From ca306494d249c48b373ac18b58e3de839a2ba1e8 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Tue, 7 Jan 2025 17:03:54 +0000 Subject: [PATCH] Auto-Update: 2025-01-07T17:00:28.092861+00:00 --- CVE-2021/CVE-2021-204xx/CVE-2021-20455.json | 56 ++++ CVE-2022/CVE-2022-223xx/CVE-2022-22363.json | 56 ++++ CVE-2022/CVE-2022-438xx/CVE-2022-43855.json | 81 ++++- CVE-2022/CVE-2022-486xx/CVE-2022-48641.json | 165 ++++++++-- CVE-2022/CVE-2022-486xx/CVE-2022-48642.json | 144 ++++++++- CVE-2023/CVE-2023-06xx/CVE-2023-0666.json | 22 +- CVE-2023/CVE-2023-06xx/CVE-2023-0668.json | 22 +- CVE-2023/CVE-2023-208xx/CVE-2023-20888.json | 32 +- CVE-2023/CVE-2023-208xx/CVE-2023-20889.json | 32 +- CVE-2023/CVE-2023-25xx/CVE-2023-2530.json | 12 +- CVE-2023/CVE-2023-311xx/CVE-2023-31114.json | 32 +- CVE-2023/CVE-2023-311xx/CVE-2023-31115.json | 32 +- CVE-2023/CVE-2023-311xx/CVE-2023-31116.json | 32 +- CVE-2023/CVE-2023-332xx/CVE-2023-33282.json | 32 +- CVE-2023/CVE-2023-332xx/CVE-2023-33283.json | 32 +- CVE-2023/CVE-2023-332xx/CVE-2023-33284.json | 32 +- CVE-2023/CVE-2023-334xx/CVE-2023-33496.json | 32 +- CVE-2023/CVE-2023-334xx/CVE-2023-33498.json | 32 +- CVE-2023/CVE-2023-335xx/CVE-2023-33510.json | 32 +- CVE-2023/CVE-2023-335xx/CVE-2023-33536.json | 32 +- CVE-2023/CVE-2023-335xx/CVE-2023-33537.json | 32 +- CVE-2023/CVE-2023-335xx/CVE-2023-33538.json | 32 +- CVE-2023/CVE-2023-335xx/CVE-2023-33553.json | 32 +- CVE-2023/CVE-2023-335xx/CVE-2023-33556.json | 32 +- CVE-2023/CVE-2023-336xx/CVE-2023-33601.json | 32 +- CVE-2023/CVE-2023-336xx/CVE-2023-33604.json | 22 +- CVE-2023/CVE-2023-337xx/CVE-2023-33781.json | 22 +- CVE-2023/CVE-2023-338xx/CVE-2023-33865.json | 32 +- CVE-2023/CVE-2023-389xx/CVE-2023-38945.json | 139 ++++++++- CVE-2023/CVE-2023-389xx/CVE-2023-38946.json | 80 ++++- CVE-2023/CVE-2023-524xx/CVE-2023-52490.json | 97 +++++- CVE-2023/CVE-2023-526xx/CVE-2023-52663.json | 114 ++++++- CVE-2023/CVE-2023-526xx/CVE-2023-52664.json | 113 ++++++- CVE-2023/CVE-2023-63xx/CVE-2023-6326.json | 74 ++++- CVE-2023/CVE-2023-63xx/CVE-2023-6382.json | 94 +++++- CVE-2024/CVE-2024-06xx/CVE-2024-0611.json | 78 ++++- CVE-2024/CVE-2024-100xx/CVE-2024-10012.json | 47 ++- CVE-2024/CVE-2024-100xx/CVE-2024-10013.json | 47 ++- CVE-2024/CVE-2024-116xx/CVE-2024-11681.json | 110 +++++++ CVE-2024/CVE-2024-126xx/CVE-2024-12692.json | 27 +- CVE-2024/CVE-2024-14xx/CVE-2024-1449.json | 74 ++++- CVE-2024/CVE-2024-250xx/CVE-2024-25037.json | 56 ++++ CVE-2024/CVE-2024-268xx/CVE-2024-26888.json | 121 +++++++- CVE-2024/CVE-2024-269xx/CVE-2024-26928.json | 123 +++++++- CVE-2024/CVE-2024-281xx/CVE-2024-28197.json | 84 +++++- CVE-2024/CVE-2024-287xx/CVE-2024-28778.json | 56 ++++ CVE-2024/CVE-2024-314xx/CVE-2024-31456.json | 73 ++++- CVE-2024/CVE-2024-354xx/CVE-2024-35498.json | 45 ++- CVE-2024/CVE-2024-371xx/CVE-2024-37147.json | 63 +++- CVE-2024/CVE-2024-371xx/CVE-2024-37148.json | 63 +++- CVE-2024/CVE-2024-379xx/CVE-2024-37980.json | 107 ++++++- CVE-2024/CVE-2024-386xx/CVE-2024-38625.json | 97 +++++- CVE-2024/CVE-2024-407xx/CVE-2024-40702.json | 56 ++++ CVE-2024/CVE-2024-409xx/CVE-2024-40962.json | 117 +++++++- CVE-2024/CVE-2024-434xx/CVE-2024-43474.json | 72 ++++- CVE-2024/CVE-2024-436xx/CVE-2024-43613.json | 66 +++- CVE-2024/CVE-2024-44xx/CVE-2024-4470.json | 84 +++++- CVE-2024/CVE-2024-462xx/CVE-2024-46209.json | 45 ++- CVE-2024/CVE-2024-462xx/CVE-2024-46242.json | 25 ++ CVE-2024/CVE-2024-466xx/CVE-2024-46601.json | 29 ++ CVE-2024/CVE-2024-466xx/CVE-2024-46602.json | 25 ++ CVE-2024/CVE-2024-466xx/CVE-2024-46603.json | 29 ++ CVE-2024/CVE-2024-466xx/CVE-2024-46622.json | 45 ++- CVE-2024/CVE-2024-482xx/CVE-2024-48245.json | 25 ++ CVE-2024/CVE-2024-484xx/CVE-2024-48456.json | 43 ++- CVE-2024/CVE-2024-484xx/CVE-2024-48457.json | 43 ++- CVE-2024/CVE-2024-489xx/CVE-2024-48987.json | 6 +- CVE-2024/CVE-2024-490xx/CVE-2024-49025.json | 57 +++- CVE-2024/CVE-2024-490xx/CVE-2024-49042.json | 66 +++- CVE-2024/CVE-2024-490xx/CVE-2024-49056.json | 56 +++- CVE-2024/CVE-2024-502xx/CVE-2024-50292.json | 148 ++++++++- CVE-2024/CVE-2024-502xx/CVE-2024-50293.json | 100 ++++++- CVE-2024/CVE-2024-511xx/CVE-2024-51112.json | 45 ++- CVE-2024/CVE-2024-520xx/CVE-2024-52000.json | 59 +++- CVE-2024/CVE-2024-520xx/CVE-2024-52001.json | 61 +++- CVE-2024/CVE-2024-520xx/CVE-2024-52002.json | 49 ++- CVE-2024/CVE-2024-528xx/CVE-2024-52813.json | 60 ++++ CVE-2024/CVE-2024-530xx/CVE-2024-53096.json | 59 ++-- CVE-2024/CVE-2024-531xx/CVE-2024-53103.json | 186 +++++++++++- CVE-2024/CVE-2024-531xx/CVE-2024-53145.json | 142 ++++++++- CVE-2024/CVE-2024-531xx/CVE-2024-53149.json | 82 ++++- CVE-2024/CVE-2024-531xx/CVE-2024-53150.json | 141 ++++++++- CVE-2024/CVE-2024-531xx/CVE-2024-53151.json | 118 +++++++- CVE-2024/CVE-2024-531xx/CVE-2024-53154.json | 106 ++++++- CVE-2024/CVE-2024-531xx/CVE-2024-53155.json | 154 +++++++++- CVE-2024/CVE-2024-531xx/CVE-2024-53156.json | 154 +++++++++- CVE-2024/CVE-2024-531xx/CVE-2024-53157.json | 154 +++++++++- CVE-2024/CVE-2024-532xx/CVE-2024-53235.json | 70 ++++- CVE-2024/CVE-2024-533xx/CVE-2024-53345.json | 25 ++ CVE-2024/CVE-2024-538xx/CVE-2024-53800.json | 86 ++++++ CVE-2024/CVE-2024-547xx/CVE-2024-54767.json | 43 ++- CVE-2024/CVE-2024-549xx/CVE-2024-54984.json | 13 +- CVE-2024/CVE-2024-550xx/CVE-2024-55008.json | 25 ++ CVE-2024/CVE-2024-554xx/CVE-2024-55407.json | 45 ++- CVE-2024/CVE-2024-555xx/CVE-2024-55550.json | 4 +- CVE-2024/CVE-2024-555xx/CVE-2024-55553.json | 43 ++- CVE-2024/CVE-2024-555xx/CVE-2024-55556.json | 29 ++ CVE-2024/CVE-2024-560xx/CVE-2024-56056.json | 86 ++++++ CVE-2024/CVE-2024-88xx/CVE-2024-8855.json | 43 ++- CVE-2024/CVE-2024-88xx/CVE-2024-8857.json | 43 ++- CVE-2024/CVE-2024-96xx/CVE-2024-9638.json | 43 ++- CVE-2025/CVE-2025-02xx/CVE-2025-0237.json | 29 ++ CVE-2025/CVE-2025-02xx/CVE-2025-0238.json | 33 ++ CVE-2025/CVE-2025-02xx/CVE-2025-0239.json | 29 ++ CVE-2025/CVE-2025-02xx/CVE-2025-0240.json | 29 ++ CVE-2025/CVE-2025-02xx/CVE-2025-0241.json | 29 ++ CVE-2025/CVE-2025-02xx/CVE-2025-0242.json | 33 ++ CVE-2025/CVE-2025-02xx/CVE-2025-0243.json | 29 ++ CVE-2025/CVE-2025-02xx/CVE-2025-0244.json | 25 ++ CVE-2025/CVE-2025-02xx/CVE-2025-0245.json | 25 ++ CVE-2025/CVE-2025-02xx/CVE-2025-0246.json | 25 ++ CVE-2025/CVE-2025-02xx/CVE-2025-0247.json | 25 ++ CVE-2025/CVE-2025-02xx/CVE-2025-0294.json | 8 +- CVE-2025/CVE-2025-02xx/CVE-2025-0295.json | 175 +++++++++++ CVE-2025/CVE-2025-02xx/CVE-2025-0296.json | 175 +++++++++++ CVE-2025/CVE-2025-02xx/CVE-2025-0297.json | 175 +++++++++++ CVE-2025/CVE-2025-02xx/CVE-2025-0298.json | 145 +++++++++ CVE-2025/CVE-2025-216xx/CVE-2025-21616.json | 12 +- CVE-2025/CVE-2025-216xx/CVE-2025-21622.json | 60 ++++ CVE-2025/CVE-2025-216xx/CVE-2025-21623.json | 64 ++++ CVE-2025/CVE-2025-216xx/CVE-2025-21624.json | 60 ++++ CVE-2025/CVE-2025-222xx/CVE-2025-22294.json | 56 ++++ CVE-2025/CVE-2025-223xx/CVE-2025-22335.json | 56 ++++ CVE-2025/CVE-2025-223xx/CVE-2025-22338.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22502.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22503.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22507.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22511.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22512.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22515.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22516.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22517.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22518.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22519.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22520.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22522.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22524.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22525.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22528.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22529.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22530.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22531.json | 86 ++++++ CVE-2025/CVE-2025-225xx/CVE-2025-22532.json | 86 ++++++ CVE-2025/CVE-2025-225xx/CVE-2025-22533.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22534.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22536.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22538.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22541.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22543.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22544.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22545.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22546.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22547.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22548.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22549.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22550.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22551.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22552.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22554.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22555.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22556.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22557.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22558.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22559.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22560.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22562.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22563.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22571.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22572.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22573.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22574.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22577.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22578.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22579.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22580.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22581.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22582.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22584.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22585.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22589.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22590.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22591.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22592.json | 56 ++++ CVE-2025/CVE-2025-225xx/CVE-2025-22593.json | 56 ++++ README.md | 84 ++++-- _state.csv | 316 +++++++++++++------- 186 files changed, 11096 insertions(+), 542 deletions(-) create mode 100644 CVE-2021/CVE-2021-204xx/CVE-2021-20455.json create mode 100644 CVE-2022/CVE-2022-223xx/CVE-2022-22363.json create mode 100644 CVE-2024/CVE-2024-116xx/CVE-2024-11681.json create mode 100644 CVE-2024/CVE-2024-250xx/CVE-2024-25037.json create mode 100644 CVE-2024/CVE-2024-287xx/CVE-2024-28778.json create mode 100644 CVE-2024/CVE-2024-407xx/CVE-2024-40702.json create mode 100644 CVE-2024/CVE-2024-462xx/CVE-2024-46242.json create mode 100644 CVE-2024/CVE-2024-466xx/CVE-2024-46601.json create mode 100644 CVE-2024/CVE-2024-466xx/CVE-2024-46602.json create mode 100644 CVE-2024/CVE-2024-466xx/CVE-2024-46603.json create mode 100644 CVE-2024/CVE-2024-482xx/CVE-2024-48245.json create mode 100644 CVE-2024/CVE-2024-528xx/CVE-2024-52813.json create mode 100644 CVE-2024/CVE-2024-533xx/CVE-2024-53345.json create mode 100644 CVE-2024/CVE-2024-538xx/CVE-2024-53800.json create mode 100644 CVE-2024/CVE-2024-550xx/CVE-2024-55008.json create mode 100644 CVE-2024/CVE-2024-555xx/CVE-2024-55556.json create mode 100644 CVE-2024/CVE-2024-560xx/CVE-2024-56056.json create mode 100644 CVE-2025/CVE-2025-02xx/CVE-2025-0237.json create mode 100644 CVE-2025/CVE-2025-02xx/CVE-2025-0238.json create mode 100644 CVE-2025/CVE-2025-02xx/CVE-2025-0239.json create mode 100644 CVE-2025/CVE-2025-02xx/CVE-2025-0240.json create mode 100644 CVE-2025/CVE-2025-02xx/CVE-2025-0241.json create mode 100644 CVE-2025/CVE-2025-02xx/CVE-2025-0242.json create mode 100644 CVE-2025/CVE-2025-02xx/CVE-2025-0243.json create mode 100644 CVE-2025/CVE-2025-02xx/CVE-2025-0244.json create mode 100644 CVE-2025/CVE-2025-02xx/CVE-2025-0245.json create mode 100644 CVE-2025/CVE-2025-02xx/CVE-2025-0246.json create mode 100644 CVE-2025/CVE-2025-02xx/CVE-2025-0247.json create mode 100644 CVE-2025/CVE-2025-02xx/CVE-2025-0295.json create mode 100644 CVE-2025/CVE-2025-02xx/CVE-2025-0296.json create mode 100644 CVE-2025/CVE-2025-02xx/CVE-2025-0297.json create mode 100644 CVE-2025/CVE-2025-02xx/CVE-2025-0298.json create mode 100644 CVE-2025/CVE-2025-216xx/CVE-2025-21622.json create mode 100644 CVE-2025/CVE-2025-216xx/CVE-2025-21623.json create mode 100644 CVE-2025/CVE-2025-216xx/CVE-2025-21624.json create mode 100644 CVE-2025/CVE-2025-222xx/CVE-2025-22294.json create mode 100644 CVE-2025/CVE-2025-223xx/CVE-2025-22335.json create mode 100644 CVE-2025/CVE-2025-223xx/CVE-2025-22338.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22502.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22503.