admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-03-25T15:00:21.124020+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-03-25 15:03:53 +00:00
parent e4ad23962d
commit c8a5cff72e
145 changed files with 5696 additions and 646 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
CVE-2016/CVE-2016-29xx/CVE-2016-2912.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2016-2912", "id": "CVE-2016-2912",
"sourceIdentifier": "psirt@us.ibm.com", "sourceIdentifier": "psirt@us.ibm.com",
"published": "2016-08-08T01:59:08.210", "published": "2016-08-08T01:59:08.210",
"lastModified": "2024-11-21T02:49:01.117", "lastModified": "2025-03-25T14:26:28.453",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -85,8 +85,8 @@
"cpeMatch": [ "cpeMatch": [
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:ibm:rational_publishing_engine:2.0.1:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_-_publishing:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F73844BC-E832-4EC8-A030-72315E4E86B6" "matchCriteriaId": "08963269-CCD9-4874-9D8B-53D9B8E6B95B"
} }
] ]
} }

6
CVE-2016/CVE-2016-29xx/CVE-2016-2914.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2016-2914", "id": "CVE-2016-2914",
"sourceIdentifier": "psirt@us.ibm.com", "sourceIdentifier": "psirt@us.ibm.com",
"published": "2016-08-08T01:59:09.320", "published": "2016-08-08T01:59:09.320",
"lastModified": "2024-11-21T02:49:01.230", "lastModified": "2025-03-25T14:26:28.453",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -85,8 +85,8 @@
"cpeMatch": [ "cpeMatch": [
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:ibm:rational_publishing_engine:2.0.1:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_-_publishing:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F73844BC-E832-4EC8-A030-72315E4E86B6" "matchCriteriaId": "08963269-CCD9-4874-9D8B-53D9B8E6B95B"
} }
] ]
} }

10
CVE-2017/CVE-2017-17xx/CVE-2017-1787.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2017-1787", "id": "CVE-2017-1787",
"sourceIdentifier": "psirt@us.ibm.com", "sourceIdentifier": "psirt@us.ibm.com",
"published": "2018-03-02T17:29:00.280", "published": "2018-03-02T17:29:00.280",
"lastModified": "2024-11-21T03:22:21.710", "lastModified": "2025-03-25T14:26:28.453",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -105,13 +105,13 @@
"cpeMatch": [ "cpeMatch": [
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:ibm:rational_publishing_engine:2.1.2:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_-_publishing:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "845D4C30-7B1B-4713-9D04-D89C139593EA" "matchCriteriaId": "EF6F33B2-7C70-45B1-B942-DE4C67AFE13B"
}, },
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:ibm:rational_publishing_engine:6.0.5:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_-_publishing:6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6E6EC27D-5688-40CB-84FC-8E4D706F84E0" "matchCriteriaId": "D427ADAB-C11B-4A0B-AF88-DFC316B6BFCC"
} }
] ]
} }

10
CVE-2018/CVE-2018-15xx/CVE-2018-1533.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2018-1533", "id": "CVE-2018-1533",
"sourceIdentifier": "psirt@us.ibm.com", "sourceIdentifier": "psirt@us.ibm.com",
"published": "2018-10-12T11:29:00.277", "published": "2018-10-12T11:29:00.277",
"lastModified": "2024-11-21T03:59:58.297", "lastModified": "2025-03-25T14:26:28.453",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -105,13 +105,13 @@
"cpeMatch": [ "cpeMatch": [
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:ibm:rational_publishing_engine:6.0.5:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_-_publishing:6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6E6EC27D-5688-40CB-84FC-8E4D706F84E0" "matchCriteriaId": "D427ADAB-C11B-4A0B-AF88-DFC316B6BFCC"
}, },
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:ibm:rational_publishing_engine:6.0.6:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_-_publishing:6.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "954E25D6-55A3-4271-AE15-E88D0EC487E6" "matchCriteriaId": "45E5E732-2A3A-4300-BC15-2591F0D1B3C6"
} }
] ]
} }

10
CVE-2018/CVE-2018-15xx/CVE-2018-1534.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2018-1534", "id": "CVE-2018-1534",
"sourceIdentifier": "psirt@us.ibm.com", "sourceIdentifier": "psirt@us.ibm.com",
"published": "2018-10-12T11:29:00.477", "published": "2018-10-12T11:29:00.477",
"lastModified": "2024-11-21T03:59:58.410", "lastModified": "2025-03-25T14:26:28.453",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -105,13 +105,13 @@
"cpeMatch": [ "cpeMatch": [
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:ibm:rational_publishing_engine:6.0.5:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_-_publishing:6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6E6EC27D-5688-40CB-84FC-8E4D706F84E0" "matchCriteriaId": "D427ADAB-C11B-4A0B-AF88-DFC316B6BFCC"
}, },
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:ibm:rational_publishing_engine:6.0.6:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_-_publishing:6.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "954E25D6-55A3-4271-AE15-E88D0EC487E6" "matchCriteriaId": "45E5E732-2A3A-4300-BC15-2591F0D1B3C6"
} }
] ]
} }

14
CVE-2018/CVE-2018-16xx/CVE-2018-1657.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2018-1657", "id": "CVE-2018-1657",
"sourceIdentifier": "psirt@us.ibm.com", "sourceIdentifier": "psirt@us.ibm.com",
"published": "2019-01-04T15:29:00.297", "published": "2019-01-04T15:29:00.297",
"lastModified": "2024-11-21T04:00:09.113", "lastModified": "2025-03-25T14:26:28.453",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -105,18 +105,18 @@
"cpeMatch": [ "cpeMatch": [
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:ibm:rational_publishing_engine:2.1.2:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_-_publishing:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "845D4C30-7B1B-4713-9D04-D89C139593EA" "matchCriteriaId": "EF6F33B2-7C70-45B1-B942-DE4C67AFE13B"
}, },
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:ibm:rational_publishing_engine:6.0.5:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_-_publishing:6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6E6EC27D-5688-40CB-84FC-8E4D706F84E0" "matchCriteriaId": "D427ADAB-C11B-4A0B-AF88-DFC316B6BFCC"
}, },
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:ibm:rational_publishing_engine:6.0.6:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_-_publishing:6.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "954E25D6-55A3-4271-AE15-E88D0EC487E6" "matchCriteriaId": "45E5E732-2A3A-4300-BC15-2591F0D1B3C6"
} }
] ]
} }

14
CVE-2018/CVE-2018-19xx/CVE-2018-1951.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2018-1951", "id": "CVE-2018-1951",
"sourceIdentifier": "psirt@us.ibm.com", "sourceIdentifier": "psirt@us.ibm.com",
"published": "2019-01-04T15:29:00.500", "published": "2019-01-04T15:29:00.500",
"lastModified": "2024-11-21T04:00:39.260", "lastModified": "2025-03-25T14:26:28.453",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -105,18 +105,18 @@
"cpeMatch": [ "cpeMatch": [
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:ibm:rational_publishing_engine:2.1.2:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_-_publishing:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "845D4C30-7B1B-4713-9D04-D89C139593EA" "matchCriteriaId": "EF6F33B2-7C70-45B1-B942-DE4C67AFE13B"
}, },
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:ibm:rational_publishing_engine:6.0.5:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_-_publishing:6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6E6EC27D-5688-40CB-84FC-8E4D706F84E0" "matchCriteriaId": "D427ADAB-C11B-4A0B-AF88-DFC316B6BFCC"
}, },
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:ibm:rational_publishing_engine:6.0.6:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_-_publishing:6.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "954E25D6-55A3-4271-AE15-E88D0EC487E6" "matchCriteriaId": "45E5E732-2A3A-4300-BC15-2591F0D1B3C6"
} }
] ]
} }

10
CVE-2019/CVE-2019-44xx/CVE-2019-4431.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2019-4431", "id": "CVE-2019-4431",
"sourceIdentifier": "psirt@us.ibm.com", "sourceIdentifier": "psirt@us.ibm.com",
"published": "2020-02-12T16:15:11.393", "published": "2020-02-12T16:15:11.393",
"lastModified": "2024-11-21T04:43:36.180", "lastModified": "2025-03-25T14:26:28.453",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -107,13 +107,13 @@
"cpeMatch": [ "cpeMatch": [
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:ibm:rational_publishing_engine:6.0.6:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_-_publishing:6.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "954E25D6-55A3-4271-AE15-E88D0EC487E6" "matchCriteriaId": "45E5E732-2A3A-4300-BC15-2591F0D1B3C6"
}, },
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:ibm:rational_publishing_engine:6.0.6.1:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_-_publishing:6.0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F95A4EEB-086D-487E-917D-B1D11A88CF80" "matchCriteriaId": "2FB638AE-44C2-4ED0-9FEE-1EADE239BBF0"
} }
] ]
} }

69
CVE-2020/CVE-2020-234xx/CVE-2020-23438.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-23438", "id": "CVE-2020-23438",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-03-04T21:15:10.907", "published": "2025-03-04T21:15:10.907",
"lastModified": "2025-03-04T21:15:10.907", "lastModified": "2025-03-25T13:02:34.147",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,11 +15,68 @@
"value": "Wondershare Filmora 9.2.11 se ve afectado por el secuestro de Dll de Trojan, lo que conduce a una escalada de privilegios." "value": "Wondershare Filmora 9.2.11 se ve afectado por el secuestro de Dll de Trojan, lo que conduce a una escalada de privilegios."
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "https://cvewalkthrough.com/cve-2020-23438-wondershare-filmora-9-2-11-trojan-dll-hijacking-leading-to-privilege-escalation/", "source": "nvd@nist.gov",
"source": "cve@mitre.org" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wondershare:filmora:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.2.11",
"matchCriteriaId": "E55200E5-5C0C-42DE-BDE0-EC7BC8912CD3"
}
]
}
]
}
],
"references": [
{
"url": "https://cvewalkthrough.com/cve-2020-23438-wondershare-filmora-9-2-11-trojan-dll-hijacking-leading-to-privilege-escalation/",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

16
CVE-2020/CVE-2020-43xx/CVE-2020-4316.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-4316", "id": "CVE-2020-4316",
"sourceIdentifier": "psirt@us.ibm.com", "sourceIdentifier": "psirt@us.ibm.com",
"published": "2020-07-16T15:15:27.987", "published": "2020-07-16T15:15:27.987",
"lastModified": "2024-11-21T05:32:34.610", "lastModified": "2025-03-25T14:51:52.527",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -107,18 +107,18 @@
"cpeMatch": [ "cpeMatch": [
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:ibm:publishing_engine:7.0:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_-_publishing:6.0.6:-:*:*:*:*:*:*",
"matchCriteriaId": "E39C011E-34C4-4D0D-BD25-194994B5EB8E" "matchCriteriaId": "6821C7CB-AADC-4D4D-85B4-719EE7A1FBB4"
}, },
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:ibm:rational_publishing_engine:6.0.6:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_-_publishing:6.0.6.1:-:*:*:*:*:*:*",
"matchCriteriaId": "954E25D6-55A3-4271-AE15-E88D0EC487E6" "matchCriteriaId": "D8CCC081-807F-4342-9D6A-E52B37EE1182"
}, },
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:ibm:rational_publishing_engine:6.0.6.1:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_-_publishing:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "F95A4EEB-086D-487E-917D-B1D11A88CF80" "matchCriteriaId": "F583497F-CEE8-46B5-A15A-91007AA4D310"
} }
] ]
} }

20
CVE-2021/CVE-2021-390xx/CVE-2021-39015.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-39015", "id": "CVE-2021-39015",
"sourceIdentifier": "psirt@us.ibm.com", "sourceIdentifier": "psirt@us.ibm.com",
"published": "2022-07-14T17:15:08.013", "published": "2022-07-14T17:15:08.013",
"lastModified": "2024-11-21T06:18:25.010", "lastModified": "2025-03-25T14:21:02.290",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -83,24 +83,24 @@
"cpeMatch": [ "cpeMatch": [
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_publishing:6.0.6:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_-_publishing:6.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "96A1CD37-BB30-46C0-AB69-28DAA115CC1E" "matchCriteriaId": "45E5E732-2A3A-4300-BC15-2591F0D1B3C6"
}, },
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_publishing:6.0.6.1:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_-_publishing:6.0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "25400833-E011-47C8-82F3-451CC15D9AFE" "matchCriteriaId": "2FB638AE-44C2-4ED0-9FEE-1EADE239BBF0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_-_publishing:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9FD252F7-F264-42CE-ACE9-41D8655220A0"
}, },
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_publishing:7.0:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_publishing:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6D2AD86D-D092-415E-A7AC-F6FC26D336D2" "matchCriteriaId": "6D2AD86D-D092-415E-A7AC-F6FC26D336D2"
}, },
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_publishing:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4BFF673F-BDEC-482B-850C-C035C589111C"
},
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_publishing:7.0.2:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_publishing:7.0.2:*:*:*:*:*:*:*",

20
CVE-2021/CVE-2021-390xx/CVE-2021-39016.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-39016", "id": "CVE-2021-39016",
"sourceIdentifier": "psirt@us.ibm.com", "sourceIdentifier": "psirt@us.ibm.com",
"published": "2022-07-14T17:15:08.203", "published": "2022-07-14T17:15:08.203",
"lastModified": "2024-11-21T06:18:25.170", "lastModified": "2025-03-25T14:21:02.290",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -83,24 +83,24 @@
"cpeMatch": [ "cpeMatch": [
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_publishing:6.0.6:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_-_publishing:6.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "96A1CD37-BB30-46C0-AB69-28DAA115CC1E" "matchCriteriaId": "45E5E732-2A3A-4300-BC15-2591F0D1B3C6"
}, },
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_publishing:6.0.6.1:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_-_publishing:6.0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "25400833-E011-47C8-82F3-451CC15D9AFE" "matchCriteriaId": "2FB638AE-44C2-4ED0-9FEE-1EADE239BBF0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_-_publishing:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9FD252F7-F264-42CE-ACE9-41D8655220A0"
}, },
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_publishing:7.0:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_publishing:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6D2AD86D-D092-415E-A7AC-F6FC26D336D2" "matchCriteriaId": "6D2AD86D-D092-415E-A7AC-F6FC26D336D2"
}, },
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_publishing:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4BFF673F-BDEC-482B-850C-C035C589111C"
},
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_publishing:7.0.2:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_publishing:7.0.2:*:*:*:*:*:*:*",

20
CVE-2021/CVE-2021-390xx/CVE-2021-39017.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-39017", "id": "CVE-2021-39017",
"sourceIdentifier": "psirt@us.ibm.com", "sourceIdentifier": "psirt@us.ibm.com",
"published": "2022-07-14T17:15:08.250", "published": "2022-07-14T17:15:08.250",
"lastModified": "2024-11-21T06:18:25.333", "lastModified": "2025-03-25T14:21:02.290",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -83,24 +83,24 @@
"cpeMatch": [ "cpeMatch": [
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_publishing:6.0.6:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_-_publishing:6.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "96A1CD37-BB30-46C0-AB69-28DAA115CC1E" "matchCriteriaId": "45E5E732-2A3A-4300-BC15-2591F0D1B3C6"
}, },
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_publishing:6.0.6.1:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_-_publishing:6.0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "25400833-E011-47C8-82F3-451CC15D9AFE" "matchCriteriaId": "2FB638AE-44C2-4ED0-9FEE-1EADE239BBF0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_-_publishing:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9FD252F7-F264-42CE-ACE9-41D8655220A0"
}, },
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_publishing:7.0:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_publishing:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6D2AD86D-D092-415E-A7AC-F6FC26D336D2" "matchCriteriaId": "6D2AD86D-D092-415E-A7AC-F6FC26D336D2"
}, },
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_publishing:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4BFF673F-BDEC-482B-850C-C035C589111C"
},
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_publishing:7.0.2:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_publishing:7.0.2:*:*:*:*:*:*:*",

20
CVE-2021/CVE-2021-390xx/CVE-2021-39018.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-39018", "id": "CVE-2021-39018",
"sourceIdentifier": "psirt@us.ibm.com", "sourceIdentifier": "psirt@us.ibm.com",
"published": "2022-07-14T17:15:08.297", "published": "2022-07-14T17:15:08.297",
"lastModified": "2024-11-21T06:18:25.480", "lastModified": "2025-03-25T14:21:02.290",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -83,24 +83,24 @@
"cpeMatch": [ "cpeMatch": [
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_publishing:6.0.6:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_-_publishing:6.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "96A1CD37-BB30-46C0-AB69-28DAA115CC1E" "matchCriteriaId": "45E5E732-2A3A-4300-BC15-2591F0D1B3C6"
}, },
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_publishing:6.0.6.1:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_-_publishing:6.0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "25400833-E011-47C8-82F3-451CC15D9AFE" "matchCriteriaId": "2FB638AE-44C2-4ED0-9FEE-1EADE239BBF0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_-_publishing:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9FD252F7-F264-42CE-ACE9-41D8655220A0"
}, },
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_publishing:7.0:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_publishing:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6D2AD86D-D092-415E-A7AC-F6FC26D336D2" "matchCriteriaId": "6D2AD86D-D092-415E-A7AC-F6FC26D336D2"
}, },
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_publishing:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4BFF673F-BDEC-482B-850C-C035C589111C"
},
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_publishing:7.0.2:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_publishing:7.0.2:*:*:*:*:*:*:*",

