido a un escape insuficiente en el par\u00e1metro proporcionado por el usuario y a la falta de preparaci\u00f3n suficiente en la consulta SQL existente. Esto hace posible que atacantes no autenticados agreguen consultas SQL adicionales a consultas ya existentes que se pueden usar para extraer informaci\u00f3n confidencial de la base de datos."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -47,14 +71,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jyothisjoy:eventer:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.9.9",
"matchCriteriaId": "4F64016C-DEA9-4B26-90CD-506797B38B15"
}
]
}
]
}
],
"references": [
{
"url": "https://codecanyon.net/item/eventer-wordpress-event-manager-plugin/20972534",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a8dc0712-f78e-46c5-a0d1-2db752498d54?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

4
CVE-2024/CVE-2024-120xx/CVE-2024-12085.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-12085",
"sourceIdentifier": "secalert@redhat.com",
"published": "2025-01-14T18:15:25.123",
"lastModified": "2025-01-29T11:15:08.320",
"lastModified": "2025-01-30T17:15:17.527",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the rsync daemon which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time."
"value": "A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time."
},
{
"lang": "es",

36
CVE-2024/CVE-2024-134xx/CVE-2024-13448.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-13448",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-28T07:15:06.967",
"lastModified": "2025-01-28T07:15:06.967",
"vulnStatus": "Received",
"lastModified": "2025-01-30T18:01:07.080",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ThemeREX Addons plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'trx_addons_uploads_save_data' function in all versions up to, and including, 2.32.3. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible."
},
{
"lang": "es",
"value": "El complemento ThemeREX Addons para WordPress es vulnerable a la carga de archivos arbitrarios debido a la falta de validaci\u00f3n del tipo de archivo en la funci\u00f3n 'trx_addons_uploads_save_data' en todas las versiones hasta la 2.32.3 y incluida. Esto hace posible que atacantes no autenticados carguen archivos arbitrarios en el servidor del sitio afectado, lo que puede hacer posible la ejecuci\u00f3n remota de c\u00f3digo."
}
],
"metrics": {
@ -47,14 +51,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:themerex:addons:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.34.0",
"matchCriteriaId": "82B2408F-6C71-4B96-BB7C-14425C2F5310"
}
]
}
]
}
],
"references": [
{
"url": "https://themeforest.net/item/qwery-multipurpose-business-wordpress-theme/29678687",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7c1372bd-821d-439c-9b11-dfa5f08dd0dd?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

68
CVE-2024/CVE-2024-135xx/CVE-2024-13509.json
View File

@ -2,20 +2,24 @@
"id": "CVE-2024-13509",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-28T07:15:08.620",
"lastModified": "2025-01-28T07:15:08.620",
"vulnStatus": "Received",
"lastModified": "2025-01-30T17:56:17.080",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The WS Form LITE \u2013 Drag & Drop Contact Form Builder for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the url parameter in all versions up to, and including, 1.10.13 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. NOTE: This vulnerability is partially fixed in 1.10.13 and completely fixed in 1.10.14."
},
{
"lang": "es",
"value": "El complemento WS Form LITE \u2013 Drag & Drop Contact Form Builder for WordPress para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s del par\u00e1metro url en todas las versiones hasta la 1.10.13 y incluida, debido a un escape de entrada desinfecci\u00f3n y de salida insuficiente. Esto permite que atacantes no autenticados inyecten scripts web arbitraria en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada. NOTA: Esta vulnerabilidad se solucion\u00f3 parcialmente en la versi\u00f3n 1.10.13 y se solucion\u00f3 por completo en la versi\u00f3n 1.10.14."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
@ -32,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
@ -47,22 +71,52 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:westguardsolutions:ws_form:*:*:*:*:lite:wordpress:*:*",
"versionEndExcluding": "1.10.14",
"matchCriteriaId": "0E378E67-3E79-4FD5-9366-26D18A3150DE"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3225862/ws-form",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3226595/ws-form",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://wsform.com/changelog/?utm_source=wp_plugins&utm_medium=readme",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/910d9b31-b63a-427e-830b-a4c6a7e77ade?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

58
CVE-2024/CVE-2024-135xx/CVE-2024-13521.json
View File

@ -2,20 +2,24 @@
"id": "CVE-2024-13521",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-28T08:15:29.583",
"lastModified": "2025-01-28T08:15:29.583",
"vulnStatus": "Received",
"lastModified": "2025-01-30T17:41:52.897",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The MailUp Auto Subscription plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.0. This is due to missing or incorrect nonce validation on the mas_options function. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
},
{
"lang": "es",
"value": "El complemento MailUp Auto Subscription para WordPress es vulnerable a Cross-Site Request Forgery en todas las versiones hasta la 1.1.0 y incluida. Esto se debe a una validaci\u00f3n de nonce incorrecta o faltante en la funci\u00f3n mas_options. Esto hace posible que atacantes no autenticados actualicen configuraciones e inyecten contenido web malicioso scripts a trav\u00e9s de una solicitud falsificada, siempre que puedan enga\u00f1ar al administrador del sitio para que realice una acci\u00f3n como hacer clic en un enlace."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
@ -32,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
@ -47,14 +71,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ilghera:mailup_auto_subscription:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.2.0",
"matchCriteriaId": "B3DAC158-ABF6-42B2-8549-F8019A84A453"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3060078%40mailup-auto-subscribtion%2Ftags%2F1.1.0&new=3229728%40mailup-auto-subscribtion%2Ftags%2F1.2.0",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9ee9b2e9-e3fe-43b2-9caf-7246a4201fe9?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

58
CVE-2024/CVE-2024-135xx/CVE-2024-13527.json
View File

@ -2,20 +2,24 @@
"id": "CVE-2024-13527",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-28T09:15:08.287",
"lastModified": "2025-01-28T09:15:08.287",
"vulnStatus": "Received",
"lastModified": "2025-01-30T17:18:29.943",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Philantro \u2013 Donations and Donor Management plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes like 'donate' in all versions up to, and including, 5.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
},
{
"lang": "es",
"value": "El complemento Philantro \u2013 Donations and Donor Management para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s de los c\u00f3digos cortos del complemento como 'donate' en todas las versiones hasta incluida, 5.3 debido a la falta de entrada desinfecci\u00f3n y la salida que se escapa en los atributos proporcionados por el usuario. Esto hace posible que los atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten scripts web arbitraria en las p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
@ -32,6 +36,26 @@
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -47,14 +71,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:philantro:philantro:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "5.4",
"matchCriteriaId": "2C3182DF-2F6F-4D0A-9D94-C9733A0C1225"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3224699",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/be3c8800-cbef-4d85-a1f3-b5c70ba955b5?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

32
CVE-2024/CVE-2024-137xx/CVE-2024-13715.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-13715",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-30T14:15:36.513",
"lastModified": "2025-01-30T14:15:36.513",
"vulnStatus": "Received",
"lastModified": "2025-01-30T18:53:45.883",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -47,14 +47,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ikjweb:zstore_manager_basic:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.311",
"matchCriteriaId": "A39E1421-FC4F-4D0A-8DFF-664134B1FE58"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/zstore-manager-basic/trunk/zstore-manager.php#L441",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/974ffc87-369a-431e-b601-8c6679d963c3?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

66
CVE-2024/CVE-2024-137xx/CVE-2024-13720.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-13720",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-30T14:15:36.660",
"lastModified": "2025-01-30T14:15:36.660",
"vulnStatus": "Received",
"lastModified": "2025-01-30T18:44:43.053",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,7 +15,7 @@
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
@ -32,29 +32,83 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanm:wp_image_uploader:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.0.1",
"matchCriteriaId": "67476A33-0B3D-45A2-897A-09212AA11AE5"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/wp-image-uploader/trunk/index.php#L85",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4af41f69-1335-4199-bf29-c9699de50a16?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

37
CVE-2024/CVE-2024-137xx/CVE-2024-13742.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-13742",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-30T14:15:36.810",
"lastModified": "2025-01-30T14:15:36.810",
"vulnStatus": "Received",
"lastModified": "2025-01-30T18:38:19.663",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -47,18 +47,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:icontrolwp:icontrolwp:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "4.4.5",
"matchCriteriaId": "D9F92029-3A48-4F5A-9076-6CC5D888052A"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/worpit-admin-dashboard-plugin/tags/4.4.5/lib/src/LegacyApi/RequestParameters.php#L42",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/worpit-admin-dashboard-plugin/tags/4.4.5/src/api/RequestParameters.php#L14",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6f25b0cc-60ec-49a0-8356-fd3fba97e987?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