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22507.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22511.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22512.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22515.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22516.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22517.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22518.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22519.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22520.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22522.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22524.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22525.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22528.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22529.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22530.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22531.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22532.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22533.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22534.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22536.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22538.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22541.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22543.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22544.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22545.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22546.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22547.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22548.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22549.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22550.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22551.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22552.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22554.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22555.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22556.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22557.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22558.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22559.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22560.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22562.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22563.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22571.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22572.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22573.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22574.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22577.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22578.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22579.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22580.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22581.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22582.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22584.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22585.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22589.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22590.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22591.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22592.json create mode 100644 CVE-2025/CVE-2025-225xx/CVE-2025-22593.json diff --git a/CVE-2021/CVE-2021-204xx/CVE-2021-20455.json b/CVE-2021/CVE-2021-204xx/CVE-2021-20455.json new file mode 100644 index 00000000000..84afc0d7e3a --- /dev/null +++ b/CVE-2021/CVE-2021-204xx/CVE-2021-20455.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2021-20455", + "sourceIdentifier": "psirt@us.ibm.com", + "published": "2025-01-07T16:15:27.430", + "lastModified": "2025-01-07T16:15:27.430", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@us.ibm.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 3.7, + "baseSeverity": "LOW", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.2, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@us.ibm.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-209" + } + ] + } + ], + "references": [ + { + "url": "https://www.ibm.com/support/pages/node/7179163", + "source": "psirt@us.ibm.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-223xx/CVE-2022-22363.json b/CVE-2022/CVE-2022-223xx/CVE-2022-22363.json new file mode 100644 index 00000000000..36b38f45563 --- /dev/null +++ b/CVE-2022/CVE-2022-223xx/CVE-2022-22363.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2022-22363", + "sourceIdentifier": "psirt@us.ibm.com", + "published": "2025-01-07T16:15:28.050", + "lastModified": "2025-01-07T16:15:28.050", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@us.ibm.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@us.ibm.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-209" + } + ] + } + ], + "references": [ + { + "url": "https://www.ibm.com/support/pages/node/7179163", + "source": "psirt@us.ibm.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-438xx/CVE-2022-43855.json b/CVE-2022/CVE-2022-438xx/CVE-2022-43855.json index 55c5ef943a6..293fc9f8bec 100644 --- a/CVE-2022/CVE-2022-438xx/CVE-2022-43855.json +++ b/CVE-2022/CVE-2022-438xx/CVE-2022-43855.json @@ -2,8 +2,8 @@ "id": "CVE-2022-43855", "sourceIdentifier": "psirt@us.ibm.com", "published": "2024-03-08T18:15:48.283", - "lastModified": "2024-11-21T07:27:16.697", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-07T15:38:33.697", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 2.5, "impactScore": 3.6 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 } ] }, @@ -49,24 +69,73 @@ "value": "CWE-399" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:spss_statistics:26.0.0.0:*:*:*:*:*:*:*", + "matchCriteriaId": "241189CD-33AF-406E-BF50-C0E56830FDAB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:spss_statistics:27.0.1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "C015B1C6-9458-4229-B49A-F87113AD53E9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:spss_statistics:28.0.0.0:*:*:*:*:*:*:*", + "matchCriteriaId": "1B7D7D53-FFFC-42DE-8A7F-7421FC3D426D" + } + ] + } + ] } ], "references": [ { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/239235", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.ibm.com/support/pages/node/7130881", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/239235", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.ibm.com/support/pages/node/7130881", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-486xx/CVE-2022-48641.json b/CVE-2022/CVE-2022-486xx/CVE-2022-48641.json index c9c2cb27ae7..7320a8b3268 100644 --- a/CVE-2022/CVE-2022-486xx/CVE-2022-48641.json +++ b/CVE-2022/CVE-2022-486xx/CVE-2022-48641.json @@ -2,8 +2,8 @@ "id": "CVE-2022-48641", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-04-28T13:15:06.950", - "lastModified": "2024-11-21T07:33:40.470", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-07T16:57:26.363", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,63 +15,194 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: netfilter: ebtables: corrige la p\u00e9rdida de memoria cuando el blob tiene un formato incorrecto La correcci\u00f3n del error estaba incompleta, \"reemplaz\u00f3\" el bloqueo con una p\u00e9rdida de memoria. El c\u00f3digo antiguo ten\u00eda una asignaci\u00f3n para \"ret\" incrustada en el condicional, restaurar esto." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-401" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.14.292", + "versionEndExcluding": "4.14.295", + "matchCriteriaId": "716DA97D-04B9-453C-974F-AE4E8DAA3F44" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.19.257", + "versionEndExcluding": "4.19.260", + "matchCriteriaId": "222EAB98-7DFB-4D56-B3E1-03D9D708D7C2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.4.212", + "versionEndExcluding": "5.4.215", + "matchCriteriaId": "D8822B45-EFD9-4E7D-B7C0-4B325D460411" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.10.140", + "versionEndExcluding": "5.10.146", + "matchCriteriaId": "46F3A060-702E-4018-94C5-4E7FC03AB0F5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.15.64", + "versionEndExcluding": "5.15.71", + "matchCriteriaId": "E9A066D2-5BB3-49A3-9666-5736C6889680" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.19.6", + "versionEndExcluding": "5.19.12", + "matchCriteriaId": "F7C38106-1200-4F0A-A144-7F7E34C1383D" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/11ebf32fde46572b0aaf3c2bdd97d923ef5a03ab", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/1e98318af2f163eadaff815abcef38d27ca92c1e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/38cf372b17f0a5f35c1b716a100532d539f0eb33", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/62ce44c4fff947eebdf10bb582267e686e6835c9", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/754e8b74281dd54a324698803483f47cf3355ae1", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d5917b7af7cae0e2804f9d127a03268035098b7f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ebd97dbe3c55d68346b9c5fb00634a7f5b10bbee", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/11ebf32fde46572b0aaf3c2bdd97d923ef5a03ab", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/1e98318af2f163eadaff815abcef38d27ca92c1e", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/38cf372b17f0a5f35c1b716a100532d539f0eb33", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/62ce44c4fff947eebdf10bb582267e686e6835c9", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/754e8b74281dd54a324698803483f47cf3355ae1", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d5917b7af7cae0e2804f9d127a03268035098b7f", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ebd97dbe3c55d68346b9c5fb00634a7f5b10bbee", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-486xx/CVE-2022-48642.json b/CVE-2022/CVE-2022-486xx/CVE-2022-48642.json index d0b04d62dd0..82805758980 100644 --- a/CVE-2022/CVE-2022-486xx/CVE-2022-48642.json +++ b/CVE-2022/CVE-2022-486xx/CVE-2022-48642.json @@ -2,8 +2,8 @@ "id": "CVE-2022-48642", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-04-28T13:15:07.000", - "lastModified": "2024-11-21T07:33:40.583", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-07T16:58:08.190", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,39 +15,161 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: netfilter: nf_tables: corrige la p\u00e9rdida de memoria de percpu en nf_tables_addchain() Me parece que la memoria de percpu para las estad\u00edsticas de la cadena comenz\u00f3 a perderse desde el commit 3bc158f8d0330f0a (\"netfilter: nf_tables: asigna la prioridad de la cadena base al hardware prioridad\") cuando nft_chain_offload_priority() devolvi\u00f3 un error." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-401" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.3", + "versionEndExcluding": "5.10.146", + "matchCriteriaId": "98420F01-0830-4875-A0D2-726633A3487D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.71", + "matchCriteriaId": "080C1827-D257-4D5A-9071-779EF7F5EF0B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "5.19.12", + "matchCriteriaId": "03B0F56B-C5CC-4E81-BB51-D07D569DE4CA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.0:rc1:*:*:*:*:*:*", + "matchCriteriaId": "E8BD11A3-8643-49B6-BADE-5029A0117325" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.0:rc2:*:*:*:*:*:*", + "matchCriteriaId": "5F0AD220-F6A9-4012-8636-155F1B841FAD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.0:rc3:*:*:*:*:*:*", + "matchCriteriaId": "A46498B3-78E1-4623-AAE1-94D29A42BE4E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.0:rc4:*:*:*:*:*:*", + "matchCriteriaId": "F8446E87-F5F6-41CA-8201-BAE0F0CA6DD9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.0:rc5:*:*:*:*:*:*", + "matchCriteriaId": "8E5FB72F-67CE-43CC-83FE-541604D98182" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.0:rc6:*:*:*:*:*:*", + "matchCriteriaId": "3A0A7397-F5F8-4753-82DC-9A11288E696D" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/08d7524f366a886b99b1630a24a27dd6e0d7f852", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/985b031667c3177b9e7fb9787b989628e4271714", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9a4d6dd554b86e65581ef6b6638a39ae079b17ac", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b043a525a3f5520abb676a7cd8f6328fdf959e88", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/08d7524f366a886b99b1630a24a27dd6e0d7f852", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/985b031667c3177b9e7fb9787b989628e4271714", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9a4d6dd554b86e65581ef6b6638a39ae079b17ac", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b043a525a3f5520abb676a7cd8f6328fdf959e88", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-06xx/CVE-2023-0666.json b/CVE-2023/CVE-2023-06xx/CVE-2023-0666.json index 5d6f7571e1a..3d3a67f53e2 100644 --- a/CVE-2023/CVE-2023-06xx/CVE-2023-0666.json +++ b/CVE-2023/CVE-2023-06xx/CVE-2023-0666.json @@ -2,7 +2,7 @@ "id": "CVE-2023-0666", "sourceIdentifier": "cve@takeonme.org", "published": "2023-06-07T03:15:09.000", - "lastModified": "2024-11-21T07:37:35.337", + "lastModified": "2025-01-07T16:15:28.873", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 3.6 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 } ] }, diff --git a/CVE-2023/CVE-2023-06xx/CVE-2023-0668.json b/CVE-2023/CVE-2023-06xx/CVE-2023-0668.json index e08688c5417..63e00bc8f06 100644 --- a/CVE-2023/CVE-2023-06xx/CVE-2023-0668.json +++ b/CVE-2023/CVE-2023-06xx/CVE-2023-0668.json @@ -2,7 +2,7 @@ "id": "CVE-2023-0668", "sourceIdentifier": "cve@takeonme.org", "published": "2023-06-07T03:15:09.193", - "lastModified": "2024-11-21T07:37:35.593", + "lastModified": "2025-01-07T16:15:29.157", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 3.6 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 } ] }, diff --git a/CVE-2023/CVE-2023-208xx/CVE-2023-20888.json b/CVE-2023/CVE-2023-208xx/CVE-2023-20888.json index 459e805a481..e4056ad9f6b 100644 --- a/CVE-2023/CVE-2023-208xx/CVE-2023-20888.json +++ b/CVE-2023/CVE-2023-208xx/CVE-2023-20888.json @@ -2,7 +2,7 @@ "id": "CVE-2023-20888", "sourceIdentifier": "security@vmware.com", "published": "2023-06-07T15:15:09.263", - "lastModified": "2024-11-21T07:41:45.533", + "lastModified": "2025-01-07T16:15:29.400", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -32,6 +32,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 } ] }, @@ -45,6 +65,16 @@ "value": "CWE-502" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-502" + } + ] } ], "configurations": [ diff --git a/CVE-2023/CVE-2023-208xx/CVE-2023-20889.json b/CVE-2023/CVE-2023-208xx/CVE-2023-20889.json index 502d0b7235f..6c1083ca9bc 100644 --- a/CVE-2023/CVE-2023-208xx/CVE-2023-20889.json +++ b/CVE-2023/CVE-2023-208xx/CVE-2023-20889.json @@ -2,7 +2,7 @@ "id": "CVE-2023-20889", "sourceIdentifier": "security@vmware.com", "published": "2023-06-07T15:15:09.317", - "lastModified": "2024-11-21T07:41:45.643", + "lastModified": "2025-01-07T16:15:29.613", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -32,6 +32,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 3.6 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 } ] }, @@ -45,6 +65,16 @@ "value": "CWE-77" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-77" + } + ] } ], "configurations": [ diff --git a/CVE-2023/CVE-2023-25xx/CVE-2023-2530.json b/CVE-2023/CVE-2023-25xx/CVE-2023-2530.json index fb10269d7c4..f28eea285b1 100644 --- a/CVE-2023/CVE-2023-25xx/CVE-2023-2530.json +++ b/CVE-2023/CVE-2023-25xx/CVE-2023-2530.json @@ -2,7 +2,7 @@ "id": "CVE-2023-2530", "sourceIdentifier": "security@puppet.com", "published": "2023-06-07T20:15:09.557", - "lastModified": "2024-11-21T07:58:47.160", + "lastModified": "2025-01-07T16:15:29.843", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -45,6 +45,16 @@ "value": "NVD-CWE-noinfo" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-276" + } + ] } ], "configurations": [ diff --git a/CVE-2023/CVE-2023-311xx/CVE-2023-31114.json b/CVE-2023/CVE-2023-311xx/CVE-2023-31114.json index b7ab26abf0e..57a8cee9d7f 100644 --- a/CVE-2023/CVE-2023-311xx/CVE-2023-31114.json +++ b/CVE-2023/CVE-2023-311xx/CVE-2023-31114.json @@ -2,7 +2,7 @@ "id": "CVE-2023-31114", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-07T21:15:13.350", - "lastModified": "2024-11-21T08:01:25.737", + "lastModified": "2025-01-07T15:15:06.800", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -32,6 +32,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 5.2 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", + "baseScore": 9.1, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.2 } ] }, @@ -45,6 +65,16 @@ "value": "CWE-669" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-669" + } + ] } ], "configurations": [ diff --git a/CVE-2023/CVE-2023-311xx/CVE-2023-31115.json b/CVE-2023/CVE-2023-311xx/CVE-2023-31115.json index cf16cbff35f..099f9b469d6 100644 --- a/CVE-2023/CVE-2023-311xx/CVE-2023-31115.json +++ b/CVE-2023/CVE-2023-311xx/CVE-2023-31115.json @@ -2,7 +2,7 @@ "id": "CVE-2023-31115", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-07T21:15:13.407", - "lastModified": "2024-11-21T08:01:25.877", + "lastModified": "2025-01-07T15:15:07.683", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -32,6 +32,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 3.6 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 } ] }, @@ -45,6 +65,16 @@ "value": "CWE-669" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-669" + } + ] } ], "configurations": [ diff --git a/CVE-2023/CVE-2023-311xx/CVE-2023-31116.json b/CVE-2023/CVE-2023-311xx/CVE-2023-31116.json index fb855d1a0c1..d5fcffcbcf7 100644 --- a/CVE-2023/CVE-2023-311xx/CVE-2023-31116.json +++ b/CVE-2023/CVE-2023-311xx/CVE-2023-31116.json @@ -2,7 +2,7 @@ "id": "CVE-2023-31116", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-07T21:15:13.453", - "lastModified": "2024-11-21T08:01:26.033", + "lastModified": "2025-01-07T15:15:07.850", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -32,6 +32,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 } ] }, @@ -45,6 +65,16 @@ "value": "CWE-276" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-276" + } + ] } ], "configurations": [ diff --git a/CVE-2023/CVE-2023-332xx/CVE-2023-33282.json b/CVE-2023/CVE-2023-332xx/CVE-2023-33282.json index 6b2e7f3361a..d51ba4a8ce7 100644 --- a/CVE-2023/CVE-2023-332xx/CVE-2023-33282.json +++ b/CVE-2023/CVE-2023-332xx/CVE-2023-33282.json @@ -2,7 +2,7 @@ "id": "CVE-2023-33282", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-07T20:15:09.740", - "lastModified": "2024-11-21T08:05:19.683", + "lastModified": "2025-01-07T15:15:08.000", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -32,6 +32,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", + "baseScore": 9.1, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.2 } ] }, @@ -45,6 +65,16 @@ "value": "CWE-276" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-276" + } + ] } ], "configurations": [ diff --git a/CVE-2023/CVE-2023-332xx/CVE-2023-33283.json b/CVE-2023/CVE-2023-332xx/CVE-2023-33283.json index 16de5a38947..9fec46a6ef3 100644 --- a/CVE-2023/CVE-2023-332xx/CVE-2023-33283.json +++ b/CVE-2023/CVE-2023-332xx/CVE-2023-33283.json @@ -2,7 +2,7 @@ "id": "CVE-2023-33283", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-07T20:15:09.790", - "lastModified": "2024-11-21T08:05:19.853", + "lastModified": "2025-01-07T16:15:29.973", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -32,6 +32,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 3.6 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 } ] }, @@ -45,6 +65,16 @@ "value": "CWE-326" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-326" + } + ] } ], "configurations": [ diff --git a/CVE-2023/CVE-2023-332xx/CVE-2023-33284.json b/CVE-2023/CVE-2023-332xx/CVE-2023-33284.json index 0cc7ebf2ef2..11b2cd5a98a 100644 --- a/CVE-2023/CVE-2023-332xx/CVE-2023-33284.json +++ b/CVE-2023/CVE-2023-332xx/CVE-2023-33284.json @@ -2,7 +2,7 @@ "id": "CVE-2023-33284", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-07T20:15:09.833", - "lastModified": "2024-11-21T08:05:20.000", + "lastModified": "2025-01-07T16:15:30.170", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -32,6 +32,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 } ] }, @@ -45,6 +65,16 @@ "value": "CWE-502" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-502" + } + ] } ], "configurations": [ diff --git a/CVE-2023/CVE-2023-334xx/CVE-2023-33496.json b/CVE-2023/CVE-2023-334xx/CVE-2023-33496.json index c2c4ee251a0..4104e94c68c 100644 --- a/CVE-2023/CVE-2023-334xx/CVE-2023-33496.json +++ b/CVE-2023/CVE-2023-334xx/CVE-2023-33496.json @@ -2,7 +2,7 @@ "id": "CVE-2023-33496", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-07T21:15:13.513", - "lastModified": "2024-11-21T08:05:38.913", + "lastModified": "2025-01-07T16:15:30.370", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -32,6 +32,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 } ] }, @@ -45,6 +65,16 @@ "value": "CWE-502" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-502" + } + ] } ], "configurations": [ diff --git a/CVE-2023/CVE-2023-334xx/CVE-2023-33498.json b/CVE-2023/CVE-2023-334xx/CVE-2023-33498.json index c812b628b9b..4b6cf13e225 100644 --- a/CVE-2023/CVE-2023-334xx/CVE-2023-33498.json +++ b/CVE-2023/CVE-2023-334xx/CVE-2023-33498.json @@ -2,7 +2,7 @@ "id": "CVE-2023-33498", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-07T14:15:09.917", - "lastModified": "2024-11-21T08:05:39.070", + "lastModified": "2025-01-07T16:15:30.577", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -32,6 +32,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 } ] }, @@ -45,6 +65,16 @@ "value": "CWE-434" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] } ], "configurations": [ diff --git a/CVE-2023/CVE-2023-335xx/CVE-2023-33510.json b/CVE-2023/CVE-2023-335xx/CVE-2023-33510.json index fad35dd056d..d6a0f2417d0 100644 --- a/CVE-2023/CVE-2023-335xx/CVE-2023-33510.json +++ b/CVE-2023/CVE-2023-335xx/CVE-2023-33510.json @@ -2,7 +2,7 @@ "id": "CVE-2023-33510", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-07T20:15:09.877", - "lastModified": "2024-11-21T08:05:39.667", + "lastModified": "2025-01-07T16:15:30.803", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -32,6 +32,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 3.6 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 } ] }, @@ -45,6 +65,16 @@ "value": "CWE-668" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] } ], "configurations": [ diff --git a/CVE-2023/CVE-2023-335xx/CVE-2023-33536.json b/CVE-2023/CVE-2023-335xx/CVE-2023-33536.json index ad7bfe3dbf9..4c7ed3a4957 100644 --- a/CVE-2023/CVE-2023-335xx/CVE-2023-33536.json +++ b/CVE-2023/CVE-2023-335xx/CVE-2023-33536.json @@ -2,7 +2,7 @@ "id": "CVE-2023-33536", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-07T04:15:10.467", - "lastModified": "2024-11-21T08:05:41.220", + "lastModified": "2025-01-07T16:15:31.153", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -32,6 +32,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 5.2 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", + "baseScore": 8.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.2 } ] }, @@ -45,6 +65,16 @@ "value": "CWE-125" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] } ], "configurations": [ diff --git a/CVE-2023/CVE-2023-335xx/CVE-2023-33537.json b/CVE-2023/CVE-2023-335xx/CVE-2023-33537.json index 3c28489cb2a..ff175c40a80 100644 --- a/CVE-2023/CVE-2023-335xx/CVE-2023-33537.json +++ b/CVE-2023/CVE-2023-335xx/CVE-2023-33537.json @@ -2,7 +2,7 @@ "id": "CVE-2023-33537", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-07T04:15:10.563", - "lastModified": "2024-11-21T08:05:41.383", + "lastModified": "2025-01-07T16:15:31.423", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -32,6 +32,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 5.2 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", + "baseScore": 8.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.2 } ] }, @@ -45,6 +65,16 @@ "value": "CWE-125" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] } ], "configurations": [ diff --git a/CVE-2023/CVE-2023-335xx/CVE-2023-33538.json b/CVE-2023/CVE-2023-335xx/CVE-2023-33538.json index 8da4ce0d0df..8fba695d867 100644 --- a/CVE-2023/CVE-2023-335xx/CVE-2023-33538.json +++ b/CVE-2023/CVE-2023-335xx/CVE-2023-33538.json @@ -2,7 +2,7 @@ "id": "CVE-2023-33538", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-07T04:15:10.623", - "lastModified": "2024-11-21T08:05:41.547", + "lastModified": "2025-01-07T15:15:08.190", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 } ] }, @@ -49,6 +69,16 @@ "value": "CWE-77" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-77" + } + ] } ], "configurations": [ diff --git a/CVE-2023/CVE-2023-335xx/CVE-2023-33553.json b/CVE-2023/CVE-2023-335xx/CVE-2023-33553.json index b64582c6881..4a1eea6949a 100644 --- a/CVE-2023/CVE-2023-335xx/CVE-2023-33553.json +++ b/CVE-2023/CVE-2023-335xx/CVE-2023-33553.json @@ -2,7 +2,7 @@ "id": "CVE-2023-33553", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-07T15:15:09.480", - "lastModified": "2024-11-21T08:05:42.463", + "lastModified": "2025-01-07T15:15:08.367", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -32,6 +32,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 } ] }, @@ -45,6 +65,16 @@ "value": "CWE-287" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-306" + } + ] } ], "configurations": [ diff --git a/CVE-2023/CVE-2023-335xx/CVE-2023-33556.json b/CVE-2023/CVE-2023-335xx/CVE-2023-33556.json index 65bd22558ad..1fedfb74147 100644 --- a/CVE-2023/CVE-2023-335xx/CVE-2023-33556.json +++ b/CVE-2023/CVE-2023-335xx/CVE-2023-33556.json @@ -2,7 +2,7 @@ "id": "CVE-2023-33556", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-07T21:15:13.567", - "lastModified": "2024-11-21T08:05:42.613", + "lastModified": "2025-01-07T15:15:08.523", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -32,6 +32,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 } ] }, @@ -45,6 +65,16 @@ "value": "CWE-77" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-77" + } + ] } ], "configurations": [ diff --git a/CVE-2023/CVE-2023-336xx/CVE-2023-33601.json b/CVE-2023/CVE-2023-336xx/CVE-2023-33601.json index bd11958a5f2..617e358e64b 100644 --- a/CVE-2023/CVE-2023-336xx/CVE-2023-33601.json +++ b/CVE-2023/CVE-2023-336xx/CVE-2023-33601.json @@ -2,7 +2,7 @@ "id": "CVE-2023-33601", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-07T02:15:15.887", - "lastModified": "2024-11-21T08:05:45.477", + "lastModified": "2025-01-07T15:15:08.683", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 } ] }, @@ -49,6 +69,16 @@ "value": "CWE-434" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] } ], "configurations": [ diff --git a/CVE-2023/CVE-2023-336xx/CVE-2023-33604.json b/CVE-2023/CVE-2023-336xx/CVE-2023-33604.json index f96fc6d2622..34849235a11 100644 --- a/CVE-2023/CVE-2023-336xx/CVE-2023-33604.json +++ b/CVE-2023/CVE-2023-336xx/CVE-2023-33604.json @@ -2,7 +2,7 @@ "id": "CVE-2023-33604", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-07T02:15:15.930", - "lastModified": "2024-11-21T08:05:45.607", + "lastModified": "2025-01-07T15:15:08.840", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 5.2 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", + "baseScore": 9.1, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.2 } ] }, diff --git a/CVE-2023/CVE-2023-337xx/CVE-2023-33781.json b/CVE-2023/CVE-2023-337xx/CVE-2023-33781.json index 0a39db8b954..ecb0cfbbfa3 100644 --- a/CVE-2023/CVE-2023-337xx/CVE-2023-33781.json +++ b/CVE-2023/CVE-2023-337xx/CVE-2023-33781.json @@ -2,7 +2,7 @@ "id": "CVE-2023-33781", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-07T01:15:39.247", - "lastModified": "2024-11-21T08:05:59.383", + "lastModified": "2025-01-07T15:15:09.010", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -32,6 +32,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 } ] }, diff --git a/CVE-2023/CVE-2023-338xx/CVE-2023-33865.json b/CVE-2023/CVE-2023-338xx/CVE-2023-33865.json index d8bf92fe427..3bf24034622 100644 --- a/CVE-2023/CVE-2023-338xx/CVE-2023-33865.json +++ b/CVE-2023/CVE-2023-338xx/CVE-2023-33865.json @@ -2,7 +2,7 @@ "id": "CVE-2023-33865", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-07T20:15:10.053", - "lastModified": "2024-11-21T08:06:05.743", + "lastModified": "2025-01-07T16:15:31.647", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -32,6 +32,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 } ] }, @@ -45,6 +65,16 @@ "value": "CWE-59" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-59" + } + ] } ], "configurations": [ diff --git a/CVE-2023/CVE-2023-389xx/CVE-2023-38945.json b/CVE-2023/CVE-2023-389xx/CVE-2023-38945.json index fa5c3d08d17..11d5747af7d 100644 --- a/CVE-2023/CVE-2023-389xx/CVE-2023-38945.json +++ b/CVE-2023/CVE-2023-389xx/CVE-2023-38945.json @@ -2,8 +2,8 @@ "id": "CVE-2023-38945", "sourceIdentifier": "cve@mitre.org", "published": "2024-03-06T00:15:52.247", - "lastModified": "2024-11-21T08:14:30.217", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-07T15:14:46.853", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", @@ -40,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", @@ -51,14 +81,115 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:multilaser:re160_firmware:5.07.51_pt_mtl01:*:*:*:*:*:*:*", + "matchCriteriaId": "AA4DBB8C-C5ED-43E2-B882-E1F44BD20606" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:multilaser:re160_firmware:5.07.52_pt_mtl01:*:*:*:*:*:*:*", + "matchCriteriaId": "DAF009A5-ACBE-4C8C-A17E-D720547DB858" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:multilaser:re160:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7159C9E6-8B5B-41CE-ADE9-C1925BDB3D42" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:multilaser:re160v_firmware:12.03.01.08_pt:*:*:*:*:*:*:*", + "matchCriteriaId": "8624004B-770D-44B2-947B-E69539321521" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:multilaser:re160v_firmware:12.03.01.09_pt:*:*:*:*:*:*:*", + "matchCriteriaId": "3FACF669-288B-4B42-8120-E567A5C477C3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:multilaser:re160v:-:*:*:*:*:*:*:*", + "matchCriteriaId": "70C33130-2E3E-488B-9389-BA2610A3A4BA" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:multilaser:re163v_firmware:12.03.01.08_pt:*:*:*:*:*:*:*", + "matchCriteriaId": "1FFD6025-9707-4054-8C61-913C5B5B6D92" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:multilaser:re163v:-:*:*:*:*:*:*:*", + "matchCriteriaId": "EB80F4FB-89C3-4862-B8B6-7DB3F91E3B25" + } + ] + } + ] + } + ], "references": [ { "url": "http://seclists.org/fulldisclosure/2024/Mar/1", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "http://seclists.org/fulldisclosure/2024/Mar/1", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-389xx/CVE-2023-38946.json b/CVE-2023/CVE-2023-389xx/CVE-2023-38946.json index 2ad3b92afd3..4f3c1d21db5 100644 --- a/CVE-2023/CVE-2023-389xx/CVE-2023-38946.json +++ b/CVE-2023/CVE-2023-389xx/CVE-2023-38946.json @@ -2,8 +2,8 @@ "id": "CVE-2023-38946", "sourceIdentifier": "cve@mitre.org", "published": "2024-03-06T00:15:52.300", - "lastModified": "2024-11-21T08:14:30.423", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-07T15:16:04.743", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", @@ -40,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", @@ -51,14 +81,56 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:multilaser:re160_firmware:5.07.51_pt_mtl01:*:*:*:*:*:*:*", + "matchCriteriaId": "AA4DBB8C-C5ED-43E2-B882-E1F44BD20606" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:multilaser:re160_firmware:5.07.52_pt_mtl01:*:*:*:*:*:*:*", + "matchCriteriaId": "DAF009A5-ACBE-4C8C-A17E-D720547DB858" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:multilaser:re160:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7159C9E6-8B5B-41CE-ADE9-C1925BDB3D42" + } + ] + } + ] + } + ], "references": [ { "url": "http://seclists.org/fulldisclosure/2024/Mar/2", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "http://seclists.org/fulldisclosure/2024/Mar/2", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-524xx/CVE-2023-52490.json b/CVE-2023/CVE-2023-524xx/CVE-2023-52490.json index 47c4de4b1e9..83133a15cc6 100644 --- a/CVE-2023/CVE-2023-524xx/CVE-2023-52490.json +++ b/CVE-2023/CVE-2023-524xx/CVE-2023-52490.json @@ -2,8 +2,8 @@ "id": "CVE-2023-52490", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-03-11T18:15:16.750", - "lastModified": "2024-11-21T08:39:53.407", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-01-07T15:44:33.343", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,31 +15,110 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: mm: migrar: se corrigi\u00f3 la asignaci\u00f3n de p\u00e1gina incorrecta durante la migraci\u00f3n de la p\u00e1gina Al ejecutar la prueba de estr\u00e9s, encontramos el siguiente bloqueo del kernel despu\u00e9s de unas horas: No se puede manejar la desreferencia del puntero NULL del kernel en virtual direcci\u00f3n 0000000000000000 pc: dentry_name+0xd8/0x224 lr: puntero+0x22c/0x370 sp: ffff800025f134c0 ...... Rastreo de llamadas: dentry_name+0xd8/0x224 puntero+0x22c/0x370 vsnprintf+0x1ec/0x730 vscnprint f+0x2c/0x60 vprintk_store+ 0x70/0x234 vprintk_emit+0xe0/0x24c vprintk_default+0x3c/0x44 vprintk_func+0x84/0x2d0 printk+0x64/0x88 __dump_page+0x52c/0x530 dump_page+0x14/0x20 set_migratetype_isolate+0x110/0x22 4 start_isolate_page_range+0xc4/0x20c offline_pages+0x124/0x474 memoria_block_offline+ 0x44/0xf4 Memory_subsys_offline+0x3c/0x70 device_offline+0xf0/0x120 ...... Despu\u00e9s de analizar vmcore, descubr\u00ed que este problema se debe a la migraci\u00f3n de la p\u00e1gina. El escenario es que un hilo est\u00e1 realizando la migraci\u00f3n de la p\u00e1gina y usaremos el campo ->mapping de la p\u00e1gina de destino para guardar el puntero 'anon_vma' entre la desasignaci\u00f3n de la p\u00e1gina y el movimiento de la p\u00e1gina, y ahora la p\u00e1gina de destino est\u00e1 bloqueada y el recuento es 1. Actualmente, Hay otro subproceso estresante que realiza una conexi\u00f3n en caliente de la memoria, intentando desconectar la p\u00e1gina de destino que se est\u00e1 migrando. Descubre que el refcount de esta p\u00e1gina de destino es 1, impidiendo la operaci\u00f3n fuera de l\u00ednea, procediendo as\u00ed a volcar la p\u00e1gina. Sin embargo, page_mapping() de la p\u00e1gina de destino puede devolver una asignaci\u00f3n de archivos incorrecta para bloquear el sistema en dump_mapping(), ya que la p\u00e1gina de destino->mapping solo guarda el puntero 'anon_vma' sin configurar el indicador PAGE_MAPPING_ANON. Hay varias formas de solucionar este problema: (1) Configurar el indicador PAGE_MAPPING_ANON para la p\u00e1gina de destino ->mapping al guardar 'anon_vma', pero esto puede confundir a PageAnon() para los usuarios de PFN, ya que la p\u00e1gina de destino a\u00fan no ha creado asignaciones. (2) Hacer que el bloqueo de p\u00e1gina llame a page_mapping() en __dump_page() para evitar bloquear el sistema; sin embargo, todav\u00eda hay algunos caminantes PFN que llaman a page_mapping() sin mantener el bloqueo de p\u00e1gina, como la compactaci\u00f3n. (3) Usar p\u00e1gina de destino->campo privado para guardar el puntero 'anon_vma' y el estado de la p\u00e1gina de 2 bits, tal como p\u00e1gina->mapping registra una p\u00e1gina an\u00f3nima, lo que puede eliminar el impacto de page_mapping() para los caminantes de PFN y tambi\u00e9n parece una soluci\u00f3n simple forma. As\u00ed que elijo la opci\u00f3n 3 para solucionar este problema, y esto tambi\u00e9n puede solucionar otros problemas potenciales para los caminantes PFN, como la compactaci\u00f3n." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.3", + "versionEndExcluding": "6.6.15", + "matchCriteriaId": "FB27F895-1DBC-4989-B3A8-4327A549A9BC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.7.3", + "matchCriteriaId": "58FD5308-148A-40D3-B36A-0CA6B434A8BF" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/3889a418b6eb9a1113fb989aaadecf2f64964767", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9128bfbc5c80d8f4874dd0a0424d1f5fb010df1b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d1adb25df7111de83b64655a80b5a135adbded61", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/3889a418b6eb9a1113fb989aaadecf2f64964767", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9128bfbc5c80d8f4874dd0a0424d1f5fb010df1b", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d1adb25df7111de83b64655a80b5a135adbded61", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-526xx/CVE-2023-52663.json b/CVE-2023/CVE-2023-526xx/CVE-2023-52663.json index b4df5bb821e..fab55d7a1b6 100644 --- a/CVE-2023/CVE-2023-526xx/CVE-2023-52663.json +++ b/CVE-2023/CVE-2023-526xx/CVE-2023-52663.json @@ -2,8 +2,8 @@ "id": "CVE-2023-52663", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-17T14:15:08.577", - "lastModified": "2024-11-21T08:40:18.717", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-07T16:58:24.913", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,39 +15,131 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: ASoC: SOF: amd: corrige la p\u00e9rdida de memoria en amd_sof_acp_probe() El controlador usa kasprintf() para inicializar los miembros fw_{code,data}_bin de la estructura acp_dev_data, pero kfree() nunca se llama para desasignar la memoria, lo que resulta en una p\u00e9rdida de memoria. Solucione el problema cambiando a devm_kasprintf(). Adem\u00e1s, aseg\u00farese de que la asignaci\u00f3n se haya realizado correctamente comprobando la validez del puntero." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-401" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.6", + "versionEndExcluding": "6.6.23", + "matchCriteriaId": "5B28A88F-F85F-4008-8F7C-44FC9152916E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.7.11", + "matchCriteriaId": "9B95D3A6-E162-47D5-ABFC-F3FA74FA7CFD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.8", + "versionEndExcluding": "6.8.2", + "matchCriteriaId": "543A75FF-25B8-4046-A514-1EA8EDD87AB1" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/222be59e5eed1554119294edc743ee548c2371d0", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/7296152e58858f928db448826eb7ba5ae611297b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/88028c45d5871dfc449b2b0a27abf6428453a5ec", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/be4760799c6a7c01184467287f0de41e0dd255f8", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/222be59e5eed1554119294edc743ee548c2371d0", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/7296152e58858f928db448826eb7ba5ae611297b", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/88028c45d5871dfc449b2b0a27abf6428453a5ec", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/be4760799c6a7c01184467287f0de41e0dd255f8", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-526xx/CVE-2023-52664.json b/CVE-2023/CVE-2023-526xx/CVE-2023-52664.json index 953b8d1c1f0..90e36ae427b 100644 --- a/CVE-2023/CVE-2023-526xx/CVE-2023-52664.json +++ b/CVE-2023/CVE-2023-526xx/CVE-2023-52664.json @@ -2,8 +2,8 @@ "id": "CVE-2023-52664", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-17T14:15:08.807", - "lastModified": "2024-11-21T08:40:18.823", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-07T17:00:00.897", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,39 +15,130 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: net: atlantic: elimina double free en la l\u00f3gica de manejo de errores El controlador tiene una fuga l\u00f3gica en la asignaci\u00f3n de datos del anillo/free, donde se podr\u00eda llamar a aq_ring_free varias veces en el mismo anillo, si el sistema est\u00e1 bajo estr\u00e9s y obtuve un error de asignaci\u00f3n de memoria. Se utiliz\u00f3 un puntero de anillo como indicador de error, pero esto no es correcto ya que solo se asignan/desasignan datos de anillo. El anillo en s\u00ed es un miembro de la matriz. Cambiar las funciones de asignaci\u00f3n de anillos para devolver el c\u00f3digo de error directamente. Esto simplifica el manejo de errores y elimina aq_ring_free en la capa superior." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-415" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.1.77", + "matchCriteriaId": "F749AC21-58DA-44BE-B3C5-7C53F294A67A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.16", + "matchCriteriaId": "A5007D6A-4B58-423A-8A3A-A1A656A263C8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.7.4", + "matchCriteriaId": "848BC44C-9D25-4557-A50A-4B8BF310FA78" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/0edb3ae8bfa31cd544b0c195bdec00e036002b5d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b3cb7a830a24527877b0bc900b9bd74a96aea928", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c11a870a73a3bc4cc7df6dd877a45b181795fcbf", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d1fde4a7e1dcc4d49cce285107a7a43c3030878d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/0edb3ae8bfa31cd544b0c195bdec00e036002b5d", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b3cb7a830a24527877b0bc900b9bd74a96aea928", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c11a870a73a3bc4cc7df6dd877a45b181795fcbf", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d1fde4a7e1dcc4d49cce285107a7a43c3030878d", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-63xx/CVE-2023-6326.json b/CVE-2023/CVE-2023-63xx/CVE-2023-6326.json index 1acd08fa306..0247b781557 100644 --- a/CVE-2023/CVE-2023-63xx/CVE-2023-6326.json +++ b/CVE-2023/CVE-2023-63xx/CVE-2023-6326.json @@ -2,8 +2,8 @@ "id": "CVE-2023-6326", "sourceIdentifier": "security@wordfence.com", "published": "2024-03-02T12:15:59.460", - "lastModified": "2024-11-21T08:43:37.887", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-07T16:35:32.547", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,25 +36,87 @@ }, "exploitabilityScore": 2.8, "impactScore": 2.5 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:averta:master_slider:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "3.10.0", + "matchCriteriaId": "41F915A1-5F0D-4557-992C-21EC6C73BADD" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/master-slider/trunk/admin/includes/classes/class-msp-list-table.php", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5e0a7108-15ef-42d0-adce-fd5b0e6faf3c?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://plugins.trac.wordpress.org/browser/master-slider/trunk/admin/includes/classes/class-msp-list-table.php", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Product" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5e0a7108-15ef-42d0-adce-fd5b0e6faf3c?source=cve", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-63xx/CVE-2023-6382.json b/CVE-2023/CVE-2023-63xx/CVE-2023-6382.json index 8808643eacb..ea04451ace0 100644 --- a/CVE-2023/CVE-2023-63xx/CVE-2023-6382.json +++ b/CVE-2023/CVE-2023-63xx/CVE-2023-6382.json @@ -2,8 +2,8 @@ "id": "CVE-2023-6382", "sourceIdentifier": "security@wordfence.com", "published": "2024-06-01T05:15:08.287", - "lastModified": "2024-11-21T08:43:45.100", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-07T16:37:07.597", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,41 +36,115 @@ }, "exploitabilityScore": 3.1, "impactScore": 2.7 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:averta:master_slider:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "3.9.10", + "matchCriteriaId": "D84C9E86-689D-4190-BF3F-9CF0A56D7645" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/master-slider/trunk/includes/msp-shortcodes.php#L55", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3065917%40master-slider&new=3065917%40master-slider&sfp_email=&sfph_mail=", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3084860%40master-slider&new=3084860%40master-slider&sfp_email=&sfph_mail=", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2d2fc926-6f9f-4ed9-9598-e39b5e6c6544?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://plugins.trac.wordpress.org/browser/master-slider/trunk/includes/msp-shortcodes.php#L55", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Product" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3065917%40master-slider&new=3065917%40master-slider&sfp_email=&sfph_mail=", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Product" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3084860%40master-slider&new=3084860%40master-slider&sfp_email=&sfph_mail=", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2d2fc926-6f9f-4ed9-9598-e39b5e6c6544?source=cve", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-06xx/CVE-2024-0611.json b/CVE-2024/CVE-2024-06xx/CVE-2024-0611.json index baeeb695aeb..65e763966de 100644 --- a/CVE-2024/CVE-2024-06xx/CVE-2024-0611.json +++ b/CVE-2024/CVE-2024-06xx/CVE-2024-0611.json @@ -2,8 +2,8 @@ "id": "CVE-2024-0611", "sourceIdentifier": "security@wordfence.com", "published": "2024-03-02T12:16:00.210", - "lastModified": "2024-11-21T08:46:59.887", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-07T16:41:54.303", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,25 +36,91 @@ }, "exploitabilityScore": 1.3, "impactScore": 2.7 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 4.8, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:averta:master_slider:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "3.9.10", + "matchCriteriaId": "D84C9E86-689D-4190-BF3F-9CF0A56D7645" + } + ] + } + ] + } + ], "references": [ { "url": "https://advisory.abay.sh/cve-2024-0611", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ac6e587c-59b2-4f93-ab88-5e548b52db45?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Exploit", + "Vendor Advisory" + ] }, { "url": "https://advisory.abay.sh/cve-2024-0611", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ac6e587c-59b2-4f93-ab88-5e548b52db45?source=cve", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-100xx/CVE-2024-10012.json b/CVE-2024/CVE-2024-100xx/CVE-2024-10012.json index 87512c6f3f2..1ae05b0b73f 100644 --- a/CVE-2024/CVE-2024-100xx/CVE-2024-10012.json +++ b/CVE-2024/CVE-2024-100xx/CVE-2024-10012.json @@ -2,8 +2,8 @@ "id": "CVE-2024-10012", "sourceIdentifier": "security@progress.com", "published": "2024-11-13T16:15:17.143", - "lastModified": "2024-11-13T17:01:16.850", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-07T15:59:23.043", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 } ] }, @@ -51,10 +71,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:telerik:ui_for_wpf:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2024.4.1111", + "matchCriteriaId": "3F5FC2F1-C10C-488B-B6DD-C25AED0296C6" + } + ] + } + ] + } + ], "references": [ { "url": "https://docs.telerik.com/devtools/wpf/knowledge-base/kb-security-unsafe-deserialization-cve-2024-10012", - "source": "security@progress.com" + "source": "security@progress.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-100xx/CVE-2024-10013.json b/CVE-2024/CVE-2024-100xx/CVE-2024-10013.json index b00d288eb58..26fcde5c0f2 100644 --- a/CVE-2024/CVE-2024-100xx/CVE-2024-10013.json +++ b/CVE-2024/CVE-2024-100xx/CVE-2024-10013.json @@ -2,8 +2,8 @@ "id": "CVE-2024-10013", "sourceIdentifier": "security@progress.com", "published": "2024-11-13T16:15:17.387", - "lastModified": "2024-11-13T17:01:16.850", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-07T15:46:38.317", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 } ] }, @@ -51,10 +71,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:telerik:ui_for_winforms:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2024.4.1113", + "matchCriteriaId": "1031C04A-A4D6-4F30-B171-A3CF91E60F66" + } + ] + } + ] + } + ], "references": [ { "url": "https://docs.telerik.com/devtools/winforms/knowledge-base/unsafe-deserialization-cve-2024-10013", - "source": "security@progress.com" + "source": "security@progress.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-116xx/CVE-2024-11681.json b/CVE-2024/CVE-2024-116xx/CVE-2024-11681.json new file mode 100644 index 00000000000..bd122e2dbf6 --- /dev/null +++ b/CVE-2024/CVE-2024-116xx/CVE-2024-11681.json @@ -0,0 +1,110 @@ +{ + "id": "CVE-2024-11681", + "sourceIdentifier": "cve-coordination@google.com", + "published": "2025-01-07T15:15:09.207", + "lastModified": "2025-01-07T16:15:32.097", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A malicious or compromised MacPorts mirror can execute arbitrary commands as root\u00a0on the machine of a client running port selfupdate\u00a0against the mirror." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cve-coordination@google.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 6.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "PRESENT", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "HIGH", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N", + "baseScore": 6.8, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 4.0 + } + ] + }, + "weaknesses": [ + { + "source": "cve-coordination@google.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/google/security-research/security/advisories/GHSA-2j38-pjh8-wfxw", + "source": "cve-coordination@google.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-126xx/CVE-2024-12692.json b/CVE-2024/CVE-2024-126xx/CVE-2024-12692.json index d82bbd3920e..f7b3533b8f7 100644 --- a/CVE-2024/CVE-2024-126xx/CVE-2024-12692.json +++ b/CVE-2024/CVE-2024-126xx/CVE-2024-12692.json @@ -2,7 +2,7 @@ "id": "CVE-2024-12692", "sourceIdentifier": "chrome-cve-admin@google.com", "published": "2024-12-18T22:15:05.730", - "lastModified": "2024-12-18T22:15:05.730", + "lastModified": "2025-01-07T16:15:32.573", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,7 +15,30 @@ "value": "La confusi\u00f3n de tipos en la versi\u00f3n 8 de Google Chrome anterior a la 131.0.6778.204 permit\u00eda a un atacante remoto explotar potencialmente la corrupci\u00f3n del mont\u00f3n a trav\u00e9s de una p\u00e1gina HTML manipulada. (Gravedad de seguridad de Chromium: alta)" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, "weaknesses": [ { "source": "chrome-cve-admin@google.com", diff --git a/CVE-2024/CVE-2024-14xx/CVE-2024-1449.json b/CVE-2024/CVE-2024-14xx/CVE-2024-1449.json index 2114b6e3ce9..2d69c3da2b1 100644 --- a/CVE-2024/CVE-2024-14xx/CVE-2024-1449.json +++ b/CVE-2024/CVE-2024-14xx/CVE-2024-1449.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1449", "sourceIdentifier": "security@wordfence.com", "published": "2024-03-02T12:16:00.547", - "lastModified": "2024-11-21T08:50:36.490", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-07T16:38:28.197", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,25 +36,87 @@ }, "exploitabilityScore": 3.1, "impactScore": 2.7 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:averta:master_slider:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "3.9.10", + "matchCriteriaId": "D84C9E86-689D-4190-BF3F-9CF0A56D7645" + } + ] + } + ] + } + ], "references": [ { "url": "https://wordpress.org/plugins/master-slider/", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/af9adb6b-f726-4b74-be5c-82fdab0ae1f2?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://wordpress.org/plugins/master-slider/", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Product" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/af9adb6b-f726-4b74-be5c-82fdab0ae1f2?source=cve", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-250xx/CVE-2024-25037.json b/CVE-2024/CVE-2024-250xx/CVE-2024-25037.json new file mode 100644 index 00000000000..10a5bed24c0 --- /dev/null +++ b/CVE-2024/CVE-2024-250xx/CVE-2024-25037.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-25037", + "sourceIdentifier": "psirt@us.ibm.com", + "published": "2025-01-07T16:15:32.937", + "lastModified": "2025-01-07T16:15:32.937", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 could allow a remote attacker to obtain sensitive information when a stack trace is returned in the browser." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@us.ibm.