20
CVE-2021/CVE-2021-390xx/CVE-2021-39019.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-39019", "id": "CVE-2021-39019",
"sourceIdentifier": "psirt@us.ibm.com", "sourceIdentifier": "psirt@us.ibm.com",
"published": "2022-07-14T17:15:08.343", "published": "2022-07-14T17:15:08.343",
"lastModified": "2024-11-21T06:18:25.630", "lastModified": "2025-03-25T14:21:02.290",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -83,24 +83,24 @@
"cpeMatch": [ "cpeMatch": [
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_publishing:6.0.6:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_-_publishing:6.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "96A1CD37-BB30-46C0-AB69-28DAA115CC1E" "matchCriteriaId": "45E5E732-2A3A-4300-BC15-2591F0D1B3C6"
}, },
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_publishing:6.0.6.1:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_-_publishing:6.0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "25400833-E011-47C8-82F3-451CC15D9AFE" "matchCriteriaId": "2FB638AE-44C2-4ED0-9FEE-1EADE239BBF0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_-_publishing:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9FD252F7-F264-42CE-ACE9-41D8655220A0"
}, },
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_publishing:7.0:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_publishing:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6D2AD86D-D092-415E-A7AC-F6FC26D336D2" "matchCriteriaId": "6D2AD86D-D092-415E-A7AC-F6FC26D336D2"
}, },
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_publishing:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4BFF673F-BDEC-482B-850C-C035C589111C"
},
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_publishing:7.0.2:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_publishing:7.0.2:*:*:*:*:*:*:*",

20
CVE-2021/CVE-2021-390xx/CVE-2021-39028.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-39028", "id": "CVE-2021-39028",
"sourceIdentifier": "psirt@us.ibm.com", "sourceIdentifier": "psirt@us.ibm.com",
"published": "2022-07-14T17:15:08.387", "published": "2022-07-14T17:15:08.387",
"lastModified": "2024-11-21T06:18:27.003", "lastModified": "2025-03-25T14:21:02.290",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -83,24 +83,24 @@
"cpeMatch": [ "cpeMatch": [
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_publishing:6.0.6:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_-_publishing:6.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "96A1CD37-BB30-46C0-AB69-28DAA115CC1E" "matchCriteriaId": "45E5E732-2A3A-4300-BC15-2591F0D1B3C6"
}, },
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_publishing:6.0.6.1:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_-_publishing:6.0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "25400833-E011-47C8-82F3-451CC15D9AFE" "matchCriteriaId": "2FB638AE-44C2-4ED0-9FEE-1EADE239BBF0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_-_publishing:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9FD252F7-F264-42CE-ACE9-41D8655220A0"
}, },
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_publishing:7.0:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_publishing:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6D2AD86D-D092-415E-A7AC-F6FC26D336D2" "matchCriteriaId": "6D2AD86D-D092-415E-A7AC-F6FC26D336D2"
}, },
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_publishing:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4BFF673F-BDEC-482B-850C-C035C589111C"
},
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_publishing:7.0.2:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:ibm:engineering_lifecycle_optimization_publishing:7.0.2:*:*:*:*:*:*:*",

60
CVE-2022/CVE-2022-18xx/CVE-2022-1804.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2022-1804",
"sourceIdentifier": "security@ubuntu.com",
"published": "2025-03-25T13:15:38.703",
"lastModified": "2025-03-25T13:15:38.703",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "accountsservice no longer drops permissions when writting .pam_environment"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@ubuntu.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@ubuntu.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"references": [
{
"url": "https://bugs.launchpad.net/ubuntu/+source/accountsservice/+bug/1974250",
"source": "security@ubuntu.com"
},
{
"url": "https://ubuntu.com/security/notices/USN-5439-1",
"source": "security@ubuntu.com"
}
]
}

22
CVE-2022/CVE-2022-20xx/CVE-2022-2094.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-2094", "id": "CVE-2022-2094",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-02-08T10:15:09.157", "published": "2023-02-08T10:15:09.157",
"lastModified": "2024-11-21T07:00:18.543", "lastModified": "2025-03-25T14:15:16.653",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -32,6 +32,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
} }
] ]
}, },

32
CVE-2022/CVE-2022-305xx/CVE-2022-30564.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-30564", "id": "CVE-2022-30564",
"sourceIdentifier": "cybersecurity@dahuatech.com", "sourceIdentifier": "cybersecurity@dahuatech.com",
"published": "2023-02-09T17:15:11.607", "published": "2023-02-09T17:15:11.607",
"lastModified": "2024-11-21T07:02:56.830", "lastModified": "2025-03-25T14:15:17.410",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -32,6 +32,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 1.4 "impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
} }
] ]
}, },
@ -45,6 +65,16 @@
"value": "NVD-CWE-noinfo" "value": "NVD-CWE-noinfo"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
} }
], ],
"configurations": [ "configurations": [

22
CVE-2022/CVE-2022-435xx/CVE-2022-43550.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-43550", "id": "CVE-2022-43550",
"sourceIdentifier": "support@hackerone.com", "sourceIdentifier": "support@hackerone.com",
"published": "2023-02-09T20:15:10.873", "published": "2023-02-09T20:15:10.873",
"lastModified": "2024-11-21T07:26:45.820", "lastModified": "2025-03-25T14:15:17.913",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -32,6 +32,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
} }
] ]
}, },

22
CVE-2022/CVE-2022-445xx/CVE-2022-44566.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-44566", "id": "CVE-2022-44566",
"sourceIdentifier": "support@hackerone.com", "sourceIdentifier": "support@hackerone.com",
"published": "2023-02-09T20:15:11.017", "published": "2023-02-09T20:15:11.017",
"lastModified": "2024-11-21T07:28:08.547", "lastModified": "2025-03-25T14:15:18.393",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -32,6 +32,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
] ]
}, },

32
CVE-2022/CVE-2022-459xx/CVE-2022-45982.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-45982", "id": "CVE-2022-45982",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-02-08T21:15:10.653", "published": "2023-02-08T21:15:10.653",
"lastModified": "2024-11-21T07:30:02.610", "lastModified": "2025-03-25T14:15:18.753",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -32,6 +32,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
} }
] ]
}, },
@ -45,6 +65,16 @@
"value": "CWE-502" "value": "CWE-502"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
} }
], ],
"configurations": [ "configurations": [

22
CVE-2022/CVE-2022-474xx/CVE-2022-47416.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-47416", "id": "CVE-2022-47416",
"sourceIdentifier": "cve@rapid7.com", "sourceIdentifier": "cve@rapid7.com",
"published": "2023-02-07T22:15:10.863", "published": "2023-02-07T22:15:10.863",
"lastModified": "2024-11-21T07:31:55.120", "lastModified": "2025-03-25T14:15:18.947",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -32,6 +32,26 @@
}, },
"exploitabilityScore": 2.3, "exploitabilityScore": 2.3,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
} }
] ]
}, },

22
CVE-2022/CVE-2022-474xx/CVE-2022-47419.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-47419", "id": "CVE-2022-47419",
"sourceIdentifier": "cve@rapid7.com", "sourceIdentifier": "cve@rapid7.com",
"published": "2023-02-07T22:15:11.000", "published": "2023-02-07T22:15:11.000",
"lastModified": "2024-11-21T07:31:55.463", "lastModified": "2025-03-25T14:15:19.127",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -32,6 +32,26 @@
}, },
"exploitabilityScore": 2.3, "exploitabilityScore": 2.3,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
} }
] ]
}, },

32
CVE-2022/CVE-2022-482xx/CVE-2022-48286.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-48286", "id": "CVE-2022-48286",
"sourceIdentifier": "psirt@huawei.com", "sourceIdentifier": "psirt@huawei.com",
"published": "2023-02-09T17:15:12.237", "published": "2023-02-09T17:15:12.237",
"lastModified": "2024-11-21T07:33:05.470", "lastModified": "2025-03-25T14:15:19.297",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -32,6 +32,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
] ]
}, },
@ -45,6 +65,16 @@
"value": "NVD-CWE-noinfo" "value": "NVD-CWE-noinfo"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2022/CVE-2022-482xx/CVE-2022-48295.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-48295", "id": "CVE-2022-48295",
"sourceIdentifier": "psirt@huawei.com", "sourceIdentifier": "psirt@huawei.com",
"published": "2023-02-09T17:15:14.113", "published": "2023-02-09T17:15:14.113",
"lastModified": "2024-11-21T07:33:06.643", "lastModified": "2025-03-25T14:15:19.470",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -32,6 +32,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
] ]
}, },
@ -45,6 +65,16 @@
"value": "CWE-281" "value": "CWE-281"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-281"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2022/CVE-2022-482xx/CVE-2022-48296.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-48296", "id": "CVE-2022-48296",
"sourceIdentifier": "psirt@huawei.com", "sourceIdentifier": "psirt@huawei.com",
"published": "2023-02-09T17:15:14.337", "published": "2023-02-09T17:15:14.337",
"lastModified": "2024-11-21T07:33:06.753", "lastModified": "2025-03-25T14:15:19.630",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -32,6 +32,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 1.4 "impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
} }
] ]
}, },
@ -45,6 +65,16 @@
"value": "CWE-281" "value": "CWE-281"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-281"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2022/CVE-2022-482xx/CVE-2022-48297.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-48297", "id": "CVE-2022-48297",
"sourceIdentifier": "psirt@huawei.com", "sourceIdentifier": "psirt@huawei.com",
"published": "2023-02-09T17:15:14.490", "published": "2023-02-09T17:15:14.490",
"lastModified": "2024-11-21T07:33:06.863", "lastModified": "2025-03-25T14:15:19.790",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -32,6 +32,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
] ]
}, },
@ -45,6 +65,16 @@
"value": "CWE-1284" "value": "CWE-1284"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1284"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2022/CVE-2022-482xx/CVE-2022-48298.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-48298", "id": "CVE-2022-48298",
"sourceIdentifier": "psirt@huawei.com", "sourceIdentifier": "psirt@huawei.com",
"published": "2023-02-09T17:15:14.687", "published": "2023-02-09T17:15:14.687",
"lastModified": "2024-11-21T07:33:06.973", "lastModified": "2025-03-25T14:15:19.950",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -32,6 +32,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
] ]
}, },
@ -45,6 +65,16 @@
"value": "CWE-1284" "value": "CWE-1284"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1284"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2022/CVE-2022-482xx/CVE-2022-48299.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-48299", "id": "CVE-2022-48299",
"sourceIdentifier": "psirt@huawei.com", "sourceIdentifier": "psirt@huawei.com",
"published": "2023-02-09T17:15:14.853", "published": "2023-02-09T17:15:14.853",
"lastModified": "2024-11-21T07:33:07.090", "lastModified": "2025-03-25T14:15:20.123",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -32,6 +32,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
] ]
}, },
@ -45,6 +65,16 @@
"value": "CWE-306" "value": "CWE-306"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
} }
], ],
"configurations": [ "configurations": [

126
CVE-2022/CVE-2022-492xx/CVE-2022-49291.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49291", "id": "CVE-2022-49291",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T07:01:05.950", "published": "2025-02-26T07:01:05.950",
"lastModified": "2025-02-27T18:15:25.323", "lastModified": "2025-03-25T14:49:23.147",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,38 +51,122 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://git.kernel.org/stable/c/0090c13cbbdffd7da079ac56f80373a9a1be0bf8", "nodes": [
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" {
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.14.279",
"matchCriteriaId": "E398D278-925B-4646-9105-4FA36B6398BD"
}, },
{ {
"url": "https://git.kernel.org/stable/c/0f6947f5f5208f6ebd4d76a82a4757e2839a23f8", "vulnerable": true,
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.243",
"matchCriteriaId": "8577DA08-190B-481F-B919-ED3DAEA3E339"
}, },
{ {
"url": "https://git.kernel.org/stable/c/1bbf82d9f961414d6c76a08f7f843ea068e0ab7b", "vulnerable": true,
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.193",
"matchCriteriaId": "EA77E853-1F30-4942-8B6A-37B168460310"
}, },
{ {
"url": "https://git.kernel.org/stable/c/33061d0fba51d2bf70a2ef9645f703c33fe8e438", "vulnerable": true,
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.109",
"matchCriteriaId": "F3E1A428-8D87-4CD4-B9CA-C621B32933F8"
}, },
{ {
"url": "https://git.kernel.org/stable/c/92ee3c60ec9fe64404dc035e7c41277d74aa26cb", "vulnerable": true,
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.32",
"matchCriteriaId": "3191B916-53BD-46E6-AE21-58197D35768E"
}, },
{ {
"url": "https://git.kernel.org/stable/c/9cb6c40a6ebe4a0cfc9d6a181958211682cffea9", "vulnerable": true,
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.16.18",
"matchCriteriaId": "C86410A0-E312-4F41-93E9-929EAFB31757"
}, },
{ {
"url": "https://git.kernel.org/stable/c/a42aa926843acca96c0dfbde2e835b8137f2f092", "vulnerable": true,
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
}, "versionStartIncluding": "5.17",
{ "versionEndExcluding": "5.17.1",
"url": "https://git.kernel.org/stable/c/fbeb492694ce0441053de57699e1e2b7bc148a69", "matchCriteriaId": "3004D9BF-0093-4C9C-8560-F3E91AFAE409"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" }
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/0090c13cbbdffd7da079ac56f80373a9a1be0bf8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/0f6947f5f5208f6ebd4d76a82a4757e2839a23f8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/1bbf82d9f961414d6c76a08f7f843ea068e0ab7b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/33061d0fba51d2bf70a2ef9645f703c33fe8e438",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/92ee3c60ec9fe64404dc035e7c41277d74aa26cb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9cb6c40a6ebe4a0cfc9d6a181958211682cffea9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a42aa926843acca96c0dfbde2e835b8137f2f092",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/fbeb492694ce0441053de57699e1e2b7bc148a69",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

70
CVE-2022/CVE-2022-493xx/CVE-2022-49328.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49328", "id": "CVE-2022-49328",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T07:01:09.610", "published": "2025-02-26T07:01:09.610",
"lastModified": "2025-02-27T19:15:43.047", "lastModified": "2025-03-25T14:50:40.570",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,22 +51,66 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://git.kernel.org/stable/c/4448327b41738dbfcda680eb4935ff835568f468", "nodes": [
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" {
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.58",
"matchCriteriaId": "0DFC6E4B-8C85-4056-80F1-C9129E42FE45"
}, },
{ {
"url": "https://git.kernel.org/stable/c/51fb1278aa57ae0fc54adaa786e1965362bed4fb", "vulnerable": true,
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.17.14",
"matchCriteriaId": "15E2DD33-2255-4B76-9C15-04FF8CBAB252"
}, },
{ {
"url": "https://git.kernel.org/stable/c/d5f77f1dbb59feae81f88e44551e8e1d8a802d9a", "vulnerable": true,
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
}, "versionStartIncluding": "5.18",
{ "versionEndExcluding": "5.18.3",
"url": "https://git.kernel.org/stable/c/e55bcdd0bf34a8b10d45ce80ebb3164c5292a17d", "matchCriteriaId": "8E122216-2E9E-4B3E-B7B8-D575A45BA3C2"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" }
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/4448327b41738dbfcda680eb4935ff835568f468",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/51fb1278aa57ae0fc54adaa786e1965362bed4fb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d5f77f1dbb59feae81f88e44551e8e1d8a802d9a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e55bcdd0bf34a8b10d45ce80ebb3164c5292a17d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

140
CVE-2022/CVE-2022-493xx/CVE-2022-49349.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49349", "id": "CVE-2022-49349",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T07:01:11.623", "published": "2025-02-26T07:01:11.623",
"lastModified": "2025-02-27T19:15:43.190", "lastModified": "2025-03-25T14:51:05.100",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,42 +51,136 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://git.kernel.org/stable/c/0be698ecbe4471fcad80e81ec6a05001421041b3", "nodes": [
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" {
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.318",
"matchCriteriaId": "0D4D4067-974D-4560-8320-22FDA399E3F9"
}, },
{ {
"url": "https://git.kernel.org/stable/c/0ff38b99fa075ddd246487a28cb9af049f4ceef1", "vulnerable": true,
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.10",
"versionEndExcluding": "4.14.283",
"matchCriteriaId": "D6823775-2653-4644-A0D4-4E6E68F10C65"
}, },
{ {
"url": "https://git.kernel.org/stable/c/10801095224de0d0ab06ae60698680c1f883a3ae", "vulnerable": true,
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.247",
"matchCriteriaId": "B8CFA0F4-2D75-41F4-9753-87944A08B53B"
}, },
{ {
"url": "https://git.kernel.org/stable/c/1a3a15bf6f9963d755270cbdb282863b84839195", "vulnerable": true,
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.198",
"matchCriteriaId": "3EC49633-14DE-4EBD-BB80-76AE2E3EABB9"
}, },
{ {
"url": "https://git.kernel.org/stable/c/364380c00912bed9b5d99eb485018360b0ecf64f", "vulnerable": true,
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.121",
"matchCriteriaId": "34ACD872-E5BC-401C-93D5-B357A62426E0"
}, },
{ {
"url": "https://git.kernel.org/stable/c/4a2bea60cf7ff957b3eda0b17750d483876a02fa", "vulnerable": true,
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.46",
"matchCriteriaId": "20D41697-0E8B-4B7D-8842-F17BF2AA21E1"
}, },
{ {
"url": "https://git.kernel.org/stable/c/97f802a652a749422dede32071d29a53cf4bd034", "vulnerable": true,
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.17.14",
"matchCriteriaId": "15E2DD33-2255-4B76-9C15-04FF8CBAB252"
}, },
{ {
"url": "https://git.kernel.org/stable/c/dd887f83ea54aea5b780a84527e23ab95f777fed", "vulnerable": true,
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
}, "versionStartIncluding": "5.18",
{ "versionEndExcluding": "5.18.3",
"url": "https://git.kernel.org/stable/c/eaecf7ebfd5dd09038a80b14be46b844f54cfc5c", "matchCriteriaId": "8E122216-2E9E-4B3E-B7B8-D575A45BA3C2"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" }
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/0be698ecbe4471fcad80e81ec6a05001421041b3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/0ff38b99fa075ddd246487a28cb9af049f4ceef1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/10801095224de0d0ab06ae60698680c1f883a3ae",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/1a3a15bf6f9963d755270cbdb282863b84839195",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/364380c00912bed9b5d99eb485018360b0ecf64f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4a2bea60cf7ff957b3eda0b17750d483876a02fa",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/97f802a652a749422dede32071d29a53cf4bd034",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/dd887f83ea54aea5b780a84527e23ab95f777fed",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/eaecf7ebfd5dd09038a80b14be46b844f54cfc5c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