82
CVE-2024/CVE-2024-26xx/CVE-2024-2658.json Normal file
View File

@ -0,0 +1,82 @@
{
"id": "CVE-2024-2658",
"sourceIdentifier": "PSIRT-CNA@flexerasoftware.com",
"published": "2025-01-30T17:15:17.670",
"lastModified": "2025-01-30T17:15:17.670",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A misconfiguration in lmadmin.exe of FlexNet Publisher versions prior to\u00a02024 R1 (11.19.6.0) allows the OpenSSL configuration file to load from a non-existent directory. An unauthorized, locally authenticated user with low privileges can potentially create the directory and load a specially crafted openssl.conf file leading to the execution of a malicious DLL (Dynamic-Link Library) with elevated privileges."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "PSIRT-CNA@flexerasoftware.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "HIGH",
"vulnerableSystemIntegrity": "HIGH",
"vulnerableSystemAvailability": "HIGH",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "PSIRT-CNA@flexerasoftware.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
}
],
"references": [
{
"url": "https://community.flexera.com/s/article/cve-2024-2658-flexnet-publisher-potential-local-privilege-escalation-issue",
"source": "PSIRT-CNA@flexerasoftware.com"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-359/",
"source": "PSIRT-CNA@flexerasoftware.com"
}
]
}

45
CVE-2024/CVE-2024-511xx/CVE-2024-51182.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2024-51182",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-29T22:15:29.530",
"lastModified": "2025-01-29T22:15:29.530",
"vulnStatus": "Received",
"lastModified": "2025-01-30T17:15:17.810",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HTML Injection vulnerability in Celk Sistemas Celk Saude v.3.1.252.1 allows a remote attacker to inject arbitrary HTML code via the \"erro\" parameter."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n HTML en Celk Sistemas Celk Saude v.3.1.252.1 permite a un atacante remoto inyectar c\u00f3digo HTML arbitrario a trav\u00e9s del par\u00e1metro \"erro\"."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/gabriel-bri/vulnerability-research/tree/main/CVE-2024-51182",

121
CVE-2024/CVE-2024-544xx/CVE-2024-54488.json
View File

@ -2,36 +2,141 @@
"id": "CVE-2024-54488",
"sourceIdentifier": "product-security@apple.com",
"published": "2025-01-27T22:15:12.480",
"lastModified": "2025-01-27T22:15:12.480",
"vulnStatus": "Received",
"lastModified": "2025-01-30T17:04:33.247",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A logic issue was addressed with improved file handling. This issue is fixed in macOS Ventura 13.7.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sonoma 14.7.2, macOS Sequoia 15.2. Photos in the Hidden Photos Album may be viewed without authentication."
},
{
"lang": "es",
"value": "Se solucion\u00f3 un problema de l\u00f3gica mejorando la gesti\u00f3n de archivos. Este problema se solucion\u00f3 en macOS Ventura 13.7.2, iOS 18.2 y iPadOS 18.2, iPadOS 17.7.3, macOS Sonoma 14.7.2 y macOS Sequoia 15.2. Las fotos del \u00c1lbum de fotos ocultas se pueden ver sin autenticaci\u00f3n."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.7.3",
"matchCriteriaId": "03B2CC01-9482-433A-A0D3-076683F4B012"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartIncluding": "18.0",
"versionEndExcluding": "18.2",
"matchCriteriaId": "DF72B8B5-0A02-4875-89EF-10D28FADB9CE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.2",
"matchCriteriaId": "02BF92BD-305C-46CA-8A77-C247AF8B1BC0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.7.2",
"matchCriteriaId": "0E37694D-5783-4112-B372-5915C231512F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.7.2",
"matchCriteriaId": "617CA14A-5EA4-4112-A564-DB1A5109A066"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0",
"versionEndExcluding": "15.2",
"matchCriteriaId": "A29E5D37-B333-4B43-9E4A-012CDD2C406D"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/121837",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/121838",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/121839",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/121840",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/121842",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
}
]
}

154
CVE-2024/CVE-2024-544xx/CVE-2024-54497.json
View File

@ -2,48 +2,180 @@
"id": "CVE-2024-54497",
"sourceIdentifier": "product-security@apple.com",
"published": "2025-01-27T22:15:12.583",
"lastModified": "2025-01-27T22:15:12.583",
"vulnStatus": "Received",
"lastModified": "2025-01-30T17:11:22.723",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Ventura 13.7.3, macOS Sonoma 14.7.3, visionOS 2.2, tvOS 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2. Processing web content may lead to a denial-of-service."
},
{
"lang": "es",
"value": "El problema se solucion\u00f3 con comprobaciones mejoradas. Este problema se solucion\u00f3 en iPadOS 17.7.4, macOS Ventura 13.7.3, macOS Sonoma 14.7.3, visionOS 2.2, tvOS 18.2, watchOS 11.2, iOS 18.2 y iPadOS 18.2, macOS Sequoia 15.2. El procesamiento de contenido web puede provocar una denegaci\u00f3n de servicio."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.7.4",
"matchCriteriaId": "27995710-C1F5-4919-8168-E2B59D7F698C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartIncluding": "18.0",
"versionEndExcluding": "18.2",
"matchCriteriaId": "DF72B8B5-0A02-4875-89EF-10D28FADB9CE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.2",
"matchCriteriaId": "02BF92BD-305C-46CA-8A77-C247AF8B1BC0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.7.3",
"matchCriteriaId": "A12642CB-69CC-4C6E-A2C2-CA8AE736EE88"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndIncluding": "14.7.3",
"matchCriteriaId": "CFCE0F1B-74C9-42E5-9733-D1A4EEBCD190"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0",
"versionEndExcluding": "15.2",
"matchCriteriaId": "A29E5D37-B333-4B43-9E4A-012CDD2C406D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.2",
"matchCriteriaId": "3B719BB6-424F-4612-8809-0DF25022C29C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2",
"matchCriteriaId": "16F83EAF-2879-4515-BC44-6AE5006D35EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.2",
"matchCriteriaId": "8C446885-2BC5-454D-88A1-146B17C051C3"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/121837",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/121839",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/121843",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/121844",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/121845",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/122067",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/122069",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/122070",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
}
]
}

85
CVE-2024/CVE-2024-545xx/CVE-2024-54509.json
View File

@ -2,28 +2,101 @@
"id": "CVE-2024-54509",
"sourceIdentifier": "product-security@apple.com",
"published": "2025-01-27T22:15:12.867",
"lastModified": "2025-01-27T22:15:12.867",
"vulnStatus": "Received",
"lastModified": "2025-01-30T17:13:07.337",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.7.2, macOS Sequoia 15.2, macOS Sonoma 14.7.3. An app may be able to cause unexpected system termination or write kernel memory."
},
{
"lang": "es",
"value": "Se solucion\u00f3 un problema de escritura fuera de los l\u00edmites con una validaci\u00f3n de entrada mejorada. Este problema se solucion\u00f3 en macOS Sonoma 14.7.2, macOS Sequoia 15.2, macOS Sonoma 14.7.3. Es posible que una aplicaci\u00f3n pueda provocar una terminaci\u00f3n inesperada de sistema o escribir en la memoria del kernel."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.7.2",
"matchCriteriaId": "FDA872B0-E74D-48A7-ADAE-EA2701F97007"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0",
"versionEndExcluding": "15.2",
"matchCriteriaId": "A29E5D37-B333-4B43-9E4A-012CDD2C406D"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/121839",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/121840",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/122069",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
}
]
}

85
CVE-2024/CVE-2024-545xx/CVE-2024-54512.json
View File

@ -2,24 +2,99 @@
"id": "CVE-2024-54512",
"sourceIdentifier": "product-security@apple.com",
"published": "2025-01-27T22:15:12.973",
"lastModified": "2025-01-27T22:15:12.973",
"vulnStatus": "Received",
"lastModified": "2025-01-30T17:20:59.090",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed by removing the relevant flags. This issue is fixed in watchOS 11.2, iOS 18.2 and iPadOS 18.2. A system binary could be used to fingerprint a user's Apple Account."
},
{
"lang": "es",
"value": "El problema se solucion\u00f3 eliminando las banderas pertinentes. Este problema se solucion\u00f3 en watchOS 11.2, iOS 18.2 y iPadOS 18.2. Se pod\u00eda usar un binario sistema para tomar la huella digital de la cuenta Apple de un usuario."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.2",
"matchCriteriaId": "61B67D76-E2DA-46D7-9E43-4E18D542AA57"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.2",
"matchCriteriaId": "02BF92BD-305C-46CA-8A77-C247AF8B1BC0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.2",
"matchCriteriaId": "8C446885-2BC5-454D-88A1-146B17C051C3"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/121837",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/121843",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
}
]
}