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@us.ibm.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-209" + } + ] + } + ], + "references": [ + { + "url": "https://www.ibm.com/support/pages/node/7179163", + "source": "psirt@us.ibm.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-268xx/CVE-2024-26888.json b/CVE-2024/CVE-2024-268xx/CVE-2024-26888.json index 1116e5d7dd9..4edf6f09368 100644 --- a/CVE-2024/CVE-2024-268xx/CVE-2024-26888.json +++ b/CVE-2024/CVE-2024-268xx/CVE-2024-26888.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26888", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-04-17T11:15:10.337", - "lastModified": "2024-11-21T09:03:18.330", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-07T16:43:58.107", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,39 +15,138 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: Bluetooth: msft: Reparar p\u00e9rdida de memoria Reparar p\u00e9rdida de b\u00fafer asignado para enviar MSFT_OP_LE_MONITOR_ADVERTISEMENT." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-401" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.4.16", + "versionEndExcluding": "6.5", + "matchCriteriaId": "A5099559-2D15-42A5-A561-71B34FEFF36F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.5.3", + "versionEndExcluding": "6.6.23", + "matchCriteriaId": "43EB4ECD-2161-4C19-8280-3544598B5CD9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.7.11", + "matchCriteriaId": "9B95D3A6-E162-47D5-ABFC-F3FA74FA7CFD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.8", + "versionEndExcluding": "6.8.2", + "matchCriteriaId": "543A75FF-25B8-4046-A514-1EA8EDD87AB1" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/5987b9f7d9314c7411136005b3a52f61a8cc0911", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/5cb93417c93716a5404f762f331f5de3653fd952", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/98e9920c75e0790bff947a00d192d24bf1c724e0", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a6e06258f4c31eba0fcd503e19828b5f8fe7b08b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/5987b9f7d9314c7411136005b3a52f61a8cc0911", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/5cb93417c93716a5404f762f331f5de3653fd952", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/98e9920c75e0790bff947a00d192d24bf1c724e0", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a6e06258f4c31eba0fcd503e19828b5f8fe7b08b", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-269xx/CVE-2024-26928.json b/CVE-2024/CVE-2024-269xx/CVE-2024-26928.json index 894663103bb..02083e2d511 100644 --- a/CVE-2024/CVE-2024-269xx/CVE-2024-26928.json +++ b/CVE-2024/CVE-2024-269xx/CVE-2024-26928.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26928", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-04-28T12:15:21.140", - "lastModified": "2024-11-21T09:03:24.350", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-07T16:44:17.763", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,39 +15,140 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: smb: cliente: corrige UAF potencial en cifs_debug_files_proc_show() Omita las sesiones que se est\u00e1n eliminando (estado == SES_EXITING) para evitar UAF." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.1.85", + "matchCriteriaId": "B62CF0EC-6C39-4DAD-A6CC-C31C3277A460" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.26", + "matchCriteriaId": "C520696A-A594-4FFC-A32D-12DA535CE911" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.8.5", + "matchCriteriaId": "DBD6C99E-4250-4DFE-8447-FF2075939D10" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*", + "matchCriteriaId": "22BEDD49-2C6D-402D-9DBF-6646F6ECD10B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:*", + "matchCriteriaId": "DF73CB2A-DFFD-46FB-9BFE-AA394F27EA37" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/229042314602db62559ecacba127067c22ee7b88", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/3402faf78b2516b0af1259baff50cc8453ef0bd1", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a65f2b56334ba4dc30bd5ee9ce5b2691b973344d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ca545b7f0823f19db0f1148d59bc5e1a56634502", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/229042314602db62559ecacba127067c22ee7b88", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/3402faf78b2516b0af1259baff50cc8453ef0bd1", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a65f2b56334ba4dc30bd5ee9ce5b2691b973344d", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ca545b7f0823f19db0f1148d59bc5e1a56634502", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-281xx/CVE-2024-28197.json b/CVE-2024/CVE-2024-281xx/CVE-2024-28197.json index 962bc5de4da..e130a486094 100644 --- a/CVE-2024/CVE-2024-281xx/CVE-2024-28197.json +++ b/CVE-2024/CVE-2024-281xx/CVE-2024-28197.json @@ -2,8 +2,8 @@ "id": "CVE-2024-28197", "sourceIdentifier": "security-advisories@github.com", "published": "2024-03-11T20:15:07.420", - "lastModified": "2024-11-21T09:06:00.547", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-07T15:54:40.987", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 1.2, "impactScore": 5.8 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.8 } ] }, @@ -49,16 +69,72 @@ "value": "CWE-269" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-384" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zitadel:zitadel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.44.3", + "matchCriteriaId": "A896302F-4289-419A-882F-8E4207B611A2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zitadel:zitadel:2.45.0:-:*:*:*:*:*:*", + "matchCriteriaId": "CDF0C992-982C-4963-BFE4-1592B681D69E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zitadel:zitadel:2.45.0:rc1:*:*:*:*:*:*", + "matchCriteriaId": "BDA3827B-80DF-4A2A-A103-97FE37352090" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zitadel:zitadel:2.46.0:rc1:*:*:*:*:*:*", + "matchCriteriaId": "CCEA9592-45E4-4C4A-906F-62732495B2D6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zitadel:zitadel:2.46.0:rc2:*:*:*:*:*:*", + "matchCriteriaId": "D5C0396B-7FFB-4700-BBFF-AC7D2748B00A" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/zitadel/zitadel/security/advisories/GHSA-mq4x-r2w3-j7mr", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Mitigation", + "Vendor Advisory" + ] }, { "url": "https://github.com/zitadel/zitadel/security/advisories/GHSA-mq4x-r2w3-j7mr", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Mitigation", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-287xx/CVE-2024-28778.json b/CVE-2024/CVE-2024-287xx/CVE-2024-28778.json new file mode 100644 index 00000000000..0b3ae5f8166 --- /dev/null +++ b/CVE-2024/CVE-2024-287xx/CVE-2024-28778.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-28778", + "sourceIdentifier": "psirt@us.ibm.com", + "published": "2025-01-07T16:15:33.113", + "lastModified": "2025-01-07T16:15:33.113", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 is vulnerable to exposure of Artifactory API keys. This vulnerability allows users to publish code to private packages or repositories under the name of the organization." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@us.ibm.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@us.ibm.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-798" + } + ] + } + ], + "references": [ + { + "url": "https://www.ibm.com/support/pages/node/7179163", + "source": "psirt@us.ibm.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-314xx/CVE-2024-31456.json b/CVE-2024/CVE-2024-314xx/CVE-2024-31456.json index cdbfe5b8feb..dd98f7ad2aa 100644 --- a/CVE-2024/CVE-2024-314xx/CVE-2024-31456.json +++ b/CVE-2024/CVE-2024-314xx/CVE-2024-31456.json @@ -2,8 +2,8 @@ "id": "CVE-2024-31456", "sourceIdentifier": "security-advisories@github.com", "published": "2024-05-07T14:15:10.550", - "lastModified": "2024-11-21T09:13:33.447", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-07T16:49:45.263", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 3.1, "impactScore": 4.0 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 } ] }, @@ -49,24 +69,65 @@ "value": "CWE-89" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:glpi-project:glpi:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.3.0", + "versionEndExcluding": "10.0.15", + "matchCriteriaId": "E444DF33-1B8A-4D5F-82D8-4B16292BC806" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/glpi-project/glpi/commit/730c3db29a1edc32f9b9d1e2a940e90a0211ab26", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/glpi-project/glpi/security/advisories/GHSA-gcj4-2cp3-6h5j", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://github.com/glpi-project/glpi/commit/730c3db29a1edc32f9b9d1e2a940e90a0211ab26", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/glpi-project/glpi/security/advisories/GHSA-gcj4-2cp3-6h5j", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-354xx/CVE-2024-35498.json b/CVE-2024/CVE-2024-354xx/CVE-2024-35498.json index b7051071ad7..97b5be226b6 100644 --- a/CVE-2024/CVE-2024-354xx/CVE-2024-35498.json +++ b/CVE-2024/CVE-2024-354xx/CVE-2024-35498.json @@ -2,16 +2,55 @@ "id": "CVE-2024-35498", "sourceIdentifier": "cve@mitre.org", "published": "2025-01-06T19:15:12.707", - "lastModified": "2025-01-06T19:15:12.707", - "vulnStatus": "Received", + "lastModified": "2025-01-07T16:15:33.277", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A cross-site scripting (XSS) vulnerability in Grav v1.7.45 allows attackers to execute arbitrary web scripts or HTML via a crafted payload." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de cross site scripting (XSS) en Grav v1.7.45 permite a los atacantes ejecutar web scripts o HTML arbitrarios a trav\u00e9s de un payload especialmente manipulado." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/r4vanan/Stored-xss-Grav-v1.7.45", diff --git a/CVE-2024/CVE-2024-371xx/CVE-2024-37147.json b/CVE-2024/CVE-2024-371xx/CVE-2024-37147.json index d306fba3ac5..aafaec0f359 100644 --- a/CVE-2024/CVE-2024-371xx/CVE-2024-37147.json +++ b/CVE-2024/CVE-2024-371xx/CVE-2024-37147.json @@ -2,8 +2,8 @@ "id": "CVE-2024-37147", "sourceIdentifier": "security-advisories@github.com", "published": "2024-07-10T19:15:10.930", - "lastModified": "2024-11-21T09:23:17.880", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-07T16:55:46.580", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 1.4 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 } ] }, @@ -49,16 +69,51 @@ "value": "CWE-284" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:glpi-project:glpi:*:*:*:*:*:*:*:*", + "versionStartIncluding": "0.85", + "versionEndExcluding": "10.0.16", + "matchCriteriaId": "2910869A-4955-4EF7-9E9D-16E45682606A" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/glpi-project/glpi/security/advisories/GHSA-f2cg-fc85-ffmh", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://github.com/glpi-project/glpi/security/advisories/GHSA-f2cg-fc85-ffmh", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-371xx/CVE-2024-37148.json b/CVE-2024/CVE-2024-371xx/CVE-2024-37148.json index 6d33876e29c..834e97a607a 100644 --- a/CVE-2024/CVE-2024-371xx/CVE-2024-37148.json +++ b/CVE-2024/CVE-2024-371xx/CVE-2024-37148.json @@ -2,8 +2,8 @@ "id": "CVE-2024-37148", "sourceIdentifier": "security-advisories@github.com", "published": "2024-07-10T20:15:03.280", - "lastModified": "2024-11-21T09:23:18.003", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-07T16:58:37.837", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 5.2 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", + "baseScore": 8.