72
CVE-2022/CVE-2022-493xx/CVE-2022-49359.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49359", "id": "CVE-2022-49359",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T07:01:12.583", "published": "2025-02-26T07:01:12.583",
"lastModified": "2025-02-27T19:15:43.347", "lastModified": "2025-03-25T14:51:30.127",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,18 +51,72 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://git.kernel.org/stable/c/472dd7ea5e19a1aeabf1711ddc756777e05ee7c2", "nodes": [
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" {
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.10.67",
"versionEndExcluding": "5.11",
"matchCriteriaId": "7A76EA36-1A32-42E8-93FC-BF561EE04439"
}, },
{ {
"url": "https://git.kernel.org/stable/c/6e516faf04317db2c46cbec4e3b78b4653a5b109", "vulnerable": true,
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.13.19",
"versionEndExcluding": "5.14",
"matchCriteriaId": "097A0850-FAA6-4FFF-88C2-F5B49B5CE740"
}, },
{ {
"url": "https://git.kernel.org/stable/c/8c8e8cc91a6ffc79865108279a74fd57d9070a17", "vulnerable": true,
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.14.6",
"versionEndExcluding": "5.17.15",
"matchCriteriaId": "87B23815-EF6B-44C0-93AF-C7D1ABA2C903"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.18",
"versionEndExcluding": "5.18.4",
"matchCriteriaId": "FA6D643C-6D6A-4821-8A8D-B5776B8F0103"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.19:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A8C30C2D-F82D-4D37-AB48-D76ABFBD5377"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/472dd7ea5e19a1aeabf1711ddc756777e05ee7c2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6e516faf04317db2c46cbec4e3b78b4653a5b109",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8c8e8cc91a6ffc79865108279a74fd57d9070a17",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

66
CVE-2022/CVE-2022-493xx/CVE-2022-49362.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49362", "id": "CVE-2022-49362",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T07:01:12.860", "published": "2025-02-26T07:01:12.860",
"lastModified": "2025-02-27T19:15:43.487", "lastModified": "2025-03-25T14:51:55.130",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,22 +51,58 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://git.kernel.org/stable/c/261eabe19cb28e4a8587a4442d257b543d7c2d57", "nodes": [
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" {
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.18",
"versionEndExcluding": "5.18.4",
"matchCriteriaId": "FA6D643C-6D6A-4821-8A8D-B5776B8F0103"
}, },
{ {
"url": "https://git.kernel.org/stable/c/333dcc94ebf53f79f3dc0e7a7c16700bc7ff7e57", "vulnerable": true,
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "criteria": "cpe:2.3:o:linux:linux_kernel:5.19:rc1:*:*:*:*:*:*",
}, "matchCriteriaId": "A8C30C2D-F82D-4D37-AB48-D76ABFBD5377"
{ }
"url": "https://git.kernel.org/stable/c/ada1757b259f353cade47037ee0a0249b4cddad3", ]
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" }
}, ]
{ }
"url": "https://git.kernel.org/stable/c/b6c71c66b0ad8f2b59d9bc08c7a5079b110bec01", ],
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "references": [
{
"url": "https://git.kernel.org/stable/c/261eabe19cb28e4a8587a4442d257b543d7c2d57",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/333dcc94ebf53f79f3dc0e7a7c16700bc7ff7e57",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ada1757b259f353cade47037ee0a0249b4cddad3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b6c71c66b0ad8f2b59d9bc08c7a5079b110bec01",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

71
CVE-2022/CVE-2022-493xx/CVE-2022-49377.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49377", "id": "CVE-2022-49377",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T07:01:14.357", "published": "2025-02-26T07:01:14.357",
"lastModified": "2025-02-27T19:15:43.623", "lastModified": "2025-03-25T14:58:01.213",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,22 +51,67 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://git.kernel.org/stable/c/460aa288c5cd0544dcf933a2f0ad0e8c6d2d35ff", "nodes": [
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" {
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.12",
"versionEndExcluding": "5.15.47",
"matchCriteriaId": "E8CE53EB-22BF-479D-A782-6BDD74CD210E"
}, },
{ {
"url": "https://git.kernel.org/stable/c/5d05426e2d5fd7df8afc866b78c36b37b00188b7", "vulnerable": true,
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.17.15",
"matchCriteriaId": "53E7AA2E-2FB4-45CA-A22B-08B4EDBB51AD"
}, },
{ {
"url": "https://git.kernel.org/stable/c/70fdd922c7bf8949f8df109cf2635dff64c90392", "vulnerable": true,
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
}, "versionStartIncluding": "5.18",
{ "versionEndExcluding": "5.18.4",
"url": "https://git.kernel.org/stable/c/b140bac470b4f707cda59c7266214246238661df", "matchCriteriaId": "FA6D643C-6D6A-4821-8A8D-B5776B8F0103"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" }
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/460aa288c5cd0544dcf933a2f0ad0e8c6d2d35ff",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5d05426e2d5fd7df8afc866b78c36b37b00188b7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/70fdd922c7bf8949f8df109cf2635dff64c90392",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b140bac470b4f707cda59c7266214246238661df",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

99
CVE-2022/CVE-2022-493xx/CVE-2022-49385.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49385", "id": "CVE-2022-49385",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T07:01:15.103", "published": "2025-02-26T07:01:15.103",
"lastModified": "2025-02-27T18:15:25.503", "lastModified": "2025-03-25T14:58:25.690",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,30 +51,95 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://git.kernel.org/stable/c/310862e574001a97ad02272bac0fd13f75f42a27", "nodes": [
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" {
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.9",
"versionEndExcluding": "5.4.198",
"matchCriteriaId": "289EB399-F22E-4F49-A013-FDAA898FE70E"
}, },
{ {
"url": "https://git.kernel.org/stable/c/5389101257828d1913d713d9a40acbe14f5961df", "vulnerable": true,
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.122",
"matchCriteriaId": "1B42AA01-44D8-4572-95E6-FF8E374CF9C5"
}, },
{ {
"url": "https://git.kernel.org/stable/c/5d709f58c743166fe1c6914b9de0ae8868600d9b", "vulnerable": true,
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.47",
"matchCriteriaId": "FC042EE3-4864-4325-BE0B-4BCDBF11AA61"
}, },
{ {
"url": "https://git.kernel.org/stable/c/823f24f2e329babd0330200d0b74882516fe57f4", "vulnerable": true,
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.17.15",
"matchCriteriaId": "53E7AA2E-2FB4-45CA-A22B-08B4EDBB51AD"
}, },
{ {
"url": "https://git.kernel.org/stable/c/c059665c84feab46b7173d3a1bf36c2fb7f9df86", "vulnerable": true,
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
}, "versionStartIncluding": "5.18",
{ "versionEndExcluding": "5.18.4",
"url": "https://git.kernel.org/stable/c/cdf1a683a01583bca4b618dd16223cbd6e462e21", "matchCriteriaId": "FA6D643C-6D6A-4821-8A8D-B5776B8F0103"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" }
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/310862e574001a97ad02272bac0fd13f75f42a27",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5389101257828d1913d713d9a40acbe14f5961df",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5d709f58c743166fe1c6914b9de0ae8868600d9b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/823f24f2e329babd0330200d0b74882516fe57f4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c059665c84feab46b7173d3a1bf36c2fb7f9df86",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/cdf1a683a01583bca4b618dd16223cbd6e462e21",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

127
CVE-2022/CVE-2022-493xx/CVE-2022-49388.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49388", "id": "CVE-2022-49388",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T07:01:15.430", "published": "2025-02-26T07:01:15.430",
"lastModified": "2025-02-27T18:15:25.670", "lastModified": "2025-03-25T14:59:13.997",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,38 +51,123 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://git.kernel.org/stable/c/1174ab8ba36a48025b68b5ff1085000b1e510217", "nodes": [
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" {
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.12",
"versionEndExcluding": "4.14.283",
"matchCriteriaId": "C1826012-E991-4F57-B5A8-B3B6949796C0"
}, },
{ {
"url": "https://git.kernel.org/stable/c/25ff1e3a1351c0d936dd1ac2f9e58231ea1510c9", "vulnerable": true,
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.247",
"matchCriteriaId": "B8CFA0F4-2D75-41F4-9753-87944A08B53B"
}, },
{ {
"url": "https://git.kernel.org/stable/c/5ff2514e4fb55dcf3d88294686040ca73ea0c1a2", "vulnerable": true,
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.198",
"matchCriteriaId": "3EC49633-14DE-4EBD-BB80-76AE2E3EABB9"
}, },
{ {
"url": "https://git.kernel.org/stable/c/6d8d3f68cbecfd31925796f0fb668eb21ab06734", "vulnerable": true,
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.122",
"matchCriteriaId": "1B42AA01-44D8-4572-95E6-FF8E374CF9C5"
}, },
{ {
"url": "https://git.kernel.org/stable/c/8302620aeb940f386817321d272b12411ae7d39f", "vulnerable": true,
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.47",
"matchCriteriaId": "FC042EE3-4864-4325-BE0B-4BCDBF11AA61"
}, },
{ {
"url": "https://git.kernel.org/stable/c/8c03a1c21d72210f81cb369cc528e3fde4b45411", "vulnerable": true,
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.17.15",
"matchCriteriaId": "53E7AA2E-2FB4-45CA-A22B-08B4EDBB51AD"
}, },
{ {
"url": "https://git.kernel.org/stable/c/abb67043060f2bf4c03d7c3debb9ae980e2b6db3", "vulnerable": true,
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
}, "versionStartIncluding": "5.18",
{ "versionEndExcluding": "5.18.4",
"url": "https://git.kernel.org/stable/c/e27ecf325e51abd06aaefba57a6322a46fa4178b", "matchCriteriaId": "FA6D643C-6D6A-4821-8A8D-B5776B8F0103"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" }
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/1174ab8ba36a48025b68b5ff1085000b1e510217",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/25ff1e3a1351c0d936dd1ac2f9e58231ea1510c9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5ff2514e4fb55dcf3d88294686040ca73ea0c1a2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6d8d3f68cbecfd31925796f0fb668eb21ab06734",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8302620aeb940f386817321d272b12411ae7d39f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8c03a1c21d72210f81cb369cc528e3fde4b45411",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/abb67043060f2bf4c03d7c3debb9ae980e2b6db3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e27ecf325e51abd06aaefba57a6322a46fa4178b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

67
CVE-2022/CVE-2022-493xx/CVE-2022-49390.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49390", "id": "CVE-2022-49390",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T07:01:15.620", "published": "2025-02-26T07:01:15.620",
"lastModified": "2025-02-27T18:15:25.843", "lastModified": "2025-03-25T13:48:09.850",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,18 +51,67 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://git.kernel.org/stable/c/196a888ca6571deb344468e1d7138e3273206335", "nodes": [
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" {
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.14.154",
"versionEndExcluding": "4.15",
"matchCriteriaId": "344FEFB4-E393-4E04-905A-4734AC267EC1"
}, },
{ {
"url": "https://git.kernel.org/stable/c/78933cbc143b82d02330e00900d2fd08f2682f4e", "vulnerable": true,
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.19.84",
"versionEndExcluding": "4.20",
"matchCriteriaId": "B7EACEB9-7173-47F4-83A4-AE06CE74D78B"
}, },
{ {
"url": "https://git.kernel.org/stable/c/d130282179aa6051449ac8f8df1115769998a665", "vulnerable": true,
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.3.11",
"versionEndExcluding": "5.17.15",
"matchCriteriaId": "ADA13345-8170-4521-B0CB-44DDF2C0713F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.18",
"versionEndExcluding": "5.18.3",
"matchCriteriaId": "8E122216-2E9E-4B3E-B7B8-D575A45BA3C2"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/196a888ca6571deb344468e1d7138e3273206335",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/78933cbc143b82d02330e00900d2fd08f2682f4e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d130282179aa6051449ac8f8df1115769998a665",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

99
CVE-2022/CVE-2022-494xx/CVE-2022-49411.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49411", "id": "CVE-2022-49411",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T07:01:17.613", "published": "2025-02-26T07:01:17.613",
"lastModified": "2025-03-05T22:15:34.580", "lastModified": "2025-03-25T13:42:10.430",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,30 +51,95 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://git.kernel.org/stable/c/075a53b78b815301f8d3dd1ee2cd99554e34f0dd", "nodes": [
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" {
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.12",
"versionEndExcluding": "5.4.198",
"matchCriteriaId": "05A83EED-420E-4720-92F3-563C3AB9A2E5"
}, },
{ {
"url": "https://git.kernel.org/stable/c/51f724bffa3403a5236597e6b75df7329c1ec6e9", "vulnerable": true,
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.121",
"matchCriteriaId": "34ACD872-E5BC-401C-93D5-B357A62426E0"
}, },
{ {
"url": "https://git.kernel.org/stable/c/6ee0868b0c3ccead5907685fcdcdd0c08dfe4b0b", "vulnerable": true,
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.46",
"matchCriteriaId": "20D41697-0E8B-4B7D-8842-F17BF2AA21E1"
}, },
{ {
"url": "https://git.kernel.org/stable/c/7781c38552e6cc54ed8e9040279561340516b881", "vulnerable": true,
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.17.14",
"matchCriteriaId": "15E2DD33-2255-4B76-9C15-04FF8CBAB252"
}, },
{ {
"url": "https://git.kernel.org/stable/c/97bd6c56bdcb41079e488e31df56809e3b2ce628", "vulnerable": true,
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
}, "versionStartIncluding": "5.18",
{ "versionEndExcluding": "5.18.3",
"url": "https://git.kernel.org/stable/c/ccddf8cd411c1800863ed357064e56ceffd356bb", "matchCriteriaId": "8E122216-2E9E-4B3E-B7B8-D575A45BA3C2"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" }
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/075a53b78b815301f8d3dd1ee2cd99554e34f0dd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/51f724bffa3403a5236597e6b75df7329c1ec6e9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6ee0868b0c3ccead5907685fcdcdd0c08dfe4b0b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7781c38552e6cc54ed8e9040279561340516b881",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/97bd6c56bdcb41079e488e31df56809e3b2ce628",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ccddf8cd411c1800863ed357064e56ceffd356bb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

89
CVE-2022/CVE-2022-496xx/CVE-2022-49696.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49696", "id": "CVE-2022-49696",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T07:01:44.357", "published": "2025-02-26T07:01:44.357",
"lastModified": "2025-02-27T19:15:46.720", "lastModified": "2025-03-25T13:39:35.560",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,22 +51,89 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://git.kernel.org/stable/c/361c5521c1e49843b710f455cae3c0a50b714323", "nodes": [
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" {
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.4.83",
"versionEndExcluding": "5.5",
"matchCriteriaId": "89DFEADE-E552-4D59-BEA8-8CDC23D1DBEE"
}, },
{ {
"url": "https://git.kernel.org/stable/c/8b246ddd394d7d9640816611693b0096b998e27a", "vulnerable": true,
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.9.14",
"versionEndExcluding": "5.10.127",
"matchCriteriaId": "AA01C0B2-1717-4416-AE10-348629F36041"
}, },
{ {
"url": "https://git.kernel.org/stable/c/911600bf5a5e84bfda4d33ee32acc75ecf6159f0", "vulnerable": true,
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.51",
"matchCriteriaId": "B43F7696-8D52-482D-9080-84279B0CB38C"
}, },
{ {
"url": "https://git.kernel.org/stable/c/cd7789e659e84f137631dc1f5ec8d794f2700e6c", "vulnerable": true,
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.18.8",
"matchCriteriaId": "0172D3FA-DDEB-482A-A270-4A1495A8798C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.19:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A8C30C2D-F82D-4D37-AB48-D76ABFBD5377"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.19:rc2:*:*:*:*:*:*",
"matchCriteriaId": "BF8547FC-C849-4F1B-804B-A93AE2F04A92"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.19:rc3:*:*:*:*:*:*",
"matchCriteriaId": "F3068028-F453-4A1C-B80F-3F5609ACEF60"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/361c5521c1e49843b710f455cae3c0a50b714323",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8b246ddd394d7d9640816611693b0096b998e27a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/911600bf5a5e84bfda4d33ee32acc75ecf6159f0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/cd7789e659e84f137631dc1f5ec8d794f2700e6c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