80
CVE-2024/CVE-2024-545xx/CVE-2024-54516.json
View File

@ -2,24 +2,94 @@
"id": "CVE-2024-54516",
"sourceIdentifier": "product-security@apple.com",
"published": "2025-01-27T22:15:13.063",
"lastModified": "2025-01-27T22:15:13.063",
"vulnStatus": "Received",
"lastModified": "2025-01-30T17:22:13.633",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.7.2, macOS Sequoia 15.2. An app may be able to approve a launch daemon without user consent."
},
{
"lang": "es",
"value": "Se solucion\u00f3 un problema de permisos con restricciones adicionales. Este problema se solucion\u00f3 en macOS Sonoma 14.7.2 y macOS Sequoia 15.2. Es posible que una aplicaci\u00f3n pueda aprobar el inicio de daemon sin el consentimiento del usuario."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 3.3,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.7.2",
"matchCriteriaId": "FDA872B0-E74D-48A7-ADAE-EA2701F97007"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0",
"versionEndExcluding": "15.2",
"matchCriteriaId": "A29E5D37-B333-4B43-9E4A-012CDD2C406D"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/121839",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/121840",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
}
]
}

107
CVE-2024/CVE-2024-545xx/CVE-2024-54517.json
View File

@ -2,32 +2,125 @@
"id": "CVE-2024-54517",
"sourceIdentifier": "product-security@apple.com",
"published": "2025-01-27T22:15:13.160",
"lastModified": "2025-01-27T22:15:13.160",
"vulnStatus": "Received",
"lastModified": "2025-01-30T17:24:16.470",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.2, watchOS 11.2, tvOS 18.2, iOS 18.2 and iPadOS 18.2. An app may be able to corrupt coprocessor memory."
},
{
"lang": "es",
"value": "El problema se solucion\u00f3 con comprobaciones de los l\u00edmites mejoradas. Este problema se solucion\u00f3 en macOS Sequoia 15.2, watchOS 11.2, tvOS 18.2, iOS 18.2 y iPadOS 18.2. Es posible que una aplicaci\u00f3n pueda da\u00f1ar la memoria del coprocesador."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.2",
"matchCriteriaId": "61B67D76-E2DA-46D7-9E43-4E18D542AA57"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.2",
"matchCriteriaId": "02BF92BD-305C-46CA-8A77-C247AF8B1BC0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.2",
"matchCriteriaId": "3750AD63-B023-44CE-B44D-A90F98E3A8C0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.2",
"matchCriteriaId": "3B719BB6-424F-4612-8809-0DF25022C29C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.2",
"matchCriteriaId": "8C446885-2BC5-454D-88A1-146B17C051C3"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/121837",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/121839",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/121843",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/121844",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
}
]
}

107
CVE-2024/CVE-2024-545xx/CVE-2024-54522.json
View File

@ -2,32 +2,125 @@
"id": "CVE-2024-54522",
"sourceIdentifier": "product-security@apple.com",
"published": "2025-01-27T22:15:13.560",
"lastModified": "2025-01-27T22:15:13.560",
"vulnStatus": "Received",
"lastModified": "2025-01-30T17:26:15.263",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.2, watchOS 11.2, tvOS 18.2, iOS 18.2 and iPadOS 18.2. An app may be able to corrupt coprocessor memory."
},
{
"lang": "es",
"value": "El problema se solucion\u00f3 con comprobaciones de los l\u00edmites mejoradas. Este problema se solucion\u00f3 en macOS Sequoia 15.2, watchOS 11.2, tvOS 18.2, iOS 18.2 y iPadOS 18.2. Es posible que una aplicaci\u00f3n pueda da\u00f1ar la memoria del coprocesador."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.2",
"matchCriteriaId": "61B67D76-E2DA-46D7-9E43-4E18D542AA57"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.2",
"matchCriteriaId": "02BF92BD-305C-46CA-8A77-C247AF8B1BC0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.2",
"matchCriteriaId": "3750AD63-B023-44CE-B44D-A90F98E3A8C0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.2",
"matchCriteriaId": "3B719BB6-424F-4612-8809-0DF25022C29C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.2",
"matchCriteriaId": "8C446885-2BC5-454D-88A1-146B17C051C3"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/121837",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/121839",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/121843",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/121844",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
}
]
}

68
CVE-2024/CVE-2024-545xx/CVE-2024-54536.json
View File

@ -2,20 +2,80 @@
"id": "CVE-2024-54536",
"sourceIdentifier": "product-security@apple.com",
"published": "2025-01-27T22:15:13.853",
"lastModified": "2025-01-27T22:15:13.853",
"vulnStatus": "Received",
"lastModified": "2025-01-30T17:30:01.897",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved validation of environment variables. This issue is fixed in macOS Sequoia 15.2. An app may be able to edit NVRAM variables."
},
{
"lang": "es",
"value": "El problema se solucion\u00f3 con una validaci\u00f3n mejorada de las variables del entorno. Este problema se solucion\u00f3 en macOS Sequoia 15.2. Es posible que una aplicaci\u00f3n pueda editar las variables NVRAM."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.2",
"matchCriteriaId": "3750AD63-B023-44CE-B44D-A90F98E3A8C0"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/121839",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
}
]
}

142
CVE-2024/CVE-2024-545xx/CVE-2024-54541.json
View File

@ -2,44 +2,166 @@
"id": "CVE-2024-54541",
"sourceIdentifier": "product-security@apple.com",
"published": "2025-01-27T22:15:14.117",
"lastModified": "2025-01-27T22:15:14.117",
"vulnStatus": "Received",
"lastModified": "2025-01-30T17:31:31.880",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "This issue was addressed through improved state management. This issue is fixed in macOS Ventura 13.7.2, visionOS 2.2, tvOS 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, macOS Sonoma 14.7.2, macOS Sequoia 15.2. An app may be able to access user-sensitive data."
},
{
"lang": "es",
"value": "Este problema se solucion\u00f3 mediante con una mejor gesti\u00f3n del estado. Este problema se solucion\u00f3 en macOS Ventura 13.7.2, visionOS 2.2, tvOS 18.2, watchOS 11.2, iOS 18.2 y iPadOS 18.2, macOS Sonoma 14.7.2 y macOS Sequoia 15.2. Es posible que una aplicaci\u00f3n pueda acceder a datos confidenciales del usuario."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.2",
"matchCriteriaId": "61B67D76-E2DA-46D7-9E43-4E18D542AA57"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.2",
"matchCriteriaId": "02BF92BD-305C-46CA-8A77-C247AF8B1BC0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.7.2",
"matchCriteriaId": "0E37694D-5783-4112-B372-5915C231512F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.7.2",
"matchCriteriaId": "617CA14A-5EA4-4112-A564-DB1A5109A066"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0",
"versionEndExcluding": "15.2",
"matchCriteriaId": "A29E5D37-B333-4B43-9E4A-012CDD2C406D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.2",
"matchCriteriaId": "3B719BB6-424F-4612-8809-0DF25022C29C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2",
"matchCriteriaId": "16F83EAF-2879-4515-BC44-6AE5006D35EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.2",
"matchCriteriaId": "8C446885-2BC5-454D-88A1-146B17C051C3"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/121837",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/121839",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/121840",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/121842",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/121843",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/121844",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/121845",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
}
]
}

135
CVE-2024/CVE-2024-545xx/CVE-2024-54543.json
View File

@ -2,40 +2,157 @@
"id": "CVE-2024-54543",
"sourceIdentifier": "product-security@apple.com",
"published": "2025-01-27T22:15:14.307",
"lastModified": "2025-01-27T22:15:14.307",
"vulnStatus": "Received",
"lastModified": "2025-01-30T18:13:45.400",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.2, tvOS 18.2, Safari 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2. Processing maliciously crafted web content may lead to memory corruption."
},
{
"lang": "es",
"value": "El problema se solucion\u00f3 con una gesti\u00f3n de memoria mejorada. Este problema se solucion\u00f3 en visionOS 2.2, tvOS 18.2, Safari 18.2, watchOS 11.2, iOS 18.2 y iPadOS 18.2, macOS Sequoia 15.2. El procesamiento malintencionado de contenido web manipulado puede provocar da\u00f1os en la memoria."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.2",
"matchCriteriaId": "12581F66-E5CF-4B04-A94C-E56DE31D0B62"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.2",
"matchCriteriaId": "61B67D76-E2DA-46D7-9E43-4E18D542AA57"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.2",
"matchCriteriaId": "02BF92BD-305C-46CA-8A77-C247AF8B1BC0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.2",
"matchCriteriaId": "3750AD63-B023-44CE-B44D-A90F98E3A8C0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.2",
"matchCriteriaId": "3B719BB6-424F-4612-8809-0DF25022C29C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2",
"matchCriteriaId": "16F83EAF-2879-4515-BC44-6AE5006D35EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.2",
"matchCriteriaId": "8C446885-2BC5-454D-88A1-146B17C051C3"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/121837",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121839",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121843",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121844",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121845",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121846",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