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.2 } ] }, @@ -49,16 +69,51 @@ "value": "CWE-89" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:glpi-project:glpi:*:*:*:*:*:*:*:*", + "versionStartIncluding": "0.84", + "versionEndExcluding": "10.0.16", + "matchCriteriaId": "EAC2571E-EDAE-425F-B883-78BA82543BBF" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/glpi-project/glpi/security/advisories/GHSA-p626-hph9-p6fj", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://github.com/glpi-project/glpi/security/advisories/GHSA-p626-hph9-p6fj", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-379xx/CVE-2024-37980.json b/CVE-2024/CVE-2024-379xx/CVE-2024-37980.json index e79e862e92f..990d1c80a28 100644 --- a/CVE-2024/CVE-2024-379xx/CVE-2024-37980.json +++ b/CVE-2024/CVE-2024-379xx/CVE-2024-37980.json @@ -2,8 +2,8 @@ "id": "CVE-2024-37980", "sourceIdentifier": "secure@microsoft.com", "published": "2024-09-10T17:15:19.720", - "lastModified": "2024-09-10T17:43:14.410", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-07T15:26:25.013", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 } ] }, @@ -49,12 +69,93 @@ "value": "CWE-269" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:*:*:*:*:*:x64:*", + "versionStartIncluding": "13.0.6300.2", + "versionEndExcluding": "13.0.6445.1", + "matchCriteriaId": "8611D71C-D109-43DB-B24F-AD9D8DE1D754" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:*:*:*:*:*:x64:*", + "versionStartIncluding": "13.0.7000.253", + "versionEndExcluding": "13.0.7040.1", + "matchCriteriaId": "30B9A4F3-56C1-49B6-AC31-8E15C25409E8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:x64:*", + "versionStartIncluding": "14.0.1000.169", + "versionEndExcluding": "14.0.2060.1", + "matchCriteriaId": "092AF402-BDA3-46C2-ADB8-BEA92DF81BA5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:x64:*", + "versionStartIncluding": "14.0.3006.16", + "versionEndExcluding": "14.0.3475.1", + "matchCriteriaId": "6E6AD612-AB64-4454-970E-D868420C6CC6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*", + "versionStartIncluding": "15.0.2000.5", + "versionEndExcluding": "15.0.2120.1", + "matchCriteriaId": "64D0E7A9-846A-421E-A3E0-E2C0CDACD13C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*", + "versionStartIncluding": "15.0.4003.23", + "versionEndExcluding": "15.0.4390.2", + "matchCriteriaId": "AF8BBB82-ED5C-4943-A787-EA07536BCFBF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*", + "versionStartIncluding": "16.0.1000.6", + "versionEndExcluding": "16.0.1125.1", + "matchCriteriaId": "30D1D16A-0B3E-49B4-9DB4-77FC462BA503" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*", + "versionStartIncluding": "16.0.4003.1", + "versionEndExcluding": "16.0.4140.3", + "matchCriteriaId": "148D362E-101A-4121-9790-B537D02CB114" + } + ] + } + ] } ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-37980", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-386xx/CVE-2024-38625.json b/CVE-2024/CVE-2024-386xx/CVE-2024-38625.json index 2a90398aac7..273c07be5d9 100644 --- a/CVE-2024/CVE-2024-386xx/CVE-2024-38625.json +++ b/CVE-2024/CVE-2024-386xx/CVE-2024-38625.json @@ -2,8 +2,8 @@ "id": "CVE-2024-38625", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-06-21T11:15:11.430", - "lastModified": "2024-11-21T09:26:31.120", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-07T16:09:49.880", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,31 +15,110 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: fs/ntfs3: Verifique que el puntero 'folio' sea NULL. Puede ser NULL si se llama a bmap." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.15", + "versionEndExcluding": "6.6.33", + "matchCriteriaId": "92AC1231-0841-463A-9EA5-8770AEF0714B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.9.4", + "matchCriteriaId": "991B9791-966A-4D18-9E8D-A8AB128E5627" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/1cd6c96219c429ebcfa8e79a865277376c563803", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/6c8054d590668629bb2eb6fb4cbf22455d08ada8", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ff1068929459347f9e47f8d14c409dcf938c2641", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/1cd6c96219c429ebcfa8e79a865277376c563803", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/6c8054d590668629bb2eb6fb4cbf22455d08ada8", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ff1068929459347f9e47f8d14c409dcf938c2641", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-407xx/CVE-2024-40702.json b/CVE-2024/CVE-2024-407xx/CVE-2024-40702.json new file mode 100644 index 00000000000..fd1d1f4eaaf --- /dev/null +++ b/CVE-2024/CVE-2024-407xx/CVE-2024-40702.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-40702", + "sourceIdentifier": "psirt@us.ibm.com", + "published": "2025-01-07T16:15:33.463", + "lastModified": "2025-01-07T16:15:33.463", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 could allow an unauthorized user to obtain valid tokens to gain access to protected resources due to improper certificate validation." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@us.ibm.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", + "baseScore": 8.2, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 4.2 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@us.ibm.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-295" + } + ] + } + ], + "references": [ + { + "url": "https://www.ibm.com/support/pages/node/7179163", + "source": "psirt@us.ibm.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-409xx/CVE-2024-40962.json b/CVE-2024/CVE-2024-409xx/CVE-2024-40962.json index e31d47ccd37..9a8e53b522e 100644 --- a/CVE-2024/CVE-2024-409xx/CVE-2024-40962.json +++ b/CVE-2024/CVE-2024-409xx/CVE-2024-40962.json @@ -2,8 +2,8 @@ "id": "CVE-2024-40962", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-07-12T13:15:18.180", - "lastModified": "2024-11-21T09:31:57.560", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-07T16:10:10.253", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,31 +15,130 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: btrfs: zonificado: asigna sumas de verificaci\u00f3n ficticias para zonas zonificadas NODATASUM escribe Shin'ichiro inform\u00f3 que cuando ejecuta el caso de prueba btrfs/167 de fstests en dispositivos zonificados emulados, ve el siguiente puntero NULL desreferencia en 'btrfs_zone_finish_endio()': Vaya: error de protecci\u00f3n general, probablemente para la direcci\u00f3n no can\u00f3nica 0xdffffc0000000011: 0000 [#1] PREEMPT SMP KASAN NOPTI KASAN: null-ptr-deref en el rango [0x0000000000000088-0x00000000000000 8f] CPU: 4 PID: 2332440 Comm: kworker/u80:15 Contaminado: GW 6.10.0-rc2-kts+ #4 Nombre de hardware: Supermicro Super Server/X11SPi-TF, BIOS 3.3 21/02/2020 Cola de trabajo: btrfs-endio-write btrfs_work_helper [btrfs] RIP : 0010:btrfs_zone_finish_endio.part.0+0x34/0x160 [btrfs] RSP: 0018:ffff88867f107a90 EFLAGS: 00010206 RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 893e5534 RDX: 0000000000000011 RSI: 0000000000000004 RDI: 0000000000000088 RBP: 0000000000000002 R08: 0000000000000001 R09: 6028 R10: ffff88840b4b0143 R11: ffff88834dfff600 R12: ffff88840b4b0000 R13: 0000000000020000 R14: 00000000000000000 R15: ffff888530ad5210 FS: 0000000000000(0000) GS:ffff888e3f800000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f87223fff38 CR3 : 00000007a7c6a002 CR4: 00000000007706f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 00000000000000000 DR3: 0000000000000000 DR6: 000000fffe0ff0 DR7: 0000000000000400 PKRU: 55555554 Seguimiento de llamadas: ? __die_body.cold+0x19/0x27 ? die_addr+0x46/0x70? exc_general_protection+0x14f/0x250? asm_exc_general_protection+0x26/0x30? do_raw_read_unlock+0x44/0x70? btrfs_zone_finish_endio.part.0+0x34/0x160 [btrfs] btrfs_finish_one_ordered+0x5d9/0x19a0 [btrfs] ? __pfx_lock_release+0x10/0x10? do_raw_write_lock+0x90/0x260? __pfx_do_raw_write_lock+0x10/0x10? __pfx_btrfs_finish_one_ordered+0x10/0x10 [btrfs]? _raw_write_unlock+0x23/0x40? btrfs_finish_ordered_zoned+0x5a9/0x850 [btrfs]? lock_acquire+0x435/0x500 btrfs_work_helper+0x1b1/0xa70 [btrfs]? __programar+0x10a8/0x60b0? __pfx___might_resched+0x10/0x10 proceso_one_work+0x862/0x1410 ? __pfx_lock_acquire+0x10/0x10? __pfx_process_one_work+0x10/0x10? asignar_trabajo+0x16c/0x240 trabajador_hilo+0x5e6/0x1010? __pfx_worker_thread+0x10/0x10 kthread+0x2c3/0x3a0 ? trace_irq_enable.constprop.0+0xce/0x110? __pfx_kthread+0x10/0x10 ret_from_fork+0x31/0x70 ? __pfx_kthread+0x10/0x10 ret_from_fork_asm+0x1a/0x30 Al habilitar CONFIG_BTRFS_ASSERT se revel\u00f3 la siguiente aserci\u00f3n para activar: aserci\u00f3n fallida: !list_empty(&ordered->list), en fs/btrfs/zoned.c:1815 Esto indica que Falta la lista de sumas de verificaci\u00f3n en la extensi\u00f3n_ordenada. Como btrfs/167 est\u00e1 escribiendo NOCOW, esto es de esperarse. Un an\u00e1lisis m\u00e1s detallado con drgn confirm\u00f3 la suposici\u00f3n: >>> inode = prog.crashed_thread().stack_trace()[11]['ordered'].inode >>> btrfs_inode = drgn.container_of(inode, \"struct btrfs_inode\", \\ \" vfs_inode\") >>> print(btrfs_inode.flags) (u32)1 Como el modo de emulaci\u00f3n de zonas simula zonas convencionales en dispositivos normales, no podemos usar Zone-Append para escribir. Pero solo adjuntamos sumas de verificaci\u00f3n ficticias si realizamos una escritura de adici\u00f3n de zona. Entonces, para las escrituras de datos de zonas NOCOW en zonas convencionales, adjunte tambi\u00e9n una suma de verificaci\u00f3n ficticia." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.5", + "versionEndExcluding": "6.6.36", + "matchCriteriaId": "A9A441DF-0244-4D7F-B25A-F692568FFC15" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.9.7", + "matchCriteriaId": "0A047AF2-94AC-4A3A-B32D-6AB930D8EF1C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc1:*:*:*:*:*:*", + "matchCriteriaId": "2EBB4392-5FA6-4DA9-9772-8F9C750109FA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc2:*:*:*:*:*:*", + "matchCriteriaId": "331C2F14-12C7-45D5-893D-8C52EE38EA10" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc3:*:*:*:*:*:*", + "matchCriteriaId": "3173713D-909A-4DD3-9DD4-1E171EB057EE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc4:*:*:*:*:*:*", + "matchCriteriaId": "79F18AFA-40F7-43F0-BA30-7BDB65F918B9" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/082b3d4e788953a3ff42ecdb70c4210149076285", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/25cfe59f4470a051d1b80f51fa0ca3a5048e4a19", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/cebae292e0c32a228e8f2219c270a7237be24a6a", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/082b3d4e788953a3ff42ecdb70c4210149076285", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/25cfe59f4470a051d1b80f51fa0ca3a5048e4a19", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/cebae292e0c32a228e8f2219c270a7237be24a6a", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-434xx/CVE-2024-43474.json b/CVE-2024/CVE-2024-434xx/CVE-2024-43474.json index fa136143c59..aff4441654e 100644 --- a/CVE-2024/CVE-2024-434xx/CVE-2024-43474.json +++ b/CVE-2024/CVE-2024-434xx/CVE-2024-43474.json @@ -2,8 +2,8 @@ "id": "CVE-2024-43474", "sourceIdentifier": "secure@microsoft.com", "published": "2024-09-10T17:15:35.183", - "lastModified": "2024-09-10T17:43:14.410", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-07T15:19:09.057", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 4.7 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 } ] }, @@ -49,12 +69,58 @@ "value": "CWE-170" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:x64:*", + "versionStartIncluding": "14.0.1000.169", + "versionEndExcluding": "14.0.2060.1", + "matchCriteriaId": "092AF402-BDA3-46C2-ADB8-BEA92DF81BA5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:x64:*", + "versionStartIncluding": "14.0.3006.16", + "versionEndExcluding": "14.0.3475.1", + "matchCriteriaId": "6E6AD612-AB64-4454-970E-D868420C6CC6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*", + "versionStartIncluding": "15.0.2000.5", + "versionEndExcluding": "15.0.2120.1", + "matchCriteriaId": "64D0E7A9-846A-421E-A3E0-E2C0CDACD13C" + } + ] + } + ] } ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43474", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-436xx/CVE-2024-43613.json b/CVE-2024/CVE-2024-436xx/CVE-2024-43613.json index 851bb4188e7..6a9c405570d 100644 --- a/CVE-2024/CVE-2024-436xx/CVE-2024-43613.json +++ b/CVE-2024/CVE-2024-436xx/CVE-2024-43613.json @@ -2,8 +2,8 @@ "id": "CVE-2024-43613", "sourceIdentifier": "secure@microsoft.com", "published": "2024-11-12T19:15:11.560", - "lastModified": "2024-11-13T17:01:16.850", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-07T16:20:13.437", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -49,12 +49,72 @@ "value": "CWE-77" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:azure_database_for_postgresql_flexible_server:*:*:*:*:*:*:*:*", + "versionStartIncluding": "12.0", + "versionEndExcluding": "12.20", + "matchCriteriaId": "F25F5854-0980-4069-BCBE-4CEC993AA077" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:azure_database_for_postgresql_flexible_server:*:*:*:*:*:*:*:*", + "versionStartIncluding": "13.0", + "versionEndExcluding": "13.16", + "matchCriteriaId": "35F08558-BF70-494F-8395-671AA48E2211" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:azure_database_for_postgresql_flexible_server:*:*:*:*:*:*:*:*", + "versionStartIncluding": "14.0", + "versionEndExcluding": "14.13", + "matchCriteriaId": "ECF39F10-8251-4639-B588-2D8AEBD74F43" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:azure_database_for_postgresql_flexible_server:*:*:*:*:*:*:*:*", + "versionStartIncluding": "15.0", + "versionEndExcluding": "15.8", + "matchCriteriaId": "0579FD8F-3CE2-493C-B2AE-00F304CDE43A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:azure_database_for_postgresql_flexible_server:*:*:*:*:*:*:*:*", + "versionStartIncluding": "16.0", + "versionEndExcluding": "16.4", + "matchCriteriaId": "3367EB48-658F-4ACC-86AA-2E83A54240E3" + } + ] + } + ] } ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43613", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-44xx/CVE-2024-4470.json b/CVE-2024/CVE-2024-44xx/CVE-2024-4470.json index 5c8f5c1cf0a..e45f3632dec 100644 --- a/CVE-2024/CVE-2024-44xx/CVE-2024-4470.json +++ b/CVE-2024/CVE-2024-44xx/CVE-2024-4470.json @@ -2,8 +2,8 @@ "id": "CVE-2024-4470", "sourceIdentifier": "security@wordfence.com", "published": "2024-05-21T07:15:08.810", - "lastModified": "2024-11-21T09:42:53.360", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-07T16:37:44.157", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,33 +36,101 @@ }, "exploitabilityScore": 3.1, "impactScore": 2.7 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:averta:master_slider:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "3.9.10", + "matchCriteriaId": "D84C9E86-689D-4190-BF3F-9CF0A56D7645" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/master-slider/tags/3.9.9/includes/msp-shortcodes.php#L1078", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/3084860/#file2", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cd59bee7-5de5-406d-8c1b-654306d68ab8?