138
CVE-2022/CVE-2022-497xx/CVE-2022-49700.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49700", "id": "CVE-2022-49700",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T07:01:44.740", "published": "2025-02-26T07:01:44.740",
"lastModified": "2025-02-27T19:15:46.863", "lastModified": "2025-03-25T13:37:51.227",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -51,38 +51,138 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://git.kernel.org/stable/c/0515cc9b6b24877f59b222ade704bfaa42caa2a6", "nodes": [
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" {
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.1",
"versionEndExcluding": "4.9.323",
"matchCriteriaId": "2B9BA632-0605-4759-8828-79C0E7F757FD"
}, },
{ {
"url": "https://git.kernel.org/stable/c/197e257da473c725dfe47759c3ee02f2398d8ea5", "vulnerable": true,
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.10",
"versionEndExcluding": "4.14.288",
"matchCriteriaId": "11E86C4E-715B-4E25-81E9-2FD98431E3FA"
}, },
{ {
"url": "https://git.kernel.org/stable/c/308c6d0e1f200fd26c71270c6e6bfcf0fc6ff082", "vulnerable": true,
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.252",
"matchCriteriaId": "2CC8E927-649A-40AD-AB62-F7EE444BEF0F"
}, },
{ {
"url": "https://git.kernel.org/stable/c/6c32496964da0dc230cea763a0e934b2e02dabd5", "vulnerable": true,
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.205",
"matchCriteriaId": "844199C4-DEBE-4DA1-AB77-5A7984F9393B"
}, },
{ {
"url": "https://git.kernel.org/stable/c/d6a597450e686d4c6388bd3cdcb17224b4dae7f0", "vulnerable": true,
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.130",
"matchCriteriaId": "8BF24898-7C80-443F-93F3-F82029BBFF72"
}, },
{ {
"url": "https://git.kernel.org/stable/c/e2b2f0e2e34d71ae6c2a1114fd3c525930e84bc7", "vulnerable": true,
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.54",
"matchCriteriaId": "B2197EF1-3D9C-4EBA-9F94-6C8668E719B6"
}, },
{ {
"url": "https://git.kernel.org/stable/c/e7e3e90d671078455a3a08189f89d85b3da2de9e", "vulnerable": true,
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.18.8",
"matchCriteriaId": "0172D3FA-DDEB-482A-A270-4A1495A8798C"
}, },
{ {
"url": "https://git.kernel.org/stable/c/eeaa345e128515135ccb864c04482180c08e3259", "vulnerable": true,
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "criteria": "cpe:2.3:o:linux:linux_kernel:5.19:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A8C30C2D-F82D-4D37-AB48-D76ABFBD5377"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.19:rc2:*:*:*:*:*:*",
"matchCriteriaId": "BF8547FC-C849-4F1B-804B-A93AE2F04A92"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.19:rc3:*:*:*:*:*:*",
"matchCriteriaId": "F3068028-F453-4A1C-B80F-3F5609ACEF60"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/0515cc9b6b24877f59b222ade704bfaa42caa2a6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/197e257da473c725dfe47759c3ee02f2398d8ea5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/308c6d0e1f200fd26c71270c6e6bfcf0fc6ff082",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6c32496964da0dc230cea763a0e934b2e02dabd5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d6a597450e686d4c6388bd3cdcb17224b4dae7f0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e2b2f0e2e34d71ae6c2a1114fd3c525930e84bc7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e7e3e90d671078455a3a08189f89d85b3da2de9e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/eeaa345e128515135ccb864c04482180c08e3259",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

22
CVE-2023/CVE-2023-07xx/CVE-2023-0751.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-0751", "id": "CVE-2023-0751",
"sourceIdentifier": "secteam@freebsd.org", "sourceIdentifier": "secteam@freebsd.org",
"published": "2023-02-08T20:15:24.377", "published": "2023-02-08T20:15:24.377",
"lastModified": "2024-11-21T07:37:45.253", "lastModified": "2025-03-25T14:15:20.480",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -32,6 +32,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
} }
] ]
}, },

22
CVE-2023/CVE-2023-227xx/CVE-2023-22798.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-22798", "id": "CVE-2023-22798",
"sourceIdentifier": "support@hackerone.com", "sourceIdentifier": "support@hackerone.com",
"published": "2023-02-09T20:15:11.613", "published": "2023-02-09T20:15:11.613",
"lastModified": "2024-11-21T07:45:26.777", "lastModified": "2025-03-25T14:15:20.660",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -32,6 +32,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
} }
] ]
}, },

14
CVE-2023/CVE-2023-282xx/CVE-2023-28207.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28207", "id": "CVE-2023-28207",
"sourceIdentifier": "product-security@apple.com", "sourceIdentifier": "product-security@apple.com",
"published": "2025-03-21T01:15:12.240", "published": "2025-03-21T01:15:12.240",
"lastModified": "2025-03-24T15:09:20.773", "lastModified": "2025-03-25T13:15:39.417",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -49,6 +49,16 @@
"value": "NVD-CWE-noinfo" "value": "NVD-CWE-noinfo"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-277"
}
]
} }
], ],
"configurations": [ "configurations": [

14
CVE-2023/CVE-2023-525xx/CVE-2023-52538.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-52538", "id": "CVE-2023-52538",
"sourceIdentifier": "psirt@huawei.com", "sourceIdentifier": "psirt@huawei.com",
"published": "2024-04-08T09:15:08.453", "published": "2024-04-08T09:15:08.453",
"lastModified": "2025-03-13T15:45:54.530", "lastModified": "2025-03-25T14:15:21.010",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -49,6 +49,16 @@
"value": "CWE-347" "value": "CWE-347"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
} }
], ],
"configurations": [ "configurations": [

100
CVE-2024/CVE-2024-100xx/CVE-2024-10037.json Normal file
View File

@ -0,0 +1,100 @@
{
"id": "CVE-2024-10037",
"sourceIdentifier": "cybersecurity@hitachienergy.com",
"published": "2025-03-25T13:15:39.673",
"lastModified": "2025-03-25T13:15:39.673",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability exists in the RTU500 web server component that can cause a denial of service to the RTU500 CMU application if a specially crafted message sequence is executed on a WebSocket connection.\nAn attacker must be properly authenticated and the test mode function of RTU500 must be enabled to exploit this vulnerability.\n\nThe affected CMU will automatically recover itself if an attacker successfully exploits this vulnerability."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cybersecurity@hitachienergy.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:A/V:X/RE:X/U:X",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "AUTOMATIC",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cybersecurity@hitachienergy.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.7,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "cybersecurity@hitachienergy.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"references": [
{
"url": "https://publisher.hitachienergy.com/preview?DocumentId=8DBD000207&languageCode=en&Preview=true",
"source": "cybersecurity@hitachienergy.com"
}
]
}

27
CVE-2024/CVE-2024-101xx/CVE-2024-10105.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-10105", "id": "CVE-2024-10105",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2025-03-25T06:15:36.350", "published": "2025-03-25T06:15:36.350",
"lastModified": "2025-03-25T06:15:36.350", "lastModified": "2025-03-25T14:15:21.207",
"vulnStatus": "Received", "vulnStatus": "Received",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -11,7 +11,30 @@
"value": "The Job Postings WordPress plugin before 2.7.11 does not sanitise and escape some of its settings, which could allow high privilege users such as contributor to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)." "value": "The Job Postings WordPress plugin before 2.7.11 does not sanitise and escape some of its settings, which could allow high privilege users such as contributor to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"references": [ "references": [
{ {
"url": "https://wpscan.com/vulnerability/4477db12-26e9-4c6d-8b71-f3f6a0d19813/", "url": "https://wpscan.com/vulnerability/4477db12-26e9-4c6d-8b71-f3f6a0d19813/",

27
CVE-2024/CVE-2024-104xx/CVE-2024-10472.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-10472", "id": "CVE-2024-10472",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2025-03-25T06:15:37.750", "published": "2025-03-25T06:15:37.750",
"lastModified": "2025-03-25T06:15:37.750", "lastModified": "2025-03-25T14:15:21.510",
"vulnStatus": "Received", "vulnStatus": "Received",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -11,7 +11,30 @@
"value": "The Stylish Price List WordPress plugin before 7.1.12 does not sanitise and escape some of its settings, which could allow high privilege users such as contributor to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)." "value": "The Stylish Price List WordPress plugin before 7.1.12 does not sanitise and escape some of its settings, which could allow high privilege users such as contributor to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"references": [ "references": [
{ {
"url": "https://wpscan.com/vulnerability/d79e5c05-26d0-4223-891f-42ac9fb6ef6e/", "url": "https://wpscan.com/vulnerability/d79e5c05-26d0-4223-891f-42ac9fb6ef6e/",

27
CVE-2024/CVE-2024-105xx/CVE-2024-10554.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-10554", "id": "CVE-2024-10554",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2025-03-25T06:15:37.847", "published": "2025-03-25T06:15:37.847",
"lastModified": "2025-03-25T06:15:37.847", "lastModified": "2025-03-25T14:15:21.650",
"vulnStatus": "Received", "vulnStatus": "Received",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -11,7 +11,30 @@
"value": "The WordPress WP-Advanced-Search WordPress plugin before 3.3.9.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)." "value": "The WordPress WP-Advanced-Search WordPress plugin before 3.3.9.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N",
"baseScore": 3.5,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 0.9,
"impactScore": 2.5
}
]
},
"references": [ "references": [
{ {
"url": "https://wpscan.com/vulnerability/7c15b082-caa5-4cf2-9986-2eb519dcb7c5/", "url": "https://wpscan.com/vulnerability/7c15b082-caa5-4cf2-9986-2eb519dcb7c5/",

27
CVE-2024/CVE-2024-105xx/CVE-2024-10560.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-10560", "id": "CVE-2024-10560",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2025-03-25T06:15:37.947", "published": "2025-03-25T06:15:37.947",
"lastModified": "2025-03-25T06:15:37.947", "lastModified": "2025-03-25T14:15:21.790",
"vulnStatus": "Received", "vulnStatus": "Received",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -11,7 +11,30 @@
"value": "The Form Maker by 10Web WordPress plugin before 1.15.30 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)." "value": "The Form Maker by 10Web WordPress plugin before 1.15.30 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N",
"baseScore": 3.5,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 0.9,
"impactScore": 2.5
}
]
},
"references": [ "references": [
{ {
"url": "https://wpscan.com/vulnerability/80298c89-544d-4894-a837-253f5f26cf42/", "url": "https://wpscan.com/vulnerability/80298c89-544d-4894-a837-253f5f26cf42/",

27
CVE-2024/CVE-2024-105xx/CVE-2024-10565.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-10565", "id": "CVE-2024-10565",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2025-03-25T06:15:38.053", "published": "2025-03-25T06:15:38.053",
"lastModified": "2025-03-25T06:15:38.053", "lastModified": "2025-03-25T14:15:21.930",
"vulnStatus": "Received", "vulnStatus": "Received",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -11,7 +11,30 @@
"value": "The Slider by 10Web WordPress plugin before 1.2.62 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)." "value": "The Slider by 10Web WordPress plugin before 1.2.62 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"references": [ "references": [
{ {
"url": "https://wpscan.com/vulnerability/4ef05302-a6ca-4816-ab0d-a4e3bf7a5e22/", "url": "https://wpscan.com/vulnerability/4ef05302-a6ca-4816-ab0d-a4e3bf7a5e22/",

27
CVE-2024/CVE-2024-105xx/CVE-2024-10566.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-10566", "id": "CVE-2024-10566",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2025-03-25T06:15:38.147", "published": "2025-03-25T06:15:38.147",
"lastModified": "2025-03-25T06:15:38.147", "lastModified": "2025-03-25T14:15:22.070",
"vulnStatus": "Received", "vulnStatus": "Received",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -11,7 +11,30 @@
"value": "The Slider by 10Web WordPress plugin before 1.2.62 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)." "value": "The Slider by 10Web WordPress plugin before 1.2.62 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"references": [ "references": [
{ {
"url": "https://wpscan.com/vulnerability/a98a7f11-4c01-4b91-8adc-465beefa310a/", "url": "https://wpscan.com/vulnerability/a98a7f11-4c01-4b91-8adc-465beefa310a/",

31
CVE-2024/CVE-2024-106xx/CVE-2024-10638.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-10638", "id": "CVE-2024-10638",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2025-03-25T06:15:38.240", "published": "2025-03-25T06:15:38.240",
"lastModified": "2025-03-25T06:15:38.240", "lastModified": "2025-03-25T14:15:22.227",
"vulnStatus": "Received", "vulnStatus": "Received",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -11,11 +11,38 @@
"value": "The Product Labels For Woocommerce (Sale Badges) WordPress plugin before 1.5.11 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks" "value": "The Product Labels For Woocommerce (Sale Badges) WordPress plugin before 1.5.11 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 1.4
}
]
},
"references": [ "references": [
{ {
"url": "https://wpscan.com/vulnerability/32a7a778-2211-45b4-bdc2-528f27b7d4fe/", "url": "https://wpscan.com/vulnerability/32a7a778-2211-45b4-bdc2-528f27b7d4fe/",
"source": "contact@wpscan.com" "source": "contact@wpscan.com"
},
{
"url": "https://wpscan.com/vulnerability/32a7a778-2211-45b4-bdc2-528f27b7d4fe/",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
} }
] ]
} }

27
CVE-2024/CVE-2024-106xx/CVE-2024-10679.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-10679", "id": "CVE-2024-10679",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2025-03-25T06:15:38.337", "published": "2025-03-25T06:15:38.337",
"lastModified": "2025-03-25T06:15:38.337", "lastModified": "2025-03-25T14:15:22.380",
"vulnStatus": "Received", "vulnStatus": "Received",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -11,7 +11,30 @@
"value": "The Quiz and Survey Master (QSM) WordPress plugin before 9.2.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)." "value": "The Quiz and Survey Master (QSM) WordPress plugin before 9.2.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"references": [ "references": [
{ {
"url": "https://wpscan.com/vulnerability/001391eb-f181-441d-b777-d9ce098ba143/", "url": "https://wpscan.com/vulnerability/001391eb-f181-441d-b777-d9ce098ba143/",

27
CVE-2024/CVE-2024-107xx/CVE-2024-10703.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-10703", "id": "CVE-2024-10703",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2025-03-25T06:15:38.440", "published": "2025-03-25T06:15:38.440",
"lastModified": "2025-03-25T06:15:38.440", "lastModified": "2025-03-25T14:15:22.513",
"vulnStatus": "Received", "vulnStatus": "Received",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -11,7 +11,30 @@
"value": "The Registrations for the Events Calendar WordPress plugin before 2.13.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)." "value": "The Registrations for the Events Calendar WordPress plugin before 2.13.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"references": [ "references": [
{ {
"url": "https://wpscan.com/vulnerability/5601ac03-09e4-4b4e-b03e-98323bd36dba/", "url": "https://wpscan.com/vulnerability/5601ac03-09e4-4b4e-b03e-98323bd36dba/",

60
CVE-2024/CVE-2024-108xx/CVE-2024-10867.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-10867", "id": "CVE-2024-10867",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2025-01-31T05:15:09.803", "published": "2025-01-31T05:15:09.803",
"lastModified": "2025-01-31T05:15:09.803", "lastModified": "2025-03-25T14:35:01.847",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -19,6 +19,26 @@
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "security@wordfence.com", "source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
@ -51,14 +71,38 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://wordpress.org/plugins/borderless/", "nodes": [
"source": "security@wordfence.com"
},
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/88b0acee-f378-487d-8ab9-96146e0cde10?source=cve", "operator": "OR",
"source": "security@wordfence.com" "negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:visualmodo:borderless:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.6.0",
"matchCriteriaId": "F5D2F180-3700-4DE9-B447-B6BBB368F278"
}
]
}
]
}
],
"references": [
{
"url": "https://wordpress.org/plugins/borderless/",
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/88b0acee-f378-487d-8ab9-96146e0cde10?source=cve",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

27
CVE-2024/CVE-2024-112xx/CVE-2024-11272.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-11272", "id": "CVE-2024-11272",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2025-03-25T06:15:38.530", "published": "2025-03-25T06:15:38.530",
"lastModified": "2025-03-25T06:15:38.530", "lastModified": "2025-03-25T14:15:22.660",
"vulnStatus": "Received", "vulnStatus": "Received",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -11,7 +11,30 @@
"value": "The Contact Form & SMTP Plugin for WordPress by PirateForms WordPress plugin before 2.6.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)." "value": "The Contact Form & SMTP Plugin for WordPress by PirateForms WordPress plugin before 2.6.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"references": [ "references": [
{ {
"url": "https://wpscan.com/vulnerability/d7a76794-bc7d-42d6-9e7d-d7b845a7f461/", "url": "https://wpscan.com/vulnerability/d7a76794-bc7d-42d6-9e7d-d7b845a7f461/",

27
CVE-2024/CVE-2024-112xx/CVE-2024-11273.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-11273", "id": "CVE-2024-11273",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2025-03-25T06:15:38.627", "published": "2025-03-25T06:15:38.627",
"lastModified": "2025-03-25T06:15:38.627", "lastModified": "2025-03-25T14:15:22.820",
"vulnStatus": "Received", "vulnStatus": "Received",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -11,7 +11,30 @@
"value": "The Contact Form & SMTP Plugin for WordPress by PirateForms WordPress plugin before 2.6.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)." "value": "The Contact Form & SMTP Plugin for WordPress by PirateForms WordPress plugin before 2.6.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"references": [ "references": [
{ {
"url": "https://wpscan.com/vulnerability/d1049a83-1298-4c8c-aeac-0055110d38fb/", "url": "https://wpscan.com/vulnerability/d1049a83-1298-4c8c-aeac-0055110d38fb/",