69
CVE-2024/CVE-2024-545xx/CVE-2024-54549.json
View File

@ -2,20 +2,81 @@
"id": "CVE-2024-54549",
"sourceIdentifier": "product-security@apple.com",
"published": "2025-01-27T22:15:14.490",
"lastModified": "2025-01-27T22:15:14.490",
"vulnStatus": "Received",
"lastModified": "2025-01-30T18:43:26.997",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sequoia 15.2. An app may be able to access user-sensitive data."
},
{
"lang": "es",
"value": "Este problema se solucion\u00f3 con una redacci\u00f3n mejorada de informaci\u00f3n confidencial. Este problema se solucion\u00f3 en macOS Sequoia 15.2. Una aplicaci\u00f3n puede tener acceso a datos confidenciales del usuario."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.2",
"matchCriteriaId": "3750AD63-B023-44CE-B44D-A90F98E3A8C0"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/121839",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

95
CVE-2024/CVE-2024-545xx/CVE-2024-54557.json
View File

@ -2,28 +2,111 @@
"id": "CVE-2024-54557",
"sourceIdentifier": "product-security@apple.com",
"published": "2025-01-27T22:15:14.670",
"lastModified": "2025-01-27T22:15:14.670",
"vulnStatus": "Received",
"lastModified": "2025-01-30T18:19:14.730",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A logic issue was addressed with improved restrictions. This issue is fixed in macOS Sonoma 14.7.2, macOS Sequoia 15.2, macOS Ventura 13.7.2. An attacker may gain access to protected parts of the file system."
},
{
"lang": "es",
"value": "Se solucion\u00f3 un problema de l\u00f3gica con restricciones mejoradas. Este problema se solucion\u00f3 en macOS Sonoma 14.7.2, macOS Sequoia 15.2 y macOS Ventura 13.7.2. Un atacante puede obtener acceso a partes protegidas del archivo sistema."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.7.2",
"matchCriteriaId": "0E37694D-5783-4112-B372-5915C231512F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.7.2",
"matchCriteriaId": "617CA14A-5EA4-4112-A564-DB1A5109A066"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0",
"versionEndExcluding": "15.2",
"matchCriteriaId": "A29E5D37-B333-4B43-9E4A-012CDD2C406D"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/121839",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121840",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121842",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

45
CVE-2024/CVE-2024-548xx/CVE-2024-54851.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2024-54851",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-01-29T22:15:29.627",
"lastModified": "2025-01-29T22:15:29.627",
"vulnStatus": "Received",
"lastModified": "2025-01-30T17:15:17.957",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Teedy <= 1.12 is vulnerable to Cross Site Request Forgery (CSRF), due to the lack of CSRF protection."
},
{
"lang": "es",
"value": "Teedy &lt;= 1.12 es vulnerable a Cross Site Request Forgery (CSRF), debido a la falta de protecci\u00f3n CSRF."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/Tanguy-Boisset/CVE/blob/master/CVE-2024-54851/README.md",

66
CVE-2024/CVE-2024-84xx/CVE-2024-8494.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-8494",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-30T14:15:36.973",
"lastModified": "2025-01-30T14:15:36.973",
"vulnStatus": "Received",
"lastModified": "2025-01-30T17:12:52.817",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,7 +15,7 @@
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
@ -32,29 +32,83 @@
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:elementor:website_builder:*:*:*:*:pro:wordpress:*:*",
"versionEndExcluding": "3.25.11",
"matchCriteriaId": "94226636-32C7-4683-AF34-6947E7611DF3"
}
]
}
]
}
],
"references": [
{
"url": "https://elementor.com/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/94ada60f-1e20-454e-a9d7-7849be764d81?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

63
CVE-2025/CVE-2025-03xx/CVE-2025-0321.json
View File

@ -2,20 +2,24 @@
"id": "CVE-2025-0321",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-28T08:15:29.810",
"lastModified": "2025-01-28T08:15:29.810",
"vulnStatus": "Received",
"lastModified": "2025-01-30T17:39:45.447",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ElementsKit Pro plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the \u2018url\u2019 parameter in all versions up to, and including, 3.7.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
},
{
"lang": "es",
"value": "El complemento ElementsKit Pro para WordPress es vulnerable a Cross-Site Scripting Almacenado basado en DOM a trav\u00e9s del par\u00e1metro \u2018url\u2019 en todas las versiones hasta la incluida 3.7.8 debido a un escape de entrada desinfecci\u00f3n y salida insuficiente. Esto hace posible que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten scripts web arbitraria en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
@ -32,6 +36,26 @@
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -47,18 +71,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpmet:elementskit:*:*:*:*:pro:wordpress:*:*",
"versionEndExcluding": "3.7.9",
"matchCriteriaId": "5D57D782-4088-4776-88EF-9F00BE21591C"
}
]
}
]
}
],
"references": [
{
"url": "https://wpmet.com/plugin/elementskit/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://wpmet.com/plugin/elementskit/roadmaps/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/204cfe20-9df1-4f6c-a38c-a21b43dde385?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

56
CVE-2025/CVE-2025-03xx/CVE-2025-0367.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-0367",
"sourceIdentifier": "prodsec@splunk.com",
"published": "2025-01-30T17:15:18.097",
"lastModified": "2025-01-30T17:15:18.097",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In versions 3.1.0 and lower of the Splunk Supporting Add-on for Active Directory, also known as SA-ldapsearch, a vulnerable regular expression pattern could lead to a Regular Expression Denial of Service (ReDoS) attack."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "prodsec@splunk.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "prodsec@splunk.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1333"
}
]
}
],
"references": [
{
"url": "https://advisory.splunk.com/advisories/SVD-2025-0103",
"source": "prodsec@splunk.com"
}
]
}

78
CVE-2025/CVE-2025-04xx/CVE-2025-0477.json Normal file
View File

@ -0,0 +1,78 @@
{
"id": "CVE-2025-0477",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2025-01-30T18:15:31.893",
"lastModified": "2025-01-30T18:15:31.893",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An encryption vulnerability exists in all versions prior to V15.00.001 of Rockwell Automation FactoryTalk\u00ae AssetCentre. The vulnerability exists due to a weak encryption methodology and could allow a threat actor to extract passwords belonging to other users of the application."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "HIGH",
"vulnerableSystemIntegrity": "HIGH",
"vulnerableSystemAvailability": "HIGH",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-522"
}
]
}
],
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1721.html",
"source": "PSIRT@rockwellautomation.com"
}
]
}

78
CVE-2025/CVE-2025-04xx/CVE-2025-0497.json Normal file
View File

@ -0,0 +1,78 @@
{
"id": "CVE-2025-0497",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2025-01-30T18:15:32.493",
"lastModified": "2025-01-30T18:15:32.493",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A data exposure vulnerability exists in all versions prior to V15.00.001 of Rockwell Automation FactoryTalk\u00ae AssetCentre. The vulnerability exists due to storing credentials in the configuration file of EventLogAttachmentExtractor, ArchiveExtractor, LogCleanUp, or ArchiveLogCleanUp packages."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "HIGH",
"vulnerableSystemIntegrity": "HIGH",
"vulnerableSystemAvailability": "HIGH",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-522"
}
]
}
],
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1721.html",
"source": "PSIRT@rockwellautomation.com"
}
]
}

78
CVE-2025/CVE-2025-04xx/CVE-2025-0498.json Normal file
View File

@ -0,0 +1,78 @@
{
"id": "CVE-2025-0498",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2025-01-30T18:15:33.253",
"lastModified": "2025-01-30T18:15:33.253",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A data exposure vulnerability exists in all versions prior to V15.00.001 of Rockwell Automation FactoryTalk\u00ae AssetCentre. The vulnerability exists due to insecure storage of FactoryTalk\u00ae Security user tokens, which could allow a threat actor to steal a token and, impersonate another user."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "PASSIVE",
"vulnerableSystemConfidentiality": "HIGH",
"vulnerableSystemIntegrity": "HIGH",
"vulnerableSystemAvailability": "HIGH",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-522"
}
]
}
],
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1721.html",
"source": "PSIRT@rockwellautomation.com"
}
]
}