100
CVE-2024/CVE-2024-114xx/CVE-2024-11499.json Normal file
View File

@ -0,0 +1,100 @@
{
"id": "CVE-2024-11499",
"sourceIdentifier": "cybersecurity@hitachienergy.com",
"published": "2025-03-25T13:15:39.890",
"lastModified": "2025-03-25T13:15:39.890",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability exists in RTU500 IEC 60870-4-104 controlled station functionality, that allows an authenticated and authorized attacker to perform a CMU restart. The vulnerability can be triggered if certificates are updated while in use on active connections.\n\nThe affected CMU will automatically recover itself if an attacker successfully exploits this vulnerability."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cybersecurity@hitachienergy.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:A/V:X/RE:X/U:X",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "AUTOMATIC",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cybersecurity@hitachienergy.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "cybersecurity@hitachienergy.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"references": [
{
"url": "https://publisher.hitachienergy.com/preview?DocumentId=8DBD000207&languageCode=en&Preview=true",
"source": "cybersecurity@hitachienergy.com"
}
]
}

27
CVE-2024/CVE-2024-115xx/CVE-2024-11503.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-11503", "id": "CVE-2024-11503",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2025-03-25T06:15:38.720", "published": "2025-03-25T06:15:38.720",
"lastModified": "2025-03-25T06:15:38.720", "lastModified": "2025-03-25T14:15:23.033",
"vulnStatus": "Received", "vulnStatus": "Received",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -11,7 +11,30 @@
"value": "The WP Tabs WordPress plugin before 2.2.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)." "value": "The WP Tabs WordPress plugin before 2.2.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"references": [ "references": [
{ {
"url": "https://wpscan.com/vulnerability/25592b6c-b9ab-4d9e-b314-091594ce9189/", "url": "https://wpscan.com/vulnerability/25592b6c-b9ab-4d9e-b314-091594ce9189/",

31
CVE-2024/CVE-2024-121xx/CVE-2024-12109.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-12109", "id": "CVE-2024-12109",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2025-03-25T06:15:38.823", "published": "2025-03-25T06:15:38.823",
"lastModified": "2025-03-25T06:15:38.823", "lastModified": "2025-03-25T14:15:23.170",
"vulnStatus": "Received", "vulnStatus": "Received",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -11,11 +11,38 @@
"value": "The Product Labels For Woocommerce (Sale Badges) WordPress plugin before 1.5.9 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks" "value": "The Product Labels For Woocommerce (Sale Badges) WordPress plugin before 1.5.9 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 1.4
}
]
},
"references": [ "references": [
{ {
"url": "https://wpscan.com/vulnerability/2eca2f88-c843-4794-8cd9-46f17c92753a/", "url": "https://wpscan.com/vulnerability/2eca2f88-c843-4794-8cd9-46f17c92753a/",
"source": "contact@wpscan.com" "source": "contact@wpscan.com"
},
{
"url": "https://wpscan.com/vulnerability/2eca2f88-c843-4794-8cd9-46f17c92753a/",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
} }
] ]
} }

88
CVE-2024/CVE-2024-121xx/CVE-2024-12169.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2024-12169",
"sourceIdentifier": "cybersecurity@hitachienergy.com",
"published": "2025-03-25T13:15:40.050",
"lastModified": "2025-03-25T13:15:40.050",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability exists in RTU500 IEC 60870-5-104 controlled station functionality and IEC 61850 functionality, that allows an attacker performing a specific attack sequence to restart the affected CMU. This vulnerability only applies, if secure communication using IEC 62351-3 (TLS) is enabled."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cybersecurity@hitachienergy.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:A/V:X/RE:X/U:X",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "AUTOMATIC",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cybersecurity@hitachienergy.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://publisher.hitachienergy.com/preview?DocumentId=8DBD000207&languageCode=en&Preview=true",
"source": "cybersecurity@hitachienergy.com"
}
]
}

27
CVE-2024/CVE-2024-125xx/CVE-2024-12586.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-12586", "id": "CVE-2024-12586",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2025-02-13T06:15:20.607", "published": "2025-02-13T06:15:20.607",
"lastModified": "2025-02-18T18:15:15.673", "lastModified": "2025-03-25T14:15:23.370",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,30 @@
"value": "El complemento Chalet-Montagne.com Tools de WordPress hasta la versi\u00f3n 2.7.8 no depura ni escapa un par\u00e1metro antes de mostrarlo nuevamente en la p\u00e1gina, lo que genera un Cross-Site Scripting Reflejado que podr\u00eda usarse contra usuarios con privilegios altos, como el administrador." "value": "El complemento Chalet-Montagne.com Tools de WordPress hasta la versi\u00f3n 2.7.8 no depura ni escapa un par\u00e1metro antes de mostrarlo nuevamente en la p\u00e1gina, lo que genera un Cross-Site Scripting Reflejado que podr\u00eda usarse contra usuarios con privilegios altos, como el administrador."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"references": [ "references": [
{ {
"url": "https://wpscan.com/vulnerability/2ce05a44-762b-4aaf-b88a-92c830fd8ec4/", "url": "https://wpscan.com/vulnerability/2ce05a44-762b-4aaf-b88a-92c830fd8ec4/",

27
CVE-2024/CVE-2024-126xx/CVE-2024-12682.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-12682", "id": "CVE-2024-12682",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2025-03-25T06:15:38.993", "published": "2025-03-25T06:15:38.993",
"lastModified": "2025-03-25T06:15:38.993", "lastModified": "2025-03-25T14:15:23.513",
"vulnStatus": "Received", "vulnStatus": "Received",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -11,7 +11,30 @@
"value": "The Smart Maintenance Mode WordPress plugin before 1.5.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)." "value": "The Smart Maintenance Mode WordPress plugin before 1.5.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"references": [ "references": [
{ {
"url": "https://wpscan.com/vulnerability/79d0a139-0fb3-4a4b-ac33-80cbc6cb3831/", "url": "https://wpscan.com/vulnerability/79d0a139-0fb3-4a4b-ac33-80cbc6cb3831/",

27
CVE-2024/CVE-2024-127xx/CVE-2024-12769.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-12769", "id": "CVE-2024-12769",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2025-03-25T06:15:39.120", "published": "2025-03-25T06:15:39.120",
"lastModified": "2025-03-25T06:15:39.120", "lastModified": "2025-03-25T14:15:23.663",
"vulnStatus": "Received", "vulnStatus": "Received",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -11,7 +11,30 @@
"value": "The Simple Banner WordPress plugin before 3.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)." "value": "The Simple Banner WordPress plugin before 3.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N",
"baseScore": 3.5,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 0.9,
"impactScore": 2.5
}
]
},
"references": [ "references": [
{ {
"url": "https://wpscan.com/vulnerability/02b5c1a8-cf2a-4378-bfda-84d841d88a18/", "url": "https://wpscan.com/vulnerability/02b5c1a8-cf2a-4378-bfda-84d841d88a18/",

27
CVE-2024/CVE-2024-131xx/CVE-2024-13118.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-13118", "id": "CVE-2024-13118",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2025-03-25T06:15:39.213", "published": "2025-03-25T06:15:39.213",
"lastModified": "2025-03-25T06:15:39.213", "lastModified": "2025-03-25T14:15:23.797",
"vulnStatus": "Received", "vulnStatus": "Received",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -11,7 +11,30 @@
"value": "The IP Based Login WordPress plugin before 2.4.1 does not have CSRF checks in some places, which could allow attackers to make logged in users delete all logs via a CSRF attack" "value": "The IP Based Login WordPress plugin before 2.4.1 does not have CSRF checks in some places, which could allow attackers to make logged in users delete all logs via a CSRF attack"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"references": [ "references": [
{ {
"url": "https://wpscan.com/vulnerability/eba6f98e-b931-4f02-b190-ca855a674839/", "url": "https://wpscan.com/vulnerability/eba6f98e-b931-4f02-b190-ca855a674839/",

27
CVE-2024/CVE-2024-131xx/CVE-2024-13122.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-13122", "id": "CVE-2024-13122",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2025-03-25T06:15:39.310", "published": "2025-03-25T06:15:39.310",
"lastModified": "2025-03-25T06:15:39.310", "lastModified": "2025-03-25T14:15:23.943",
"vulnStatus": "Received", "vulnStatus": "Received",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -11,7 +11,30 @@
"value": "The AFI WordPress plugin before 1.100.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)." "value": "The AFI WordPress plugin before 1.100.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N",
"baseScore": 3.5,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 0.9,
"impactScore": 2.5
}
]
},
"references": [ "references": [
{ {
"url": "https://wpscan.com/vulnerability/512721cb-e544-4d26-87ca-43d83e77f8e4/", "url": "https://wpscan.com/vulnerability/512721cb-e544-4d26-87ca-43d83e77f8e4/",

27
CVE-2024/CVE-2024-131xx/CVE-2024-13123.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-13123", "id": "CVE-2024-13123",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2025-03-25T06:15:39.410", "published": "2025-03-25T06:15:39.410",
"lastModified": "2025-03-25T06:15:39.410", "lastModified": "2025-03-25T14:15:24.083",
"vulnStatus": "Received", "vulnStatus": "Received",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -11,7 +11,30 @@
"value": "The AFI WordPress plugin before 1.100.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)." "value": "The AFI WordPress plugin before 1.100.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N",
"baseScore": 3.5,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 0.9,
"impactScore": 2.5
}
]
},
"references": [ "references": [
{ {
"url": "https://wpscan.com/vulnerability/417178de-17ff-438c-a36c-b90db6486a46/", "url": "https://wpscan.com/vulnerability/417178de-17ff-438c-a36c-b90db6486a46/",

72
CVE-2024/CVE-2024-132xx/CVE-2024-13217.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-13217", "id": "CVE-2024-13217",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2025-02-27T12:15:34.857", "published": "2025-02-27T12:15:34.857",
"lastModified": "2025-02-27T12:15:34.857", "lastModified": "2025-03-25T13:29:59.130",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -19,6 +19,26 @@
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "security@wordfence.com", "source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
@ -49,24 +69,64 @@
"value": "CWE-359" "value": "CWE-359"
} }
] ]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jegtheme:jeg_elementor_kit:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.6.11",
"matchCriteriaId": "448AD0E3-01DB-4728-ABAA-FBCC5A89BBB2"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://plugins.trac.wordpress.org/browser/jeg-elementor-kit/trunk/class/elements/views/class-countdown-view.php#L107", "url": "https://plugins.trac.wordpress.org/browser/jeg-elementor-kit/trunk/class/elements/views/class-countdown-view.php#L107",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Product"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/browser/jeg-elementor-kit/trunk/class/elements/views/class-off-canvas-view.php#L25", "url": "https://plugins.trac.wordpress.org/browser/jeg-elementor-kit/trunk/class/elements/views/class-off-canvas-view.php#L25",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Product"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/changeset/3246154/", "url": "https://plugins.trac.wordpress.org/changeset/3246154/",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2136cad8-6b0b-4458-a357-6e98f1ac3e0b?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2136cad8-6b0b-4458-a357-6e98f1ac3e0b?source=cve",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

39
CVE-2024/CVE-2024-271xx/CVE-2024-27185.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-27185", "id": "CVE-2024-27185",
"sourceIdentifier": "security@joomla.org", "sourceIdentifier": "security@joomla.org",
"published": "2024-08-20T16:15:10.840", "published": "2024-08-20T16:15:10.840",
"lastModified": "2025-01-09T20:15:37.793", "lastModified": "2025-03-25T14:15:24.320",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,42 @@
"value": "La clase de paginaci\u00f3n incluye par\u00e1metros arbitrarios en los enlaces, lo que genera vectores de ataque de envenenamiento de cach\u00e9." "value": "La clase de paginaci\u00f3n incluye par\u00e1metros arbitrarios en los enlaces, lo que genera vectores de ataque de envenenamiento de cach\u00e9."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-444"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://developer.joomla.org/security-centre/942-20240802-core-cache-poisoning-in-pagination.html", "url": "https://developer.joomla.org/security-centre/942-20240802-core-cache-poisoning-in-pagination.html",

12
CVE-2024/CVE-2024-273xx/CVE-2024-27376.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-27376", "id": "CVE-2024-27376",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-06-05T19:15:13.767", "published": "2024-06-05T19:15:13.767",
"lastModified": "2024-11-21T09:04:28.803", "lastModified": "2025-03-25T14:15:24.477",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-787" "value": "CWE-787"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
} }
], ],
"configurations": [ "configurations": [

39
CVE-2024/CVE-2024-295xx/CVE-2024-29500.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-29500", "id": "CVE-2024-29500",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-04-10T20:15:07.510", "published": "2024-04-10T20:15:07.510",
"lastModified": "2025-02-21T17:15:11.583", "lastModified": "2025-03-25T14:15:24.673",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,42 @@
"value": "Un problema en el modo quiosco de Secure Lockdown Multi Application Edition v2.00.219 permite a los atacantes ejecutar c\u00f3digo arbitrario ejecutando una instancia de aplicaci\u00f3n ClickOnce." "value": "Un problema en el modo quiosco de Secure Lockdown Multi Application Edition v2.00.219 permite a los atacantes ejecutar c\u00f3digo arbitrario ejecutando una instancia de aplicaci\u00f3n ClickOnce."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.drive-byte.de/en/blog/inteset-bugs-and-hardening", "url": "https://www.drive-byte.de/en/blog/inteset-bugs-and-hardening",

24
CVE-2024/CVE-2024-34xx/CVE-2024-3474.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-3474", "id": "CVE-2024-3474",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2024-05-02T06:15:50.527", "published": "2024-05-02T06:15:50.527",
"lastModified": "2025-03-21T16:31:23.820", "lastModified": "2025-03-25T14:15:25.040",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
} }
] ]
}, },

14
CVE-2024/CVE-2024-355xx/CVE-2024-35558.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-35558", "id": "CVE-2024-35558",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-05-22T14:15:09.653", "published": "2024-05-22T14:15:09.653",
"lastModified": "2024-11-21T09:20:27.063", "lastModified": "2025-03-25T14:15:24.853",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -39,6 +39,18 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/bearman113/1.md/blob/main/24/csrf.md", "url": "https://github.com/bearman113/1.md/blob/main/24/csrf.md",

22
CVE-2024/CVE-2024-35xx/CVE-2024-3552.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-3552", "id": "CVE-2024-3552",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2024-06-13T06:15:11.633", "published": "2024-06-13T06:15:11.633",
"lastModified": "2024-11-21T09:29:51.677", "lastModified": "2025-03-25T14:15:25.203",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
} }
] ]
}, },

32
CVE-2024/CVE-2024-401xx/CVE-2024-40101.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-40101", "id": "CVE-2024-40101",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-08-06T14:16:04.117", "published": "2024-08-06T14:16:04.117",
"lastModified": "2024-11-21T09:30:56.960", "lastModified": "2025-03-25T14:15:25.373",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 2.7
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-79" "value": "CWE-79"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
} }
], ],
"configurations": [ "configurations": [

12
CVE-2024/CVE-2024-407xx/CVE-2024-40724.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-40724", "id": "CVE-2024-40724",
"sourceIdentifier": "vultures@jpcert.or.jp", "sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2024-07-19T08:15:02.070", "published": "2024-07-19T08:15:02.070",
"lastModified": "2024-11-21T09:31:29.927", "lastModified": "2025-03-25T14:15:25.580",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-787" "value": "CWE-787"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
} }
], ],
"configurations": [ "configurations": [

21
CVE-2024/CVE-2024-425xx/CVE-2024-42533.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-42533",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-25T14:15:25.750",
"lastModified": "2025-03-25T14:15:25.750",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in the authentication module in Convivance StandVoice 4.5 through 6.2 allows remote attackers to execute arbitrary code via the GEST_LOGIN parameter."
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/7h30th3r0n3/eae27e0eed39741365c55dfd46b57dc8",
"source": "cve@mitre.org"
}
]
}

34
CVE-2024/CVE-2024-441xx/CVE-2024-44168.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44168", "id": "CVE-2024-44168",
"sourceIdentifier": "product-security@apple.com", "sourceIdentifier": "product-security@apple.com",
"published": "2024-09-17T00:15:51.367", "published": "2024-09-17T00:15:51.367",
"lastModified": "2024-09-26T13:56:00.007", "lastModified": "2025-03-25T14:15:25.867",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 1.8, "exploitabilityScore": 1.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-427" "value": "CWE-427"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-114"
}
]
} }
], ],
"configurations": [ "configurations": [

6
CVE-2024/CVE-2024-449xx/CVE-2024-44903.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-44903", "id": "CVE-2024-44903",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-03-25T06:15:39.790", "published": "2025-03-25T06:15:39.790",
"lastModified": "2025-03-25T06:15:39.790", "lastModified": "2025-03-25T14:15:26.030",
"vulnStatus": "Received", "vulnStatus": "Received",
"cveTags": [ "cveTags": [
{ {
@ -58,6 +58,10 @@
{ {
"url": "https://www.artresilia.com/cve-2024-44903-sql-injection-vulnerability-in-horizon-information-portal/", "url": "https://www.artresilia.com/cve-2024-44903-sql-injection-vulnerability-in-horizon-information-portal/",
"source": "cve@mitre.org" "source": "cve@mitre.org"
},
{
"url": "https://www.artresilia.com/cve-2024-44903-sql-injection-vulnerability-in-horizon-information-portal/",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
} }
] ]
} }

71
CVE-2024/CVE-2024-456xx/CVE-2024-45653.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-45653", "id": "CVE-2024-45653",
"sourceIdentifier": "psirt@us.ibm.com", "sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-01-19T03:15:07.643", "published": "2025-01-19T03:15:07.643",
"lastModified": "2025-01-19T03:15:07.643", "lastModified": "2025-03-25T14:27:46.903",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -19,6 +19,26 @@
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "psirt@us.ibm.com", "source": "psirt@us.ibm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
@ -49,12 +69,57 @@
"value": "CWE-201" "value": "CWE-201"
} }
] ]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:sterling_connect_direct_web_services:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C768ACC8-D269-4E95-93F3-011DF3E7794C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:sterling_connect_direct_web_services:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BB84B3B4-6E20-4310-9BF9-DA8D3ED44E1A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:sterling_connect_direct_web_services:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11E72803-A97E-45DE-AC70-EFF2BADCB7AF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:sterling_connect_direct_web_services:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "914935D0-4F22-4653-8FCA-208AD42EFC94"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://www.ibm.com/support/pages/node/7174104", "url": "https://www.ibm.com/support/pages/node/7174104",
"source": "psirt@us.ibm.com" "source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

39
CVE-2024/CVE-2024-483xx/CVE-2024-48310.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-48310", "id": "CVE-2024-48310",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-01-28T23:15:07.677", "published": "2025-01-28T23:15:07.677",
"lastModified": "2025-02-18T19:15:17.370", "lastModified": "2025-03-25T14:15:26.223",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,42 @@
"value": "Se descubri\u00f3 que el AutoLib Software Systems OPAC v20.10 tiene varias claves API expuestas dentro del c\u00f3digo fuente. Los atacantes pueden usar estas claves para acceder a la API de backend o a otra informaci\u00f3n confidencial." "value": "Se descubri\u00f3 que el AutoLib Software Systems OPAC v20.10 tiene varias claves API expuestas dentro del c\u00f3digo fuente. Los atacantes pueden usar estas claves para acceder a la API de backend o a otra informaci\u00f3n confidencial."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://seclists.org/fulldisclosure/2025/Jan/11", "url": "https://seclists.org/fulldisclosure/2025/Jan/11",

14
CVE-2024/CVE-2024-497xx/CVE-2024-49733.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-49733", "id": "CVE-2024-49733",
"sourceIdentifier": "security@android.com", "sourceIdentifier": "security@android.com",
"published": "2025-01-21T23:15:14.197", "published": "2025-01-21T23:15:14.197",
"lastModified": "2025-03-14T18:15:30.047", "lastModified": "2025-03-25T14:15:26.410",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -39,6 +39,18 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://source.android.com/security/bulletin/2025-01-01", "url": "https://source.android.com/security/bulletin/2025-01-01",

45
CVE-2024/CVE-2024-514xx/CVE-2024-51448.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-51448", "id": "CVE-2024-51448",
"sourceIdentifier": "psirt@us.ibm.com", "sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-01-18T15:15:08.183", "published": "2025-01-18T15:15:08.183",
"lastModified": "2025-01-18T15:15:08.183", "lastModified": "2025-03-25T14:06:48.877",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -49,12 +49,51 @@
"value": "CWE-277" "value": "CWE-277"
} }
] ]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-732"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:robotic_process_automation:*:*:*:*:*:*:*:*",
"versionStartIncluding": "21.0.0",
"versionEndIncluding": "21.0.7.17",
"matchCriteriaId": "DD5A94A8-24DB-4F6F-A629-031BD4BDB7F3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:robotic_process_automation:*:*:*:*:*:*:*:*",
"versionStartIncluding": "23.0.0",
"versionEndIncluding": "23.0.18",
"matchCriteriaId": "4641E270-157D-4040-901F-8EC5BC13961C"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://www.ibm.com/support/pages/node/7177586", "url": "https://www.ibm.com/support/pages/node/7177586",
"source": "psirt@us.ibm.com" "source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

14
CVE-2024/CVE-2024-545xx/CVE-2024-54564.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-54564", "id": "CVE-2024-54564",
"sourceIdentifier": "product-security@apple.com", "sourceIdentifier": "product-security@apple.com",
"published": "2025-03-21T00:15:18.613", "published": "2025-03-21T00:15:18.613",
"lastModified": "2025-03-24T15:09:35.767", "lastModified": "2025-03-25T13:15:40.190",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -49,6 +49,16 @@
"value": "NVD-CWE-noinfo" "value": "NVD-CWE-noinfo"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
} }
], ],
"configurations": [ "configurations": [

39
CVE-2024/CVE-2024-575xx/CVE-2024-57519.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-57519", "id": "CVE-2024-57519",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-01-28T23:15:08.230", "published": "2025-01-28T23:15:08.230",
"lastModified": "2025-02-18T19:15:22.163", "lastModified": "2025-03-25T14:15:26.557",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -15,7 +15,42 @@
"value": "Un problema en Open5GS v.2.7.2 permite a un atacante remoto provocar una denegaci\u00f3n de servicio a trav\u00e9s de la funci\u00f3n ogs_dbi_auth_info en el archivo lib/dbi/subscription.c." "value": "Un problema en Open5GS v.2.7.2 permite a un atacante remoto provocar una denegaci\u00f3n de servicio a trav\u00e9s de la funci\u00f3n ogs_dbi_auth_info en el archivo lib/dbi/subscription.c."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/f4rs1ght/vuln-research/tree/main/CVE-2024-57519", "url": "https://github.com/f4rs1ght/vuln-research/tree/main/CVE-2024-57519",

180
CVE-2024/CVE-2024-580xx/CVE-2024-58055.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-58055", "id": "CVE-2024-58055",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-03-06T16:15:51.730", "published": "2025-03-06T16:15:51.730",
"lastModified": "2025-03-13T13:15:45.307", "lastModified": "2025-03-25T14:34:54.660",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,39 +15,159 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: usb: gadget: f_tcm: No libere el comando inmediatamente No libere el comando de forma prematura. Espere a que se complete el estado de detecci\u00f3n. En ese momento, se puede liberar. De lo contrario, liberaremos el comando dos veces." "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: usb: gadget: f_tcm: No libere el comando inmediatamente No libere el comando de forma prematura. Espere a que se complete el estado de detecci\u00f3n. En ese momento, se puede liberar. De lo contrario, liberaremos el comando dos veces."
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "https://git.kernel.org/stable/c/16907219ad6763f401700e1b57b2da4f3e07f047", "source": "nvd@nist.gov",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
}, },
{ "exploitabilityScore": 1.8,
"url": "https://git.kernel.org/stable/c/38229c35a6d7875697dfb293356407330cfcd23e", "impactScore": 5.9
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" }
]
}, },
"weaknesses": [
{ {
"url": "https://git.kernel.org/stable/c/7cb72dc08ed8da60fd6d1f6adf13bf0e6ee0f694", "source": "nvd@nist.gov",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "type": "Primary",
}, "description": [
{ {
"url": "https://git.kernel.org/stable/c/929b69810eec132b284ffd19047a85d961df9e4d", "lang": "en",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "value": "CWE-415"
}, }
{ ]
"url": "https://git.kernel.org/stable/c/bbb7f49839b57d66ccaf7b5752d9b63d3031dd0a", }
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" ],
}, "configurations": [
{ {
"url": "https://git.kernel.org/stable/c/c225d006a31949d673e646d585d9569bc28feeb9", "nodes": [
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" {
}, "operator": "OR",
{ "negate": false,
"url": "https://git.kernel.org/stable/c/e6693595bd1b55af62d057a4136a89d5c2ddf0e9", "cpeMatch": [
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" {
}, "vulnerable": true,
{ "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"url": "https://git.kernel.org/stable/c/f0c33e7d387ccbb6870e73a43c558fefede06614", "versionStartIncluding": "4.6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "versionEndExcluding": "5.4.291",
"matchCriteriaId": "12DA8BBB-38CB-4CD1-897F-7B5EA22A779B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.235",
"matchCriteriaId": "545121FA-DE31-4154-9446-C2000FB4104D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.179",
"matchCriteriaId": "C708062C-4E1B-465F-AE6D-C09C46400875"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.129",
"matchCriteriaId": "2DA5009C-C9B9-4A1D-9B96-78427E8F232C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.76",
"matchCriteriaId": "A6D70701-9CB6-4222-A957-00A419878993"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.12.13",
"matchCriteriaId": "2897389C-A8C3-4D69-90F2-E701B3D66373"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.13",
"versionEndExcluding": "6.13.2",
"matchCriteriaId": "6D4116B1-1BFD-4F23-BA84-169CC05FC5A3"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/16907219ad6763f401700e1b57b2da4f3e07f047",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/38229c35a6d7875697dfb293356407330cfcd23e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7cb72dc08ed8da60fd6d1f6adf13bf0e6ee0f694",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/929b69810eec132b284ffd19047a85d961df9e4d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/bbb7f49839b57d66ccaf7b5752d9b63d3031dd0a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c225d006a31949d673e646d585d9569bc28feeb9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e6693595bd1b55af62d057a4136a89d5c2ddf0e9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f0c33e7d387ccbb6870e73a43c558fefede06614",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

180
CVE-2024/CVE-2024-580xx/CVE-2024-58058.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-58058", "id": "CVE-2024-58058",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-03-06T16:15:52.037", "published": "2025-03-06T16:15:52.037",
"lastModified": "2025-03-13T13:15:45.433", "lastModified": "2025-03-25T14:35:24.150",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,39 +15,159 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ubifs: omite el volcado del \u00e1rbol tnc cuando zroot es nulo. Limpiar el cach\u00e9 de slab liberar\u00e1 todos los znode en la memoria y har\u00e1 que c->zroot.znode = NULL, luego, al volcar el \u00e1rbol tnc se acceder\u00e1 a c->zroot.znode, lo que provocar\u00e1 una desreferencia del puntero nulo." "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ubifs: omite el volcado del \u00e1rbol tnc cuando zroot es nulo. Limpiar el cach\u00e9 de slab liberar\u00e1 todos los znode en la memoria y har\u00e1 que c->zroot.znode = NULL, luego, al volcar el \u00e1rbol tnc se acceder\u00e1 a c->zroot.znode, lo que provocar\u00e1 una desreferencia del puntero nulo."
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "https://git.kernel.org/stable/c/1787cd67bb94b106555ffe64f887f6aa24b47010", "source": "nvd@nist.gov",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
}, },
{ "exploitabilityScore": 1.8,
"url": "https://git.kernel.org/stable/c/2a987950df825d0144370e700dc5fb337684ffba", "impactScore": 3.6
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" }
]
}, },
"weaknesses": [
{ {
"url": "https://git.kernel.org/stable/c/40e25a3c0063935763717877bb2a814c081509ff", "source": "nvd@nist.gov",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "type": "Primary",
}, "description": [
{ {
"url": "https://git.kernel.org/stable/c/428aff8f7cfb0d9a8854477648022cef96bcab28", "lang": "en",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "value": "CWE-476"
}, }
{ ]
"url": "https://git.kernel.org/stable/c/6211c11fc20424bbc6d79c835c7c212b553ae898", }
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" ],
}, "configurations": [
{ {
"url": "https://git.kernel.org/stable/c/77e5266e3d3faa6bdcf20d9c68a8972f6aa06522", "nodes": [
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" {
}, "operator": "OR",
{ "negate": false,
"url": "https://git.kernel.org/stable/c/bdb0ca39e0acccf6771db49c3f94ed787d05f2d7", "cpeMatch": [
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" {
}, "vulnerable": true,
{ "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"url": "https://git.kernel.org/stable/c/e01b55f261ccc96e347eba4931e4429d080d879d", "versionStartIncluding": "2.6.27",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "versionEndExcluding": "5.4.291",
"matchCriteriaId": "9BC85AFC-19A2-4FCE-ADDB-66E528FF6039"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.235",
"matchCriteriaId": "545121FA-DE31-4154-9446-C2000FB4104D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.179",
"matchCriteriaId": "C708062C-4E1B-465F-AE6D-C09C46400875"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.129",
"matchCriteriaId": "2DA5009C-C9B9-4A1D-9B96-78427E8F232C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.76",
"matchCriteriaId": "A6D70701-9CB6-4222-A957-00A419878993"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.12.13",
"matchCriteriaId": "2897389C-A8C3-4D69-90F2-E701B3D66373"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.13",
"versionEndExcluding": "6.13.2",
"matchCriteriaId": "6D4116B1-1BFD-4F23-BA84-169CC05FC5A3"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/1787cd67bb94b106555ffe64f887f6aa24b47010",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/2a987950df825d0144370e700dc5fb337684ffba",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/40e25a3c0063935763717877bb2a814c081509ff",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/428aff8f7cfb0d9a8854477648022cef96bcab28",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6211c11fc20424bbc6d79c835c7c212b553ae898",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/77e5266e3d3faa6bdcf20d9c68a8972f6aa06522",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/bdb0ca39e0acccf6771db49c3f94ed787d05f2d7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e01b55f261ccc96e347eba4931e4429d080d879d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

76
CVE-2024/CVE-2024-580xx/CVE-2024-58059.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-58059", "id": "CVE-2024-58059",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-03-06T16:15:52.140", "published": "2025-03-06T16:15:52.140",
"lastModified": "2025-03-06T16:15:52.140", "lastModified": "2025-03-25T14:35:53.557",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,15 +15,75 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: media: uvcvideo: Se solucion\u00f3 el bloqueo durante uvc_probe Si uvc_probe() falla, puede terminar llamando a uvc_status_unregister() antes de que se llame a uvc_status_init(). Solucione esto verificando si dev->status es NULL o no en uvc_status_unregister()." "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: media: uvcvideo: Se solucion\u00f3 el bloqueo durante uvc_probe Si uvc_probe() falla, puede terminar llamando a uvc_status_unregister() antes de que se llame a uvc_status_init(). Solucione esto verificando si dev->status es NULL o no en uvc_status_unregister()."
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "https://git.kernel.org/stable/c/a67f75c2b5ecf534eab416ce16c11fe780c4f8f6", "source": "nvd@nist.gov",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
}, },
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{ {
"url": "https://git.kernel.org/stable/c/db577ededf3a18b39567fc1a6209f12a0c4a3c52", "source": "nvd@nist.gov",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-667"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.13",
"versionEndExcluding": "6.13.2",
"matchCriteriaId": "6D4116B1-1BFD-4F23-BA84-169CC05FC5A3"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/a67f75c2b5ecf534eab416ce16c11fe780c4f8f6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/db577ededf3a18b39567fc1a6209f12a0c4a3c52",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

92
CVE-2024/CVE-2024-580xx/CVE-2024-58062.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-58062", "id": "CVE-2024-58062",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-03-06T16:15:52.490", "published": "2025-03-06T16:15:52.490",
"lastModified": "2025-03-06T16:15:52.490", "lastModified": "2025-03-25T14:36:55.653",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,19 +15,89 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: wifi: iwlwifi: mvm: evitar la desreferencia de puntero NULL Al iterar sobre los enlaces de un vif, debemos asegurarnos de que el puntero sea v\u00e1lido (en otras palabras, que el enlace exista) antes de desreferenciarlo. Utilice for_each_vif_active_link que tambi\u00e9n realiza la verificaci\u00f3n." "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: wifi: iwlwifi: mvm: evitar la desreferencia de puntero NULL Al iterar sobre los enlaces de un vif, debemos asegurarnos de que el puntero sea v\u00e1lido (en otras palabras, que el enlace exista) antes de desreferenciarlo. Utilice for_each_vif_active_link que tambi\u00e9n realiza la verificaci\u00f3n."
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "https://git.kernel.org/stable/c/7f6fb4b7611eb6371c493c42fefad84a1742bcbb", "source": "nvd@nist.gov",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
}, },
{ "exploitabilityScore": 1.8,
"url": "https://git.kernel.org/stable/c/cf704a7624f99eb2ffca1a16c69183e85544a613", "impactScore": 3.6
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" }
]
}, },
"weaknesses": [
{ {
"url": "https://git.kernel.org/stable/c/fbb563ad5032a07ac83c746ce5c8de5f25b5ffd0", "source": "nvd@nist.gov",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.12",
"versionEndExcluding": "6.12.13",
"matchCriteriaId": "8507AA00-C52F-4231-94AC-4D0374F5A9F5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.13",
"versionEndExcluding": "6.13.2",
"matchCriteriaId": "6D4116B1-1BFD-4F23-BA84-169CC05FC5A3"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/7f6fb4b7611eb6371c493c42fefad84a1742bcbb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/cf704a7624f99eb2ffca1a16c69183e85544a613",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/fbb563ad5032a07ac83c746ce5c8de5f25b5ffd0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