145
CVE-2025/CVE-2025-08xx/CVE-2025-0873.json Normal file
View File

@ -0,0 +1,145 @@
{
"id": "CVE-2025-0873",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-01-30T17:15:18.293",
"lastModified": "2025-01-30T17:15:18.293",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in itsourcecode Tailoring Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /customeredit.php. The manipulation of the argument id/address/fullname/phonenumber/email/city/comment leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseScore": 6.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/magic2353112890/cve/issues/5",
"source": "cna@vuldb.com"
},
{
"url": "https://itsourcecode.com/",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.294067",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.294067",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.487984",
"source": "cna@vuldb.com"
}
]
}

145
CVE-2025/CVE-2025-08xx/CVE-2025-0874.json Normal file
View File

@ -0,0 +1,145 @@
{
"id": "CVE-2025-0874",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-01-30T18:15:33.753",
"lastModified": "2025-01-30T18:15:33.753",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, has been found in code-projects Simple Plugins Car Rental Management 1.0. Affected by this issue is some unknown functionality of the file /admin/approve.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseScore": 6.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://code-projects.org/",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/magic2353112890/cve/issues/8",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.294068",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.294068",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.488538",
"source": "cna@vuldb.com"
}
]
}

162
CVE-2025/CVE-2025-240xx/CVE-2025-24086.json
View File

@ -2,48 +2,188 @@
"id": "CVE-2025-24086",
"sourceIdentifier": "product-security@apple.com",
"published": "2025-01-27T22:15:15.080",
"lastModified": "2025-01-27T22:15:15.080",
"vulnStatus": "Received",
"lastModified": "2025-01-30T18:18:16.963",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved memory handling. This issue is fixed in iPadOS 17.7.4, macOS Ventura 13.7.3, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Processing an image may lead to a denial-of-service."
},
{
"lang": "es",
"value": "El problema se solucion\u00f3 con una gesti\u00f3n de memoria mejorada. Este problema se solucion\u00f3 en iPadOS 17.7.4, macOS Ventura 13.7.3, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 y iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3 y tvOS 18.3. El procesamiento de una imagen puede provocar una denegaci\u00f3n de servicio."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.7.4",
"matchCriteriaId": "27995710-C1F5-4919-8168-E2B59D7F698C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartIncluding": "18.0",
"versionEndExcluding": "18.3",
"matchCriteriaId": "AD29C5E9-9427-4C41-873F-C29493B892E4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.3",
"matchCriteriaId": "71A94ACA-8143-475F-8A89-8020B86CE80B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.7.3",
"matchCriteriaId": "A12642CB-69CC-4C6E-A2C2-CA8AE736EE88"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.7.3",
"matchCriteriaId": "9C523C7E-B1CF-454B-8AFD-B462C5120D9E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0",
"versionEndExcluding": "15.3",
"matchCriteriaId": "33FE4A81-3E35-4934-ABBB-4531E8E249AF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.3",
"matchCriteriaId": "60C0BA29-0969-4181-B6F1-4606986B18E4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.3",
"matchCriteriaId": "F91BF3D5-D8E5-437C-8301-C9F22AAFB8BD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.3",
"matchCriteriaId": "7A128237-004C-49D7-A559-5BBC38362361"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/122066",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/122067",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/122068",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/122069",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/122070",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/122071",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/122072",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/122073",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

69
CVE-2025/CVE-2025-240xx/CVE-2025-24087.json
View File

@ -2,20 +2,81 @@
"id": "CVE-2025-24087",
"sourceIdentifier": "product-security@apple.com",
"published": "2025-01-27T22:15:15.180",
"lastModified": "2025-01-27T22:15:15.180",
"vulnStatus": "Received",
"lastModified": "2025-01-30T18:17:28.223",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with additional permissions checks. This issue is fixed in macOS Sequoia 15.3. An app may be able to access protected user data."
},
{
"lang": "es",
"value": "El problema se solucion\u00f3 con comprobaciones de permisos adicionales. Este problema se solucion\u00f3 en macOS Sequoia 15.3. Una aplicaci\u00f3n puede tener acceso a datos de usuario protegidos."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-281"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.3",
"matchCriteriaId": "38BA63B3-CC2C-4E63-AE2C-B8DB08B5E89B"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/122068",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

95
CVE-2025/CVE-2025-240xx/CVE-2025-24094.json
View File

@ -2,28 +2,111 @@
"id": "CVE-2025-24094",
"sourceIdentifier": "product-security@apple.com",
"published": "2025-01-27T22:15:15.450",
"lastModified": "2025-01-27T22:15:15.450",
"vulnStatus": "Received",
"lastModified": "2025-01-30T18:17:08.090",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A race condition was addressed with additional validation. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to access user-sensitive data."
},
{
"lang": "es",
"value": "Se solucion\u00f3 una condici\u00f3n ejecuci\u00f3n con una validaci\u00f3n adicional. Este problema se solucion\u00f3 en macOS Ventura 13.7.3, macOS Sequoia 15.3 y macOS Sonoma 14.7.3. Es posible que una aplicaci\u00f3n pueda acceder a datos confidenciales del usuario."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.0,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-362"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.7.3",
"matchCriteriaId": "A12642CB-69CC-4C6E-A2C2-CA8AE736EE88"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.7.3",
"matchCriteriaId": "9C523C7E-B1CF-454B-8AFD-B462C5120D9E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0",
"versionEndExcluding": "15.3",
"matchCriteriaId": "33FE4A81-3E35-4934-ABBB-4531E8E249AF"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/122068",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/122069",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/122070",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

69
CVE-2025/CVE-2025-240xx/CVE-2025-24096.json
View File

@ -2,20 +2,81 @@
"id": "CVE-2025-24096",
"sourceIdentifier": "product-security@apple.com",
"published": "2025-01-27T22:15:15.533",
"lastModified": "2025-01-27T22:15:15.533",
"vulnStatus": "Received",
"lastModified": "2025-01-30T18:16:40.440",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.3. A malicious app may be able to access arbitrary files."
},
{
"lang": "es",
"value": "Este problema se solucion\u00f3 mediante con una mejor gesti\u00f3n del estado. Este problema se solucion\u00f3 en macOS Sequoia 15.3. Una aplicaci\u00f3n maliciosa podr\u00eda tener acceso a archivos arbitrarios."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.3",
"matchCriteriaId": "38BA63B3-CC2C-4E63-AE2C-B8DB08B5E89B"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/122068",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

29
CVE-2025/CVE-2025-240xx/CVE-2025-24099.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2025-24099",
"sourceIdentifier": "product-security@apple.com",
"published": "2025-01-30T17:15:18.473",
"lastModified": "2025-01-30T17:15:18.473",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.3, macOS Ventura 13.7.3, macOS Sonoma 14.7.3. A local attacker may be able to elevate their privileges."
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/122068",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/122069",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/122070",
"source": "product-security@apple.com"
}
]
}

95
CVE-2025/CVE-2025-241xx/CVE-2025-24100.json
View File

@ -2,28 +2,111 @@
"id": "CVE-2025-24100",
"sourceIdentifier": "product-security@apple.com",
"published": "2025-01-27T22:15:15.627",
"lastModified": "2025-01-27T22:15:15.627",
"vulnStatus": "Received",
"lastModified": "2025-01-30T18:16:04.177",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A logic issue was addressed with improved restrictions. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to access information about a user's contacts."
},
{
"lang": "es",
"value": "Se solucion\u00f3 un problema de l\u00f3gica mejorando las restricciones. Este problema se solucion\u00f3 en macOS Ventura 13.7.3, macOS Sequoia 15.3 y macOS Sonoma 14.7.3. Es posible que una aplicaci\u00f3n pueda acceder a informaci\u00f3n sobre los contactos de un usuario."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 3.3,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.7.3",
"matchCriteriaId": "A12642CB-69CC-4C6E-A2C2-CA8AE736EE88"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.7.3",
"matchCriteriaId": "9C523C7E-B1CF-454B-8AFD-B462C5120D9E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0",
"versionEndExcluding": "15.3",
"matchCriteriaId": "33FE4A81-3E35-4934-ABBB-4531E8E249AF"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/122068",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/122069",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/122070",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

88
CVE-2025/CVE-2025-241xx/CVE-2025-24104.json
View File

@ -2,24 +2,102 @@
"id": "CVE-2025-24104",
"sourceIdentifier": "product-security@apple.com",
"published": "2025-01-27T22:15:15.983",
"lastModified": "2025-01-27T22:15:15.983",
"vulnStatus": "Received",
"lastModified": "2025-01-30T18:15:16.380",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "This issue was addressed with improved handling of symlinks. This issue is fixed in iPadOS 17.7.4, iOS 18.3 and iPadOS 18.3. Restoring a maliciously crafted backup file may lead to modification of protected system files."
},
{
"lang": "es",
"value": "Este problema se solucion\u00f3 con una gesti\u00f3n mejorada de los enlaces simb\u00f3licos. Este problema se solucion\u00f3 en iPadOS 17.7.4, iOS 18.3 y iPadOS 18.3. Restaurar un archivo de copia de seguridad manipulado malintencionado puede provocar la modificaci\u00f3n de archivos sistema protegidos."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-59"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.7.4",
"matchCriteriaId": "27995710-C1F5-4919-8168-E2B59D7F698C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartIncluding": "18.0",
"versionEndExcluding": "18.3",
"matchCriteriaId": "AD29C5E9-9427-4C41-873F-C29493B892E4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.3",
"matchCriteriaId": "71A94ACA-8143-475F-8A89-8020B86CE80B"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/122066",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/122067",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

111
CVE-2025/CVE-2025-241xx/CVE-2025-24107.json
View File

@ -2,32 +2,129 @@
"id": "CVE-2025-24107",
"sourceIdentifier": "product-security@apple.com",
"published": "2025-01-27T22:15:16.170",
"lastModified": "2025-01-27T22:15:16.170",
"vulnStatus": "Received",
"lastModified": "2025-01-30T18:53:25.330",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.3, tvOS 18.3, watchOS 11.3, iOS 18.3 and iPadOS 18.3. A malicious app may be able to gain root privileges."
},
{
"lang": "es",
"value": "Se solucion\u00f3 un problema de permisos con restricciones adicionales. Este problema se solucion\u00f3 en macOS Sequoia 15.3, tvOS 18.3, watchOS 11.3, iOS 18.3 y iPadOS 18.3. Una aplicaci\u00f3n maliciosa podr\u00eda obtener privilegios de superusuario."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.3",
"matchCriteriaId": "6B7F80FC-EB0A-4B78-8CB7-18E5F162CD6A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.3",
"matchCriteriaId": "71A94ACA-8143-475F-8A89-8020B86CE80B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.3",
"matchCriteriaId": "38BA63B3-CC2C-4E63-AE2C-B8DB08B5E89B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.3",
"matchCriteriaId": "60C0BA29-0969-4181-B6F1-4606986B18E4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.3",
"matchCriteriaId": "7A128237-004C-49D7-A559-5BBC38362361"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/122066",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/122068",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/122071",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/122072",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

82
CVE-2025/CVE-2025-241xx/CVE-2025-24112.json
View File

@ -2,24 +2,96 @@
"id": "CVE-2025-24112",
"sourceIdentifier": "product-security@apple.com",
"published": "2025-01-27T22:15:16.433",
"lastModified": "2025-01-27T22:15:16.433",
"vulnStatus": "Received",
"lastModified": "2025-01-30T18:54:08.913",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3. Parsing a file may lead to an unexpected app termination."
},
{
"lang": "es",
"value": "El problema se solucion\u00f3 con comprobaciones mejoradas. Este problema se solucion\u00f3 en macOS Sequoia 15.3 y macOS Sonoma 14.7.3. El an\u00e1lisis de un archivo puede provocar la finalizaci\u00f3n inesperada de una aplicaci\u00f3n."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.7.3",
"matchCriteriaId": "6049E692-EB64-4E7D-A1AC-CEBA288B7A55"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0",
"versionEndExcluding": "15.3",
"matchCriteriaId": "33FE4A81-3E35-4934-ABBB-4531E8E249AF"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/122068",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/122069",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

118
CVE-2025/CVE-2025-241xx/CVE-2025-24131.json
View File

@ -2,36 +2,138 @@
"id": "CVE-2025-24131",
"sourceIdentifier": "product-security@apple.com",
"published": "2025-01-27T22:15:18.070",
"lastModified": "2025-01-27T22:15:18.070",
"vulnStatus": "Received",
"lastModified": "2025-01-30T17:58:19.953",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. An attacker in a privileged position may be able to perform a denial-of-service."
},
{
"lang": "es",
"value": "El problema se solucion\u00f3 mejorando la gesti\u00f3n de la memoria. Este problema se solucion\u00f3 en visionOS 2.3, iOS 18.3 y iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3 y tvOS 18.3. Un atacante en una posici\u00f3n privilegiada podr\u00eda realizar una denegaci\u00f3n de servicio."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.3",
"matchCriteriaId": "6B7F80FC-EB0A-4B78-8CB7-18E5F162CD6A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.3",
"matchCriteriaId": "71A94ACA-8143-475F-8A89-8020B86CE80B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.3",
"matchCriteriaId": "38BA63B3-CC2C-4E63-AE2C-B8DB08B5E89B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.3",
"matchCriteriaId": "60C0BA29-0969-4181-B6F1-4606986B18E4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.3",
"matchCriteriaId": "F91BF3D5-D8E5-437C-8301-C9F22AAFB8BD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.3",
"matchCriteriaId": "7A128237-004C-49D7-A559-5BBC38362361"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/122066",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/122068",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/122071",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/122072",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/122073",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
}
]
}

92
CVE-2025/CVE-2025-241xx/CVE-2025-24136.json
View File

@ -2,28 +2,108 @@
"id": "CVE-2025-24136",
"sourceIdentifier": "product-security@apple.com",
"published": "2025-01-27T22:15:18.340",
"lastModified": "2025-01-27T22:15:18.340",
"vulnStatus": "Received",
"lastModified": "2025-01-30T18:00:53.250",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. A malicious app may be able to create symlinks to protected regions of the disk."
},
{
"lang": "es",
"value": "Este problema se solucion\u00f3 con una validaci\u00f3n mejorada de los enlaces simb\u00f3licos. Este problema se solucion\u00f3 en macOS Ventura 13.7.3, macOS Sequoia 15.3 y macOS Sonoma 14.7.3. Una aplicaci\u00f3n malintencionada podr\u00eda crear enlaces simb\u00f3licos a regiones protegidas del disco."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-59"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.7.3",
"matchCriteriaId": "A12642CB-69CC-4C6E-A2C2-CA8AE736EE88"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.7.3",
"matchCriteriaId": "9C523C7E-B1CF-454B-8AFD-B462C5120D9E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0",
"versionEndExcluding": "15.3",
"matchCriteriaId": "33FE4A81-3E35-4934-ABBB-4531E8E249AF"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/122068",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/122069",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/122070",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
}
]
}

68
CVE-2025/CVE-2025-241xx/CVE-2025-24140.json
View File

@ -2,20 +2,80 @@
"id": "CVE-2025-24140",
"sourceIdentifier": "product-security@apple.com",
"published": "2025-01-27T22:15:18.710",
"lastModified": "2025-01-27T22:15:18.710",
"vulnStatus": "Received",
"lastModified": "2025-01-30T18:01:52.057",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.3. Files downloaded from the internet may not have the quarantine flag applied."
},
{
"lang": "es",
"value": "Este problema se solucion\u00f3 mediante con una mejor gesti\u00f3n del estado. Este problema se solucion\u00f3 en macOS Sequoia 15.3. Es posible que los archivos descargados de Internet no tengan aplicada la marca de cuarentena."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.3",
"matchCriteriaId": "38BA63B3-CC2C-4E63-AE2C-B8DB08B5E89B"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/122068",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
}
]
}

74
CVE-2025/CVE-2025-241xx/CVE-2025-24141.json
View File

@ -2,20 +2,86 @@
"id": "CVE-2025-24141",
"sourceIdentifier": "product-security@apple.com",
"published": "2025-01-27T22:15:18.800",
"lastModified": "2025-01-27T22:15:18.800",
"vulnStatus": "Received",
"lastModified": "2025-01-30T18:03:08.223",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An authentication issue was addressed with improved state management. This issue is fixed in iOS 18.3 and iPadOS 18.3. An attacker with physical access to an unlocked device may be able to access Photos while the app is locked."
},
{
"lang": "es",
"value": "Se solucion\u00f3 un problema de autenticaci\u00f3n con con una mejor gesti\u00f3n del estado. Este problema se solucion\u00f3 en iOS 18.3 y iPadOS 18.3. Un atacante con acceso f\u00edsico a un dispositivo desbloqueado podr\u00eda acceder a Fotos mientras la aplicaci\u00f3n est\u00e1 bloqueada."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 3.3,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.3",
"matchCriteriaId": "6B7F80FC-EB0A-4B78-8CB7-18E5F162CD6A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.3",
"matchCriteriaId": "71A94ACA-8143-475F-8A89-8020B86CE80B"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/122066",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
}
]
}