180
CVE-2024/CVE-2024-580xx/CVE-2024-58063.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-58063", "id": "CVE-2024-58063",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-03-06T16:15:52.583", "published": "2025-03-06T16:15:52.583",
"lastModified": "2025-03-13T13:15:45.553", "lastModified": "2025-03-25T14:37:12.963",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,39 +15,159 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: wifi: rtlwifi: corrige fugas de memoria y acceso no v\u00e1lido en la ruta de error de la sonda Desinicializar en orden inverso cuando la sonda falla. Cuando init_sw_vars falla, no se debe llamar a rtl_deinit_core, especialmente ahora que destruye la cola de trabajo rtl_wq. Y llame a rtl_pci_deinit y deinit_sw_vars, de lo contrario, se perder\u00e1 memoria. Elimine la llamada a pci_set_drvdata ya que ya estar\u00e1 limpiada por el c\u00f3digo del controlador central y tambi\u00e9n podr\u00eda provocar fugas de memoria. cf. commit 8d450935ae7f (\"wireless: rtlwifi: eliminar pci_set_drvdata() innecesario\") y commit 3d86b93064c7 (\"rtlwifi: corregir la memoria hu\u00e9rfana en la ruta de error de la sonda PCI\")." "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: wifi: rtlwifi: corrige fugas de memoria y acceso no v\u00e1lido en la ruta de error de la sonda Desinicializar en orden inverso cuando la sonda falla. Cuando init_sw_vars falla, no se debe llamar a rtl_deinit_core, especialmente ahora que destruye la cola de trabajo rtl_wq. Y llame a rtl_pci_deinit y deinit_sw_vars, de lo contrario, se perder\u00e1 memoria. Elimine la llamada a pci_set_drvdata ya que ya estar\u00e1 limpiada por el c\u00f3digo del controlador central y tambi\u00e9n podr\u00eda provocar fugas de memoria. cf. commit 8d450935ae7f (\"wireless: rtlwifi: eliminar pci_set_drvdata() innecesario\") y commit 3d86b93064c7 (\"rtlwifi: corregir la memoria hu\u00e9rfana en la ruta de error de la sonda PCI\")."
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "https://git.kernel.org/stable/c/32acebca0a51f5e372536bfdc0d7d332ab749013", "source": "nvd@nist.gov",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
}, },
{ "exploitabilityScore": 1.8,
"url": "https://git.kernel.org/stable/c/455e0f40b5352186a9095f2135d5c89255e7c39a", "impactScore": 3.6
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" }
]
}, },
"weaknesses": [
{ {
"url": "https://git.kernel.org/stable/c/624cea89a0865a2bc3e00182a6b0f954a94328b4", "source": "nvd@nist.gov",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "type": "Primary",
}, "description": [
{ {
"url": "https://git.kernel.org/stable/c/6b76bab5c257463302c9e97f5d84d524457468eb", "lang": "en",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "value": "CWE-401"
}, }
{ ]
"url": "https://git.kernel.org/stable/c/85b67b4c4a0f8a6fb20cf4ef7684ff2b0cf559df", }
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" ],
}, "configurations": [
{ {
"url": "https://git.kernel.org/stable/c/b96371339fd9cac90f5ee4ac17ee5c4cbbdfa6f7", "nodes": [
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" {
}, "operator": "OR",
{ "negate": false,
"url": "https://git.kernel.org/stable/c/e7ceefbfd8d447abc8aca8ab993a942803522c06", "cpeMatch": [
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" {
}, "vulnerable": true,
{ "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"url": "https://git.kernel.org/stable/c/ee0b0d7baa8a6d42c7988f6e50c8f164cdf3fa47", "versionStartIncluding": "2.6.38",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "versionEndExcluding": "5.4.291",
"matchCriteriaId": "DF4BC78F-729F-4B3C-B3DB-21B562F909E6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.235",
"matchCriteriaId": "545121FA-DE31-4154-9446-C2000FB4104D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.179",
"matchCriteriaId": "C708062C-4E1B-465F-AE6D-C09C46400875"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.129",
"matchCriteriaId": "2DA5009C-C9B9-4A1D-9B96-78427E8F232C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.76",
"matchCriteriaId": "A6D70701-9CB6-4222-A957-00A419878993"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.12.13",
"matchCriteriaId": "2897389C-A8C3-4D69-90F2-E701B3D66373"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.13",
"versionEndExcluding": "6.13.2",
"matchCriteriaId": "6D4116B1-1BFD-4F23-BA84-169CC05FC5A3"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/32acebca0a51f5e372536bfdc0d7d332ab749013",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/455e0f40b5352186a9095f2135d5c89255e7c39a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/624cea89a0865a2bc3e00182a6b0f954a94328b4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6b76bab5c257463302c9e97f5d84d524457468eb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/85b67b4c4a0f8a6fb20cf4ef7684ff2b0cf559df",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b96371339fd9cac90f5ee4ac17ee5c4cbbdfa6f7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e7ceefbfd8d447abc8aca8ab993a942803522c06",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ee0b0d7baa8a6d42c7988f6e50c8f164cdf3fa47",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

92
CVE-2024/CVE-2024-580xx/CVE-2024-58064.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-58064", "id": "CVE-2024-58064",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-03-06T16:15:52.733", "published": "2025-03-06T16:15:52.733",
"lastModified": "2025-03-06T16:15:52.733", "lastModified": "2025-03-25T14:37:32.823",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,19 +15,89 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: wifi: cfg80211: pruebas: Se corrige la posible desreferenciaci\u00f3n de NULL en test_cfg80211_parse_colocated_ap() kunit_kzalloc() puede devolver NULL, desreferenciarlo sin la comprobaci\u00f3n de NULL puede provocar una desreferencia de NULL. Agregue una comprobaci\u00f3n de NULL para ies." "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: wifi: cfg80211: pruebas: Se corrige la posible desreferenciaci\u00f3n de NULL en test_cfg80211_parse_colocated_ap() kunit_kzalloc() puede devolver NULL, desreferenciarlo sin la comprobaci\u00f3n de NULL puede provocar una desreferencia de NULL. Agregue una comprobaci\u00f3n de NULL para ies."
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "https://git.kernel.org/stable/c/0d17d81143f5aa56ee87e60bb1000a2372a0ada8", "source": "nvd@nist.gov",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
}, },
{ "exploitabilityScore": 1.8,
"url": "https://git.kernel.org/stable/c/13c4f7714c6a1ecf748a2f22099447c14fe6ed8c", "impactScore": 3.6
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" }
]
}, },
"weaknesses": [
{ {
"url": "https://git.kernel.org/stable/c/886271409603956edd09df229dde7442c410a872", "source": "nvd@nist.gov",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.9",
"versionEndExcluding": "6.12.13",
"matchCriteriaId": "AF4DF509-8040-448A-9D90-DDFA1A298CFE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.13",
"versionEndExcluding": "6.13.2",
"matchCriteriaId": "6D4116B1-1BFD-4F23-BA84-169CC05FC5A3"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/0d17d81143f5aa56ee87e60bb1000a2372a0ada8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/13c4f7714c6a1ecf748a2f22099447c14fe6ed8c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/886271409603956edd09df229dde7442c410a872",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

76
CVE-2024/CVE-2024-580xx/CVE-2024-58065.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-58065", "id": "CVE-2024-58065",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-03-06T16:15:52.830", "published": "2025-03-06T16:15:52.830",
"lastModified": "2025-03-06T16:15:52.830", "lastModified": "2025-03-25T14:37:52.280",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,15 +15,75 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: clk: mmp: pxa1908-apbc: Se ha corregido la comprobaci\u00f3n NULL frente a IS_ERR() La funci\u00f3n devm_kzalloc() devuelve NULL en caso de error, no punteros de error. Corrija la comprobaci\u00f3n." "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: clk: mmp: pxa1908-apbc: Se ha corregido la comprobaci\u00f3n NULL frente a IS_ERR() La funci\u00f3n devm_kzalloc() devuelve NULL en caso de error, no punteros de error. Corrija la comprobaci\u00f3n."
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "https://git.kernel.org/stable/c/6628f7f88de5f65f01adef5a63c707cb49d0fddb", "source": "nvd@nist.gov",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
}, },
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{ {
"url": "https://git.kernel.org/stable/c/e5ca5d7b4d7c29246d957dc45d63610584ae3a54", "source": "nvd@nist.gov",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.13",
"versionEndExcluding": "6.13.2",
"matchCriteriaId": "6D4116B1-1BFD-4F23-BA84-169CC05FC5A3"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/6628f7f88de5f65f01adef5a63c707cb49d0fddb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e5ca5d7b4d7c29246d957dc45d63610584ae3a54",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

76
CVE-2024/CVE-2024-580xx/CVE-2024-58066.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-58066", "id": "CVE-2024-58066",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-03-06T16:15:52.997", "published": "2025-03-06T16:15:52.997",
"lastModified": "2025-03-06T16:15:52.997", "lastModified": "2025-03-25T14:43:37.903",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,15 +15,75 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: clk: mmp: pxa1908-apbcp: Se corrige una comprobaci\u00f3n de NULL frente a IS_ERR() La funci\u00f3n devm_kzalloc() no devuelve punteros de error, devuelve NULL en caso de error. Actualice la comprobaci\u00f3n para que coincida." "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: clk: mmp: pxa1908-apbcp: Se corrige una comprobaci\u00f3n de NULL frente a IS_ERR() La funci\u00f3n devm_kzalloc() no devuelve punteros de error, devuelve NULL en caso de error. Actualice la comprobaci\u00f3n para que coincida."
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "https://git.kernel.org/stable/c/2b3a36fb572caf9fb72f158be328395b1c938bf7", "source": "nvd@nist.gov",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
}, },
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{ {
"url": "https://git.kernel.org/stable/c/3acea81be689b77b3ceac6ff345ff0366734d967", "source": "nvd@nist.gov",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.13",
"versionEndExcluding": "6.13.2",
"matchCriteriaId": "6D4116B1-1BFD-4F23-BA84-169CC05FC5A3"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/2b3a36fb572caf9fb72f158be328395b1c938bf7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3acea81be689b77b3ceac6ff345ff0366734d967",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

76
CVE-2024/CVE-2024-580xx/CVE-2024-58067.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-58067", "id": "CVE-2024-58067",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-03-06T16:15:53.150", "published": "2025-03-06T16:15:53.150",
"lastModified": "2025-03-06T16:15:53.150", "lastModified": "2025-03-25T14:44:00.237",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,15 +15,75 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: clk: mmp: pxa1908-mpmu: Se corrige una comprobaci\u00f3n de NULL frente a IS_ERR() La funci\u00f3n devm_kzalloc() devuelve NULL en caso de error, no punteros de error. Actualice la comprobaci\u00f3n para que coincida." "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: clk: mmp: pxa1908-mpmu: Se corrige una comprobaci\u00f3n de NULL frente a IS_ERR() La funci\u00f3n devm_kzalloc() devuelve NULL en caso de error, no punteros de error. Actualice la comprobaci\u00f3n para que coincida."
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "https://git.kernel.org/stable/c/0869a7b2afdfcdd2beb0a5fb683119bcf39c0e9d", "source": "nvd@nist.gov",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
}, },
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{ {
"url": "https://git.kernel.org/stable/c/7def56f841af22e07977e193eea002e085facbdb", "source": "nvd@nist.gov",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.13",
"versionEndExcluding": "6.13.2",
"matchCriteriaId": "6D4116B1-1BFD-4F23-BA84-169CC05FC5A3"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/0869a7b2afdfcdd2beb0a5fb683119bcf39c0e9d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7def56f841af22e07977e193eea002e085facbdb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

126
CVE-2024/CVE-2024-580xx/CVE-2024-58068.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-58068", "id": "CVE-2024-58068",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-03-06T16:15:53.257", "published": "2025-03-06T16:15:53.257",
"lastModified": "2025-03-06T16:15:53.257", "lastModified": "2025-03-25T14:47:07.467",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,27 +15,117 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: OPP: se corrige dev_pm_opp_find_bw_*() cuando la tabla de ancho de banda no est\u00e1 inicializada Si un controlador llama a dev_pm_opp_find_bw_ceil/floor() para recuperar el ancho de banda de la tabla OPP pero la tabla de ancho de banda no se cre\u00f3 porque faltaban las propiedades de interconexi\u00f3n en el nodo consumidor de OPP, el kernel se bloquear\u00e1 con: No se puede gestionar la desreferencia del puntero NULL del kernel en la direcci\u00f3n virtual 0000000000000004 ... pc : _read_bw+0x8/0x10 lr : _opp_table_find_key+0x9c/0x174 ... Rastreo de llamada: _read_bw+0x8/0x10 (P) _opp_table_find_key+0x9c/0x174 (L) _find_key+0x98/0x168 dev_pm_opp_find_bw_ceil+0x50/0x88 ... Para solucionar el fallo, cree una funci\u00f3n de afirmaci\u00f3n para verificar si la tabla de ancho de banda se cre\u00f3 antes de intentar obtener un ancho de banda con _read_bw()." "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: OPP: se corrige dev_pm_opp_find_bw_*() cuando la tabla de ancho de banda no est\u00e1 inicializada Si un controlador llama a dev_pm_opp_find_bw_ceil/floor() para recuperar el ancho de banda de la tabla OPP pero la tabla de ancho de banda no se cre\u00f3 porque faltaban las propiedades de interconexi\u00f3n en el nodo consumidor de OPP, el kernel se bloquear\u00e1 con: No se puede gestionar la desreferencia del puntero NULL del kernel en la direcci\u00f3n virtual 0000000000000004 ... pc : _read_bw+0x8/0x10 lr : _opp_table_find_key+0x9c/0x174 ... Rastreo de llamada: _read_bw+0x8/0x10 (P) _opp_table_find_key+0x9c/0x174 (L) _find_key+0x98/0x168 dev_pm_opp_find_bw_ceil+0x50/0x88 ... Para solucionar el fallo, cree una funci\u00f3n de afirmaci\u00f3n para verificar si la tabla de ancho de banda se cre\u00f3 antes de intentar obtener un ancho de banda con _read_bw()."
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "https://git.kernel.org/stable/c/5165486681dbd67b61b975c63125f2a5cb7f96d1", "source": "nvd@nist.gov",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
}, },
{ "exploitabilityScore": 1.8,
"url": "https://git.kernel.org/stable/c/84ff05c9bd577157baed711a4f0b41206593978b", "impactScore": 3.6
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" }
]
}, },
"weaknesses": [
{ {
"url": "https://git.kernel.org/stable/c/8532fd078d2a5286915d03bb0a0893ee1955acef", "source": "nvd@nist.gov",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "type": "Primary",
}, "description": [
{ {
"url": "https://git.kernel.org/stable/c/b44b9bc7cab2967c3d6a791b1cd542c89fc07f0e", "lang": "en",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "value": "CWE-476"
}, }
{ ]
"url": "https://git.kernel.org/stable/c/ff2def251849133be6076a7c2d427d8eb963c223", }
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.0",
"versionEndExcluding": "6.1.129",
"matchCriteriaId": "2AA002D6-67A4-467A-9906-F93FAB357DD1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.76",
"matchCriteriaId": "A6D70701-9CB6-4222-A957-00A419878993"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.12.13",
"matchCriteriaId": "2897389C-A8C3-4D69-90F2-E701B3D66373"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.13",
"versionEndExcluding": "6.13.2",
"matchCriteriaId": "6D4116B1-1BFD-4F23-BA84-169CC05FC5A3"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/5165486681dbd67b61b975c63125f2a5cb7f96d1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/84ff05c9bd577157baed711a4f0b41206593978b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8532fd078d2a5286915d03bb0a0893ee1955acef",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b44b9bc7cab2967c3d6a791b1cd542c89fc07f0e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ff2def251849133be6076a7c2d427d8eb963c223",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

180
CVE-2024/CVE-2024-580xx/CVE-2024-58069.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-58069", "id": "CVE-2024-58069",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-03-06T16:15:53.373", "published": "2025-03-06T16:15:53.373",
"lastModified": "2025-03-13T13:15:45.673", "lastModified": "2025-03-25T14:48:40.760",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,39 +15,159 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: rtc: pcf85063: se corrige una posible escritura OOB en la lectura NVMEM PCF85063 La interfaz nvmem admite tama\u00f1os de b\u00fafer variables, mientras que la interfaz regmap opera con almacenamiento de tama\u00f1o fijo. Si un cliente nvmem usa un tama\u00f1o de b\u00fafer menor a 4 bytes, regmap_read escribir\u00e1 fuera de los l\u00edmites ya que espera que el b\u00fafer apunte a una int sin signo. Corrija esto usando una int sin signo intermedia para contener el valor." "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: rtc: pcf85063: se corrige una posible escritura OOB en la lectura NVMEM PCF85063 La interfaz nvmem admite tama\u00f1os de b\u00fafer variables, mientras que la interfaz regmap opera con almacenamiento de tama\u00f1o fijo. Si un cliente nvmem usa un tama\u00f1o de b\u00fafer menor a 4 bytes, regmap_read escribir\u00e1 fuera de los l\u00edmites ya que espera que el b\u00fafer apunte a una int sin signo. Corrija esto usando una int sin signo intermedia para contener el valor."
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "https://git.kernel.org/stable/c/21cd59fcb9952eb7505da2bdfc1eb9c619df3ff4", "source": "nvd@nist.gov",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
}, },
{ "exploitabilityScore": 1.8,
"url": "https://git.kernel.org/stable/c/3ab8c5ed4f84fa20cd16794fe8dc31f633fbc70c", "impactScore": 5.9
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" }
]
}, },
"weaknesses": [
{ {
"url": "https://git.kernel.org/stable/c/517aedb365f2c94e2d7e0b908ac7127df76203a1", "source": "nvd@nist.gov",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "type": "Primary",
}, "description": [
{ {
"url": "https://git.kernel.org/stable/c/6f2a8ca9a0a38589f52a7f0fb9425b9ba987ae7c", "lang": "en",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "value": "CWE-787"
}, }
{ ]
"url": "https://git.kernel.org/stable/c/9adefa7b9559d0f21034a5d5ec1b55840c9348b9", }
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" ],
}, "configurations": [
{ {
"url": "https://git.kernel.org/stable/c/c72b7a474d3f445bf0c5bcf8ffed332c78eb28a1", "nodes": [
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" {
}, "operator": "OR",
{ "negate": false,
"url": "https://git.kernel.org/stable/c/e5536677da803ed54a29a446515c28dce7d3d574", "cpeMatch": [
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" {
}, "vulnerable": true,
{ "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"url": "https://git.kernel.org/stable/c/e5e06455760f2995b16a176033909347929d1128", "versionStartIncluding": "5.2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "versionEndExcluding": "5.4.291",
"matchCriteriaId": "18F68456-FFB3-4E0E-A802-F3E41C67B10E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.235",
"matchCriteriaId": "545121FA-DE31-4154-9446-C2000FB4104D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.179",
"matchCriteriaId": "C708062C-4E1B-465F-AE6D-C09C46400875"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.129",
"matchCriteriaId": "2DA5009C-C9B9-4A1D-9B96-78427E8F232C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.76",
"matchCriteriaId": "A6D70701-9CB6-4222-A957-00A419878993"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.12.13",
"matchCriteriaId": "2897389C-A8C3-4D69-90F2-E701B3D66373"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.13",
"versionEndExcluding": "6.13.2",
"matchCriteriaId": "6D4116B1-1BFD-4F23-BA84-169CC05FC5A3"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/21cd59fcb9952eb7505da2bdfc1eb9c619df3ff4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3ab8c5ed4f84fa20cd16794fe8dc31f633fbc70c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/517aedb365f2c94e2d7e0b908ac7127df76203a1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6f2a8ca9a0a38589f52a7f0fb9425b9ba987ae7c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9adefa7b9559d0f21034a5d5ec1b55840c9348b9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c72b7a474d3f445bf0c5bcf8ffed332c78eb28a1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e5536677da803ed54a29a446515c28dce7d3d574",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e5e06455760f2995b16a176033909347929d1128",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