101
CVE-2025/CVE-2025-241xx/CVE-2025-24143.json
View File

@ -2,32 +2,119 @@
"id": "CVE-2025-24143",
"sourceIdentifier": "product-security@apple.com",
"published": "2025-01-27T22:15:18.893",
"lastModified": "2025-01-27T22:15:18.893",
"vulnStatus": "Received",
"lastModified": "2025-01-30T18:03:57.780",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved access restrictions to the file system. This issue is fixed in macOS Sequoia 15.3, Safari 18.3, iOS 18.3 and iPadOS 18.3, visionOS 2.3. A maliciously crafted webpage may be able to fingerprint the user."
},
{
"lang": "es",
"value": "El problema se solucion\u00f3 mejorando las restricciones de acceso al archivo sistema. Este problema se solucion\u00f3 en macOS Sequoia 15.3, Safari 18.3, iOS 18.3 y iPadOS 18.3, visionOS 2.3. Una p\u00e1gina web malintencionada manipulado puede tomar la huella digital del usuario."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.3",
"matchCriteriaId": "0384B3A1-9447-4020-A798-38CB2348F67B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.3",
"matchCriteriaId": "6B7F80FC-EB0A-4B78-8CB7-18E5F162CD6A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.3",
"matchCriteriaId": "38BA63B3-CC2C-4E63-AE2C-B8DB08B5E89B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.3",
"matchCriteriaId": "F91BF3D5-D8E5-437C-8301-C9F22AAFB8BD"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/122066",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/122068",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/122073",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/122074",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
}
]
}

85
CVE-2025/CVE-2025-241xx/CVE-2025-24145.json
View File

@ -2,24 +2,99 @@
"id": "CVE-2025-24145",
"sourceIdentifier": "product-security@apple.com",
"published": "2025-01-27T22:15:18.990",
"lastModified": "2025-01-27T22:15:18.990",
"vulnStatus": "Received",
"lastModified": "2025-01-30T18:04:51.137",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15.3, iOS 18.3 and iPadOS 18.3. An app may be able to view a contact's phone number in system logs."
},
{
"lang": "es",
"value": "Se solucion\u00f3 un problema de privacidad con una mejor redacci\u00f3n de datos privados para las entradas de registro. Este problema se solucion\u00f3 en macOS Sequoia 15.3, iOS 18.3 y iPadOS 18.3. Es posible que una aplicaci\u00f3n pueda ver el n\u00famero de tel\u00e9fono de un contacto en los registros de sistema."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 3.3,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-532"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.3",
"matchCriteriaId": "6B7F80FC-EB0A-4B78-8CB7-18E5F162CD6A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.3",
"matchCriteriaId": "71A94ACA-8143-475F-8A89-8020B86CE80B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.3",
"matchCriteriaId": "38BA63B3-CC2C-4E63-AE2C-B8DB08B5E89B"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/122066",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/122068",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
}
]
}

96
CVE-2025/CVE-2025-241xx/CVE-2025-24150.json
View File

@ -2,28 +2,112 @@
"id": "CVE-2025-24150",
"sourceIdentifier": "product-security@apple.com",
"published": "2025-01-27T22:15:19.270",
"lastModified": "2025-01-27T22:15:19.270",
"vulnStatus": "Received",
"lastModified": "2025-01-30T18:10:41.773",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A privacy issue was addressed with improved handling of files. This issue is fixed in macOS Sequoia 15.3, Safari 18.3, iOS 18.3 and iPadOS 18.3. Copying a URL from Web Inspector may lead to command injection."
},
{
"lang": "es",
"value": "Se solucion\u00f3 un problema de privacidad mejorando la gesti\u00f3n de archivos. Este problema se solucion\u00f3 en macOS Sequoia 15.3, Safari 18.3, iOS 18.3 y iPadOS 18.3. Copiar una URL desde Web Inspector puede provocar la inyecci\u00f3n de comandos."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.3",
"matchCriteriaId": "0384B3A1-9447-4020-A798-38CB2348F67B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.3",
"matchCriteriaId": "6B7F80FC-EB0A-4B78-8CB7-18E5F162CD6A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.3",
"matchCriteriaId": "71A94ACA-8143-475F-8A89-8020B86CE80B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.3",
"matchCriteriaId": "38BA63B3-CC2C-4E63-AE2C-B8DB08B5E89B"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/122066",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/122068",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/122074",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
}
]
}

68
CVE-2025/CVE-2025-241xx/CVE-2025-24152.json
View File

@ -2,20 +2,80 @@
"id": "CVE-2025-24152",
"sourceIdentifier": "product-security@apple.com",
"published": "2025-01-27T22:15:19.443",
"lastModified": "2025-01-27T22:15:19.443",
"vulnStatus": "Received",
"lastModified": "2025-01-30T17:06:25.153",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.3. An app may be able to cause unexpected system termination or corrupt kernel memory."
},
{
"lang": "es",
"value": "El problema se solucion\u00f3 con una gesti\u00f3n de memoria mejorada. Este problema se solucion\u00f3 en macOS Sequoia 15.3. Una aplicaci\u00f3n puede provocar una terminaci\u00f3n inesperada de sistema o da\u00f1ar la memoria del kernel."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.3",
"matchCriteriaId": "38BA63B3-CC2C-4E63-AE2C-B8DB08B5E89B"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/122068",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
}
]
}