108
CVE-2024/CVE-2024-580xx/CVE-2024-58070.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-58070", "id": "CVE-2024-58070",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-03-06T16:15:53.480", "published": "2025-03-06T16:15:53.480",
"lastModified": "2025-03-06T16:15:53.480", "lastModified": "2025-03-25T14:21:57.697",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,23 +15,103 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: bpf: bpf_local_storage: Always use bpf_mem_alloc in PREEMPT_RT In PREEMPT_RT, kmalloc(GFP_ATOMIC) is still not safe in non preemptible context. bpf_mem_alloc must be used in PREEMPT_RT. This patch is to enforce bpf_mem_alloc in the bpf_local_storage when CONFIG_PREEMPT_RT is enabled. [ 35.118559] BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48 [ 35.118566] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 1832, name: test_progs [ 35.118569] preempt_count: 1, expected: 0 [ 35.118571] RCU nest depth: 1, expected: 1 [ 35.118577] INFO: lockdep is turned off. ... [ 35.118647] __might_resched+0x433/0x5b0 [ 35.118677] rt_spin_lock+0xc3/0x290 [ 35.118700] ___slab_alloc+0x72/0xc40 [ 35.118723] __kmalloc_noprof+0x13f/0x4e0 [ 35.118732] bpf_map_kzalloc+0xe5/0x220 [ 35.118740] bpf_selem_alloc+0x1d2/0x7b0 [ 35.118755] bpf_local_storage_update+0x2fa/0x8b0 [ 35.118784] bpf_sk_storage_get_tracing+0x15a/0x1d0 [ 35.118791] bpf_prog_9a118d86fca78ebb_trace_inet_sock_set_state+0x44/0x66 [ 35.118795] bpf_trace_run3+0x222/0x400 [ 35.118820] __bpf_trace_inet_sock_set_state+0x11/0x20 [ 35.118824] trace_inet_sock_set_state+0x112/0x130 [ 35.118830] inet_sk_state_store+0x41/0x90 [ 35.118836] tcp_set_state+0x3b3/0x640 No es necesario ajustar el gfp_flags que se pasa a bpf_mem_cache_alloc_flags() que solo respeta el GFP_KERNEL. El verificador se ha asegurado de que GFP_KERNEL se pase solo en un contexto en el que se pueda dormir. Ha sido un problema antiguo desde la primera introducci\u00f3n de bpf_local_storage hace unos 5 a\u00f1os, por lo que este parche apunta a bpf-next. Se necesita bpf_mem_alloc para resolverlo, por lo que la etiqueta Fixes se establece en el commit cuando bpf_mem_alloc se utiliz\u00f3 por primera vez en bpf_local_storage." "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: bpf: bpf_local_storage: Always use bpf_mem_alloc in PREEMPT_RT In PREEMPT_RT, kmalloc(GFP_ATOMIC) is still not safe in non preemptible context. bpf_mem_alloc must be used in PREEMPT_RT. This patch is to enforce bpf_mem_alloc in the bpf_local_storage when CONFIG_PREEMPT_RT is enabled. [ 35.118559] BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48 [ 35.118566] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 1832, name: test_progs [ 35.118569] preempt_count: 1, expected: 0 [ 35.118571] RCU nest depth: 1, expected: 1 [ 35.118577] INFO: lockdep is turned off. ... [ 35.118647] __might_resched+0x433/0x5b0 [ 35.118677] rt_spin_lock+0xc3/0x290 [ 35.118700] ___slab_alloc+0x72/0xc40 [ 35.118723] __kmalloc_noprof+0x13f/0x4e0 [ 35.118732] bpf_map_kzalloc+0xe5/0x220 [ 35.118740] bpf_selem_alloc+0x1d2/0x7b0 [ 35.118755] bpf_local_storage_update+0x2fa/0x8b0 [ 35.118784] bpf_sk_storage_get_tracing+0x15a/0x1d0 [ 35.118791] bpf_prog_9a118d86fca78ebb_trace_inet_sock_set_state+0x44/0x66 [ 35.118795] bpf_trace_run3+0x222/0x400 [ 35.118820] __bpf_trace_inet_sock_set_state+0x11/0x20 [ 35.118824] trace_inet_sock_set_state+0x112/0x130 [ 35.118830] inet_sk_state_store+0x41/0x90 [ 35.118836] tcp_set_state+0x3b3/0x640 No es necesario ajustar el gfp_flags que se pasa a bpf_mem_cache_alloc_flags() que solo respeta el GFP_KERNEL. El verificador se ha asegurado de que GFP_KERNEL se pase solo en un contexto en el que se pueda dormir. Ha sido un problema antiguo desde la primera introducci\u00f3n de bpf_local_storage hace unos 5 a\u00f1os, por lo que este parche apunta a bpf-next. Se necesita bpf_mem_alloc para resolverlo, por lo que la etiqueta Fixes se establece en el commit cuando bpf_mem_alloc se utiliz\u00f3 por primera vez en bpf_local_storage."
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "https://git.kernel.org/stable/c/3392fa605d7c5708c5fbe02e4fbdac547c3b7352", "source": "nvd@nist.gov",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
}, },
{ "exploitabilityScore": 1.8,
"url": "https://git.kernel.org/stable/c/8eef6ac4d70eb1f0099fff93321d90ce8fa49ee1", "impactScore": 3.6
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" }
]
}, },
"weaknesses": [
{ {
"url": "https://git.kernel.org/stable/c/b0027500000dfcb8ee952557d565064cea22c43e", "source": "nvd@nist.gov",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "type": "Primary",
}, "description": [
{ {
"url": "https://git.kernel.org/stable/c/c1d398a3af7e59d7fef351c84fed7ebb575d1f1a", "lang": "en",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "value": "CWE-667"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.4",
"versionEndExcluding": "6.6.76",
"matchCriteriaId": "C6A28F1A-2CCA-4B18-AA73-20D184A7D477"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.12.13",
"matchCriteriaId": "2897389C-A8C3-4D69-90F2-E701B3D66373"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.13",
"versionEndExcluding": "6.13.2",
"matchCriteriaId": "6D4116B1-1BFD-4F23-BA84-169CC05FC5A3"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/3392fa605d7c5708c5fbe02e4fbdac547c3b7352",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8eef6ac4d70eb1f0099fff93321d90ce8fa49ee1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b0027500000dfcb8ee952557d565064cea22c43e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c1d398a3af7e59d7fef351c84fed7ebb575d1f1a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

180
CVE-2024/CVE-2024-580xx/CVE-2024-58071.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-58071", "id": "CVE-2024-58071",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-03-06T16:15:53.593", "published": "2025-03-06T16:15:53.593",
"lastModified": "2025-03-13T13:15:45.800", "lastModified": "2025-03-25T14:22:11.633",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,39 +15,159 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: equipo: evitar agregar un dispositivo que ya es un dispositivo de equipo inferior Evitar agregar un dispositivo que ya es un dispositivo de equipo inferior, por ejemplo, agregar veth0 si vlan1 ya se agreg\u00f3 y veth0 es un inferior de vlan1. Esto no es \u00fatil en la pr\u00e1ctica y puede provocar un bloqueo recursivo: $ ip link add veth0 type veth peer name veth1 $ ip link set veth0 up $ ip link set veth1 up $ ip link add link veth0 name veth0.1 type vlan protocol 802.1Q id 1 $ ip link add team0 type team $ ip link set veth0.1 down $ ip link set veth0.1 master team0 team0: Port device veth0.1 added $ ip link set veth0 down $ ip link set veth0 master team0 ============================================ WARNING: possible recursive locking detected 6.13.0-rc2-virtme-00441-ga14a429069bb #46 Not tainted -------------------------------------------- ip/7684 is trying to acquire lock: ffff888016848e00 (team->team_lock_key){+.+.}-{4:4}, at: team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973) but task is already holding lock: ffff888016848e00 (team->team_lock_key){+.+.}-{4:4}, at: team_add_slave (drivers/net/team/team_core.c:1147 drivers/net/team/team_core.c:1977) other info that might help us debug this: Possible unsafe locking scenario: CPU0 ---- lock(team->team_lock_key); lock(team->team_lock_key); *** DEADLOCK *** May be due to missing lock nesting notation 2 locks held by ip/7684: stack backtrace: CPU: 3 UID: 0 PID: 7684 Comm: ip Not tainted 6.13.0-rc2-virtme-00441-ga14a429069bb #46 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 Call Trace: dump_stack_lvl (lib/dump_stack.c:122) print_deadlock_bug.cold (kernel/locking/lockdep.c:3040) __lock_acquire (kernel/locking/lockdep.c:3893 kernel/locking/lockdep.c:5226) ? netlink_broadcast_filtered (net/netlink/af_netlink.c:1548) lock_acquire.part.0 (kernel/locking/lockdep.c:467 kernel/locking/lockdep.c:5851) ? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973) ? trace_lock_acquire (./include/trace/events/lock.h:24 (discriminator 2)) ? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973) ? lock_acquire (kernel/locking/lockdep.c:5822) ? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973) __mutex_lock (kernel/locking/mutex.c:587 kernel/locking/mutex.c:735) ? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973) ? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973) ? fib_sync_up (net/ipv4/fib_semantics.c:2167) ? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973) team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973) notifier_call_chain (kernel/notifier.c:85) call_netdevice_notifiers_info (net/core/dev.c:1996) __dev_notify_flags (net/core/dev.c:8993) ? __dev_change_flags (net/core/dev.c:8975) dev_change_flags (net/core/dev.c:9027) vlan_device_event (net/8021q/vlan.c:85 net/8021q/vlan.c:470) ? br_device_event (net/bridge/br.c:143) notifier_call_chain (kernel/notifier.c:85) call_netdevice_notifiers_info (net/core/dev.c:1996) dev_open (net/core/dev.c:1519 net/core/dev.c:1505) team_add_slave (drivers/net/team/team_core.c:1219 drivers/net/team/team_core.c:1977) ? __pfx_team_add_slave (drivers/net/team/team_core.c:1972) do_set_master (net/core/rtnetlink.c:2917) do_setlink.isra.0 (net/core/rtnetlink.c:3117) " "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: equipo: evitar agregar un dispositivo que ya es un dispositivo de equipo inferior Evitar agregar un dispositivo que ya es un dispositivo de equipo inferior, por ejemplo, agregar veth0 si vlan1 ya se agreg\u00f3 y veth0 es un inferior de vlan1. Esto no es \u00fatil en la pr\u00e1ctica y puede provocar un bloqueo recursivo: $ ip link add veth0 type veth peer name veth1 $ ip link set veth0 up $ ip link set veth1 up $ ip link add link veth0 name veth0.1 type vlan protocol 802.1Q id 1 $ ip link add team0 type team $ ip link set veth0.1 down $ ip link set veth0.1 master team0 team0: Port device veth0.1 added $ ip link set veth0 down $ ip link set veth0 master team0 ============================================ WARNING: possible recursive locking detected 6.13.0-rc2-virtme-00441-ga14a429069bb #46 Not tainted -------------------------------------------- ip/7684 is trying to acquire lock: ffff888016848e00 (team->team_lock_key){+.+.}-{4:4}, at: team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973) but task is already holding lock: ffff888016848e00 (team->team_lock_key){+.+.}-{4:4}, at: team_add_slave (drivers/net/team/team_core.c:1147 drivers/net/team/team_core.c:1977) other info that might help us debug this: Possible unsafe locking scenario: CPU0 ---- lock(team->team_lock_key); lock(team->team_lock_key); *** DEADLOCK *** May be due to missing lock nesting notation 2 locks held by ip/7684: stack backtrace: CPU: 3 UID: 0 PID: 7684 Comm: ip Not tainted 6.13.0-rc2-virtme-00441-ga14a429069bb #46 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 Call Trace: dump_stack_lvl (lib/dump_stack.c:122) print_deadlock_bug.cold (kernel/locking/lockdep.c:3040) __lock_acquire (kernel/locking/lockdep.c:3893 kernel/locking/lockdep.c:5226) ? netlink_broadcast_filtered (net/netlink/af_netlink.c:1548) lock_acquire.part.0 (kernel/locking/lockdep.c:467 kernel/locking/lockdep.c:5851) ? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973) ? trace_lock_acquire (./include/trace/events/lock.h:24 (discriminator 2)) ? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973) ? lock_acquire (kernel/locking/lockdep.c:5822) ? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973) __mutex_lock (kernel/locking/mutex.c:587 kernel/locking/mutex.c:735) ? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973) ? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973) ? fib_sync_up (net/ipv4/fib_semantics.c:2167) ? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973) team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973) notifier_call_chain (kernel/notifier.c:85) call_netdevice_notifiers_info (net/core/dev.c:1996) __dev_notify_flags (net/core/dev.c:8993) ? __dev_change_flags (net/core/dev.c:8975) dev_change_flags (net/core/dev.c:9027) vlan_device_event (net/8021q/vlan.c:85 net/8021q/vlan.c:470) ? br_device_event (net/bridge/br.c:143) notifier_call_chain (kernel/notifier.c:85) call_netdevice_notifiers_info (net/core/dev.c:1996) dev_open (net/core/dev.c:1519 net/core/dev.c:1505) team_add_slave (drivers/net/team/team_core.c:1219 drivers/net/team/team_core.c:1977) ? __pfx_team_add_slave (drivers/net/team/team_core.c:1972) do_set_master (net/core/rtnetlink.c:2917) do_setlink.isra.0 (net/core/rtnetlink.c:3117) "
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "https://git.kernel.org/stable/c/0a7794b9ca78c8e7d001c583bf05736169de3f20", "source": "nvd@nist.gov",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
}, },
{ "exploitabilityScore": 1.8,
"url": "https://git.kernel.org/stable/c/184a564e6000b41582f160a5be9a9b5aabe22ac1", "impactScore": 3.6
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" }
]
}, },
"weaknesses": [
{ {
"url": "https://git.kernel.org/stable/c/1bb06f919fa5bec77ad9b6002525c3dcc5c1fd6c", "source": "nvd@nist.gov",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "type": "Primary",
}, "description": [
{ {
"url": "https://git.kernel.org/stable/c/3fff5da4ca2164bb4d0f1e6cd33f6eb8a0e73e50", "lang": "en",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "value": "CWE-667"
}, }
{ ]
"url": "https://git.kernel.org/stable/c/62ff1615815d565448c37cb8a7a2a076492ec471", }
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" ],
}, "configurations": [
{ {
"url": "https://git.kernel.org/stable/c/adff6ac889e16d97abd1e4543f533221127e978a", "nodes": [
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" {
}, "operator": "OR",
{ "negate": false,
"url": "https://git.kernel.org/stable/c/bd099a2fa9be983ba0e90a57a59484fe9d520ba8", "cpeMatch": [
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" {
}, "vulnerable": true,
{ "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"url": "https://git.kernel.org/stable/c/d9bce1310c0e2a55888e3e08c9f69d8377b3a377", "versionStartIncluding": "3.3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "versionEndExcluding": "5.4.291",
"matchCriteriaId": "B698C733-CC6F-49C5-A1FF-52429A59BA64"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.235",
"matchCriteriaId": "545121FA-DE31-4154-9446-C2000FB4104D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.179",
"matchCriteriaId": "C708062C-4E1B-465F-AE6D-C09C46400875"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.129",
"matchCriteriaId": "2DA5009C-C9B9-4A1D-9B96-78427E8F232C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.76",
"matchCriteriaId": "A6D70701-9CB6-4222-A957-00A419878993"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.12.13",
"matchCriteriaId": "2897389C-A8C3-4D69-90F2-E701B3D66373"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.13",
"versionEndExcluding": "6.13.2",
"matchCriteriaId": "6D4116B1-1BFD-4F23-BA84-169CC05FC5A3"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/0a7794b9ca78c8e7d001c583bf05736169de3f20",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/184a564e6000b41582f160a5be9a9b5aabe22ac1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/1bb06f919fa5bec77ad9b6002525c3dcc5c1fd6c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3fff5da4ca2164bb4d0f1e6cd33f6eb8a0e73e50",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/62ff1615815d565448c37cb8a7a2a076492ec471",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/adff6ac889e16d97abd1e4543f533221127e978a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/bd099a2fa9be983ba0e90a57a59484fe9d520ba8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d9bce1310c0e2a55888e3e08c9f69d8377b3a377",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

Some files were not shown because too many files have changed in this diff Show More