85
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2025-01-30T17:00:31.911187+00:00
2025-01-30T19:00:35.932541+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2025-01-30T16:55:07.740000+00:00
2025-01-30T18:54:08.913000+00:00
```
### Last Data Feed Release
@ -33,60 +33,53 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
279508
279517
```
### CVEs added in the last Commit
Recently added CVEs: `16`
Recently added CVEs: `9`
- [CVE-2024-53615](CVE-2024/CVE-2024-536xx/CVE-2024-53615.json) (`2025-01-30T15:15:17.390`)
- [CVE-2024-55415](CVE-2024/CVE-2024-554xx/CVE-2024-55415.json) (`2025-01-30T15:15:17.490`)
- [CVE-2024-55416](CVE-2024/CVE-2024-554xx/CVE-2024-55416.json) (`2025-01-30T15:15:17.583`)
- [CVE-2024-55417](CVE-2024/CVE-2024-554xx/CVE-2024-55417.json) (`2025-01-30T15:15:17.667`)
- [CVE-2025-0871](CVE-2025/CVE-2025-08xx/CVE-2025-0871.json) (`2025-01-30T15:15:18.253`)
- [CVE-2025-0872](CVE-2025/CVE-2025-08xx/CVE-2025-0872.json) (`2025-01-30T16:15:30.737`)
- [CVE-2025-22218](CVE-2025/CVE-2025-222xx/CVE-2025-22218.json) (`2025-01-30T15:15:18.487`)
- [CVE-2025-22219](CVE-2025/CVE-2025-222xx/CVE-2025-22219.json) (`2025-01-30T16:15:31.013`)
- [CVE-2025-22220](CVE-2025/CVE-2025-222xx/CVE-2025-22220.json) (`2025-01-30T16:15:31.143`)
- [CVE-2025-22221](CVE-2025/CVE-2025-222xx/CVE-2025-22221.json) (`2025-01-30T16:15:31.257`)
- [CVE-2025-22222](CVE-2025/CVE-2025-222xx/CVE-2025-22222.json) (`2025-01-30T16:15:31.367`)
- [CVE-2025-23216](CVE-2025/CVE-2025-232xx/CVE-2025-23216.json) (`2025-01-30T16:15:31.473`)
- [CVE-2025-23367](CVE-2025/CVE-2025-233xx/CVE-2025-23367.json) (`2025-01-30T15:15:18.610`)
- [CVE-2025-24376](CVE-2025/CVE-2025-243xx/CVE-2025-24376.json) (`2025-01-30T16:15:31.630`)
- [CVE-2025-24784](CVE-2025/CVE-2025-247xx/CVE-2025-24784.json) (`2025-01-30T16:15:31.780`)
- [CVE-2025-24883](CVE-2025/CVE-2025-248xx/CVE-2025-24883.json) (`2025-01-30T16:15:31.947`)
- [CVE-2023-29080](CVE-2023/CVE-2023-290xx/CVE-2023-29080.json) (`2025-01-30T18:15:28.437`)
- [CVE-2024-2658](CVE-2024/CVE-2024-26xx/CVE-2024-2658.json) (`2025-01-30T17:15:17.670`)
- [CVE-2025-0367](CVE-2025/CVE-2025-03xx/CVE-2025-0367.json) (`2025-01-30T17:15:18.097`)
- [CVE-2025-0477](CVE-2025/CVE-2025-04xx/CVE-2025-0477.json) (`2025-01-30T18:15:31.893`)
- [CVE-2025-0497](CVE-2025/CVE-2025-04xx/CVE-2025-0497.json) (`2025-01-30T18:15:32.493`)
- [CVE-2025-0498](CVE-2025/CVE-2025-04xx/CVE-2025-0498.json) (`2025-01-30T18:15:33.253`)
- [CVE-2025-0873](CVE-2025/CVE-2025-08xx/CVE-2025-0873.json) (`2025-01-30T17:15:18.293`)
- [CVE-2025-0874](CVE-2025/CVE-2025-08xx/CVE-2025-0874.json) (`2025-01-30T18:15:33.753`)
- [CVE-2025-24099](CVE-2025/CVE-2025-240xx/CVE-2025-24099.json) (`2025-01-30T17:15:18.473`)
### CVEs modified in the last Commit
Recently modified CVEs: `77`
Recently modified CVEs: `73`
- [CVE-2024-2144](CVE-2024/CVE-2024-21xx/CVE-2024-2144.json) (`2025-01-30T15:21:55.593`)
- [CVE-2024-22429](CVE-2024/CVE-2024-224xx/CVE-2024-22429.json) (`2025-01-30T15:48:29.167`)
- [CVE-2024-25698](CVE-2024/CVE-2024-256xx/CVE-2024-25698.json) (`2025-01-30T16:18:43.000`)
- [CVE-2024-25699](CVE-2024/CVE-2024-256xx/CVE-2024-25699.json) (`2025-01-30T16:23:46.597`)
- [CVE-2024-25705](CVE-2024/CVE-2024-257xx/CVE-2024-25705.json) (`2025-01-30T16:21:48.907`)
- [CVE-2024-2645](CVE-2024/CVE-2024-26xx/CVE-2024-2645.json) (`2025-01-30T15:39:23.947`)
- [CVE-2024-2646](CVE-2024/CVE-2024-26xx/CVE-2024-2646.json) (`2025-01-30T15:34:41.863`)
- [CVE-2024-2662](CVE-2024/CVE-2024-26xx/CVE-2024-2662.json) (`2025-01-30T16:12:13.900`)
- [CVE-2024-3055](CVE-2024/CVE-2024-30xx/CVE-2024-3055.json) (`2025-01-30T16:11:40.940`)
- [CVE-2024-3190](CVE-2024/CVE-2024-31xx/CVE-2024-3190.json) (`2025-01-30T16:09:08.383`)
- [CVE-2024-3547](CVE-2024/CVE-2024-35xx/CVE-2024-3547.json) (`2025-01-30T16:10:54.307`)
- [CVE-2024-4385](CVE-2024/CVE-2024-43xx/CVE-2024-4385.json) (`2025-01-30T16:09:33.727`)
- [CVE-2024-44172](CVE-2024/CVE-2024-441xx/CVE-2024-44172.json) (`2025-01-30T16:47:17.370`)
- [CVE-2024-4580](CVE-2024/CVE-2024-45xx/CVE-2024-4580.json) (`2025-01-30T15:55:44.283`)
- [CVE-2024-4609](CVE-2024/CVE-2024-46xx/CVE-2024-4609.json) (`2025-01-30T15:50:28.557`)
- [CVE-2024-4634](CVE-2024/CVE-2024-46xx/CVE-2024-4634.json) (`2025-01-30T16:01:17.150`)
- [CVE-2024-4779](CVE-2024/CVE-2024-47xx/CVE-2024-4779.json) (`2025-01-30T16:10:38.760`)
- [CVE-2024-4891](CVE-2024/CVE-2024-48xx/CVE-2024-4891.json) (`2025-01-30T15:45:34.377`)
- [CVE-2024-8148](CVE-2024/CVE-2024-81xx/CVE-2024-8148.json) (`2025-01-30T16:20:34.150`)
- [CVE-2024-8149](CVE-2024/CVE-2024-81xx/CVE-2024-8149.json) (`2025-01-30T16:20:02.563`)
- [CVE-2025-24153](CVE-2025/CVE-2025-241xx/CVE-2025-24153.json) (`2025-01-30T16:55:07.740`)
- [CVE-2025-24156](CVE-2025/CVE-2025-241xx/CVE-2025-24156.json) (`2025-01-30T16:43:39.593`)
- [CVE-2025-24161](CVE-2025/CVE-2025-241xx/CVE-2025-24161.json) (`2025-01-30T16:34:58.187`)
- [CVE-2025-24169](CVE-2025/CVE-2025-241xx/CVE-2025-24169.json) (`2025-01-30T16:24:54.597`)
- [CVE-2025-24177](CVE-2025/CVE-2025-241xx/CVE-2025-24177.json) (`2025-01-30T16:26:45.687`)
- [CVE-2024-54522](CVE-2024/CVE-2024-545xx/CVE-2024-54522.json) (`2025-01-30T17:26:15.263`)
- [CVE-2024-54536](CVE-2024/CVE-2024-545xx/CVE-2024-54536.json) (`2025-01-30T17:30:01.897`)
- [CVE-2024-54541](CVE-2024/CVE-2024-545xx/CVE-2024-54541.json) (`2025-01-30T17:31:31.880`)
- [CVE-2024-54543](CVE-2024/CVE-2024-545xx/CVE-2024-54543.json) (`2025-01-30T18:13:45.400`)
- [CVE-2024-54549](CVE-2024/CVE-2024-545xx/CVE-2024-54549.json) (`2025-01-30T18:43:26.997`)
- [CVE-2024-54557](CVE-2024/CVE-2024-545xx/CVE-2024-54557.json) (`2025-01-30T18:19:14.730`)
- [CVE-2024-54851](CVE-2024/CVE-2024-548xx/CVE-2024-54851.json) (`2025-01-30T17:15:17.957`)
- [CVE-2024-8494](CVE-2024/CVE-2024-84xx/CVE-2024-8494.json) (`2025-01-30T17:12:52.817`)
- [CVE-2025-0321](CVE-2025/CVE-2025-03xx/CVE-2025-0321.json) (`2025-01-30T17:39:45.447`)
- [CVE-2025-24086](CVE-2025/CVE-2025-240xx/CVE-2025-24086.json) (`2025-01-30T18:18:16.963`)
- [CVE-2025-24087](CVE-2025/CVE-2025-240xx/CVE-2025-24087.json) (`2025-01-30T18:17:28.223`)
- [CVE-2025-24094](CVE-2025/CVE-2025-240xx/CVE-2025-24094.json) (`2025-01-30T18:17:08.090`)
- [CVE-2025-24096](CVE-2025/CVE-2025-240xx/CVE-2025-24096.json) (`2025-01-30T18:16:40.440`)
- [CVE-2025-24100](CVE-2025/CVE-2025-241xx/CVE-2025-24100.json) (`2025-01-30T18:16:04.177`)
- [CVE-2025-24104](CVE-2025/CVE-2025-241xx/CVE-2025-24104.json) (`2025-01-30T18:15:16.380`)
- [CVE-2025-24107](CVE-2025/CVE-2025-241xx/CVE-2025-24107.json) (`2025-01-30T18:53:25.330`)
- [CVE-2025-24112](CVE-2025/CVE-2025-241xx/CVE-2025-24112.json) (`2025-01-30T18:54:08.913`)
- [CVE-2025-24131](CVE-2025/CVE-2025-241xx/CVE-2025-24131.json) (`2025-01-30T17:58:19.953`)
- [CVE-2025-24136](CVE-2025/CVE-2025-241xx/CVE-2025-24136.json) (`2025-01-30T18:00:53.250`)
- [CVE-2025-24140](CVE-2025/CVE-2025-241xx/CVE-2025-24140.json) (`2025-01-30T18:01:52.057`)
- [CVE-2025-24141](CVE-2025/CVE-2025-241xx/CVE-2025-24141.json) (`2025-01-30T18:03:08.223`)
- [CVE-2025-24143](CVE-2025/CVE-2025-241xx/CVE-2025-24143.json) (`2025-01-30T18:03:57.780`)
- [CVE-2025-24145](CVE-2025/CVE-2025-241xx/CVE-2025-24145.json) (`2025-01-30T18:04:51.137`)
- [CVE-2025-24150](CVE-2025/CVE-2025-241xx/CVE-2025-24150.json) (`2025-01-30T18:10:41.773`)
- [CVE-2025-24152](CVE-2025/CVE-2025-241xx/CVE-2025-24152.json) (`2025-01-30T17:06:25.153`)
## Download and Usage

341
_state.csv
View File

File diff suppressed because it is too large Load Diff