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://plugins.trac.wordpress.org/browser/master-slider/tags/3.9.9/includes/msp-shortcodes.php#L1078", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Product" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/3084860/#file2", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Product" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cd59bee7-5de5-406d-8c1b-654306d68ab8?source=cve", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-462xx/CVE-2024-46209.json b/CVE-2024/CVE-2024-462xx/CVE-2024-46209.json index 065deefeff5..7f85e10bfa7 100644 --- a/CVE-2024/CVE-2024-462xx/CVE-2024-46209.json +++ b/CVE-2024/CVE-2024-462xx/CVE-2024-46209.json @@ -2,16 +2,55 @@ "id": "CVE-2024-46209", "sourceIdentifier": "cve@mitre.org", "published": "2025-01-06T19:15:12.810", - "lastModified": "2025-01-06T19:15:12.810", - "vulnStatus": "Received", + "lastModified": "2025-01-07T16:15:33.800", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A stored cross-site scripting (XSS) vulnerability in the component /media/test.html of REDAXO CMS v5.17.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the password parameter." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de cross site scripting (XSS) almacenado en el componente /media/test.html de REDAXO CMS v5.17.1 permite a los atacantes ejecutar web scripts o HTML arbitrarios mediante la inyecci\u00f3n de un payload manipulado en el par\u00e1metro de contrase\u00f1a." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/h4ckr4v3n/CVE-2024-46209/blob/main/REDAXO%20Stored%20XSS%20%2B%20RCE.pdf", diff --git a/CVE-2024/CVE-2024-462xx/CVE-2024-46242.json b/CVE-2024/CVE-2024-462xx/CVE-2024-46242.json new file mode 100644 index 00000000000..11f51d2757e --- /dev/null +++ b/CVE-2024/CVE-2024-462xx/CVE-2024-46242.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-46242", + "sourceIdentifier": "cve@mitre.org", + "published": "2025-01-07T16:15:33.950", + "lastModified": "2025-01-07T16:15:33.950", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An issue in the validate_email function in CTFd/utils/validators/__init__.py of CTFd 3.7.3 allows attackers to cause a Regular expression Denial of Service (ReDoS) via supplying a crafted string as e-mail address during registration." + } + ], + "metrics": {}, + "references": [ + { + "url": "http://ctfd.com", + "source": "cve@mitre.org" + }, + { + "url": "https://gist.github.com/salvatore-abello/4f01f3fa54672febc0a492a11a26592c", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-466xx/CVE-2024-46601.json b/CVE-2024/CVE-2024-466xx/CVE-2024-46601.json new file mode 100644 index 00000000000..f472fe626cb --- /dev/null +++ b/CVE-2024/CVE-2024-466xx/CVE-2024-46601.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2024-46601", + "sourceIdentifier": "cve@mitre.org", + "published": "2025-01-07T16:15:34.087", + "lastModified": "2025-01-07T16:15:34.087", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Elspec Engineering G5 Digital Fault Recorder Firmware v1.2.1.12 was discovered to contain a buffer overflow." + } + ], + "metrics": {}, + "references": [ + { + "url": "http://elspec.com", + "source": "cve@mitre.org" + }, + { + "url": "http://g5.com", + "source": "cve@mitre.org" + }, + { + "url": "https://www.elspec-ltd.com/support/security-advisories/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-466xx/CVE-2024-46602.json b/CVE-2024/CVE-2024-466xx/CVE-2024-46602.json new file mode 100644 index 00000000000..4aae1674e5a --- /dev/null +++ b/CVE-2024/CVE-2024-466xx/CVE-2024-46602.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-46602", + "sourceIdentifier": "cve@mitre.org", + "published": "2025-01-07T16:15:34.213", + "lastModified": "2025-01-07T16:15:34.213", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in Elspec G5 digital fault recorder version 1.2.1.12 and earlier. An XML External Entity (XXE) vulnerability may allow an attacker to cause a Denial of Service (DoS) via a crafted XML payload." + } + ], + "metrics": {}, + "references": [ + { + "url": "http://elspec.com", + "source": "cve@mitre.org" + }, + { + "url": "http://g5.com", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-466xx/CVE-2024-46603.json b/CVE-2024/CVE-2024-466xx/CVE-2024-46603.json new file mode 100644 index 00000000000..aeb9c8dd73d --- /dev/null +++ b/CVE-2024/CVE-2024-466xx/CVE-2024-46603.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2024-46603", + "sourceIdentifier": "cve@mitre.org", + "published": "2025-01-07T16:15:34.370", + "lastModified": "2025-01-07T16:15:34.370", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An XML External Entity (XXE) vulnerability in Elspec Engineering G5 Digital Fault Recorder Firmware v1.2.1.12 allows attackers to cause a Denial of Service (DoS) via a crafted XML payload." + } + ], + "metrics": {}, + "references": [ + { + "url": "http://elspec.com", + "source": "cve@mitre.org" + }, + { + "url": "http://g5.com", + "source": "cve@mitre.org" + }, + { + "url": "https://www.elspec-ltd.com/support/security-advisories/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-466xx/CVE-2024-46622.json b/CVE-2024/CVE-2024-466xx/CVE-2024-46622.json index b659f225343..0b184117168 100644 --- a/CVE-2024/CVE-2024-466xx/CVE-2024-46622.json +++ b/CVE-2024/CVE-2024-466xx/CVE-2024-46622.json @@ -2,16 +2,55 @@ "id": "CVE-2024-46622", "sourceIdentifier": "cve@mitre.org", "published": "2025-01-06T18:15:19.660", - "lastModified": "2025-01-06T18:15:19.660", - "vulnStatus": "Received", + "lastModified": "2025-01-07T16:15:34.500", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An Escalation of Privilege security vulnerability was found in SecureAge Security Suite software 7.0.x before 7.0.38, 7.1.x before 7.1.11, 8.0.x before 8.0.18, and 8.1.x before 8.1.18 that allows arbitrary file creation, modification and deletion." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad de seguridad de escalada de privilegios en SecureAge Security Suite software 7.0.x anterior a 7.0.38, 7.1.x anterior a 7.1.11, 8.0.x anterior a 8.0.18 y 8.1.x anterior a 8.1.18 que permite la creaci\u00f3n, modificaci\u00f3n y eliminaci\u00f3n arbitraria de archivos." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-281" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://www.secureage.com/", diff --git a/CVE-2024/CVE-2024-482xx/CVE-2024-48245.json b/CVE-2024/CVE-2024-482xx/CVE-2024-48245.json new file mode 100644 index 00000000000..4f15fcf2f74 --- /dev/null +++ b/CVE-2024/CVE-2024-482xx/CVE-2024-48245.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-48245", + "sourceIdentifier": "cve@mitre.org", + "published": "2025-01-07T16:15:34.730", + "lastModified": "2025-01-07T16:15:34.730", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Vehicle Management System 1.0 is vulnerable to SQL Injection. A guest user can exploit vulnerable POST parameters in various administrative actions, such as booking a vehicle or confirming a booking. The affected parameters include \"Booking ID\", \"Action Name\", and \"Payment Confirmation ID\", which are present in /newvehicle.php and /newdriver.php." + } + ], + "metrics": {}, + "references": [ + { + "url": "http://vehicle.com", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/ShadowByte1/CVE-2024-48245", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-484xx/CVE-2024-48456.json b/CVE-2024/CVE-2024-484xx/CVE-2024-48456.json index 29e21b5a5a7..0584e336568 100644 --- a/CVE-2024/CVE-2024-484xx/CVE-2024-48456.json +++ b/CVE-2024/CVE-2024-484xx/CVE-2024-48456.json @@ -2,16 +2,55 @@ "id": "CVE-2024-48456", "sourceIdentifier": "cve@mitre.org", "published": "2025-01-06T22:15:09.620", - "lastModified": "2025-01-06T22:15:09.620", + "lastModified": "2025-01-07T16:15:34.867", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in Netis Wifi6 Router NX10 2.0.1.3643 and 2.0.1.3582 and Netis Wifi 11AC Router NC65 3.0.0.3749 and Netis Wifi 11AC Router NC63 3.0.0.3327 and 3.0.0.3503 and Netis Wifi 11AC Router NC21 3.0.0.3800, 3.0.0.3500 and 3.0.0.3329 and Netis Wifi Router MW5360 1.0.1.3442 and 1.0.1.3031 allows a remote attacker to obtain sensitive information via the parameter password at the change admin password page at the router web interface." + }, + { + "lang": "es", + "value": "Un problema en Netis Wifi6 Router NX10 2.0.1.3643 y 2.0.1.3582 y Netis Wifi 11AC Router NC65 3.0.0.3749 y Netis Wifi 11AC Router NC63 3.0.0.3327 y 3.0.0.3503 y Netis Wifi 11AC Router NC21 3.0.0.3800, 3.0.0.3500 y 3.0.0.3329 y Netis Wifi Router MW5360 1.0.1.3442 y 1.0.1.3031 permite a un atacante remoto obtener informaci\u00f3n confidencial a trav\u00e9s del par\u00e1metro password en la p\u00e1gina de cambio de contrase\u00f1a de administrador en la interfaz web del enrutador." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/users/h00die-gr3y/projects/1/views/1", diff --git a/CVE-2024/CVE-2024-484xx/CVE-2024-48457.json b/CVE-2024/CVE-2024-484xx/CVE-2024-48457.json index ab7f9daefa0..621aa18daaf 100644 --- a/CVE-2024/CVE-2024-484xx/CVE-2024-48457.json +++ b/CVE-2024/CVE-2024-484xx/CVE-2024-48457.json @@ -2,16 +2,55 @@ "id": "CVE-2024-48457", "sourceIdentifier": "cve@mitre.org", "published": "2025-01-06T22:15:09.727", - "lastModified": "2025-01-06T22:15:09.727", + "lastModified": "2025-01-07T16:15:35.057", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in Netis Wifi6 Router NX10 2.0.1.3643 and 2.0.1.3582 and Netis Wifi 11AC Router NC65 3.0.0.3749 and Netis Wifi 11AC Router NC63 3.0.0.3327 and 3.0.0.3503 and Netis Wifi 11AC Router NC21 3.0.0.3800, 3.0.0.3500 and 3.0.0.3329 and Netis Wifi Router MW5360 1.0.1.3442 and 1.0.1.3031 allows a remote attacker to obtain sensitive information via the endpoint /cgi-bin/skk_set.cgi and binary /bin/scripts/start_wifi.sh" + }, + { + "lang": "es", + "value": "Un problema en Netis Wifi6 Router NX10 2.0.1.3643 y 2.0.1.3582 y Netis Wifi 11AC Router NC65 3.0.0.3749 y Netis Wifi 11AC Router NC63 3.0.0.3327 y 3.0.0.3503 y Netis Wifi 11AC Router NC21 3.0.0.3800, 3.0.0.3500 y 3.0.0.3329 y Netis Wifi Router MW5360 1.0.1.3442 y 1.0.1.3031 permite a un atacante remoto obtener informaci\u00f3n confidencial a trav\u00e9s del endpoint /cgi-bin/skk_set.cgi y el binario /bin/scripts/start_wifi.sh" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/users/h00die-gr3y/projects/1/views/1", diff --git a/CVE-2024/CVE-2024-489xx/CVE-2024-48987.json b/CVE-2024/CVE-2024-489xx/CVE-2024-48987.json index 04fe6fe295f..4cdd3e9a3ff 100644 --- a/CVE-2024/CVE-2024-489xx/CVE-2024-48987.json +++ b/CVE-2024/CVE-2024-489xx/CVE-2024-48987.json @@ -2,7 +2,7 @@ "id": "CVE-2024-48987", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-11T13:15:16.197", - "lastModified": "2024-10-15T12:58:51.050", + "lastModified": "2025-01-07T16:15:35.237", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -43,6 +43,10 @@ { "url": "https://github.com/snipe/snipe-it/releases/tag/v7.0.10", "source": "cve@mitre.org" + }, + { + "url": "https://www.synacktiv.com/advisories/snipe-it-unauthenticated-remote-command-execution-when-appkey-known", + "source": "cve@mitre.org" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-490xx/CVE-2024-49025.json b/CVE-2024/CVE-2024-490xx/CVE-2024-49025.json index 5a16ef5a0c6..9d5bcefb2bb 100644 --- a/CVE-2024/CVE-2024-490xx/CVE-2024-49025.json +++ b/CVE-2024/CVE-2024-490xx/CVE-2024-49025.json @@ -2,8 +2,8 @@ "id": "CVE-2024-49025", "sourceIdentifier": "secure@microsoft.com", "published": "2024-11-14T20:15:25.207", - "lastModified": "2024-11-15T13:58:08.913", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-07T15:42:37.300", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 2.5 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 } ] }, @@ -49,12 +69,43 @@ "value": "CWE-359" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*", + "versionEndExcluding": "131.0.2903.48", + "matchCriteriaId": "037D3C64-2DB8-4C53-BE41-B19F87780DC8" + } + ] + } + ] } ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49025", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-490xx/CVE-2024-49042.json b/CVE-2024/CVE-2024-490xx/CVE-2024-49042.json index 42f898f8833..c7c664c9d93 100644 --- a/CVE-2024/CVE-2024-490xx/CVE-2024-49042.json +++ b/CVE-2024/CVE-2024-490xx/CVE-2024-49042.json @@ -2,8 +2,8 @@ "id": "CVE-2024-49042", "sourceIdentifier": "secure@microsoft.com", "published": "2024-11-12T19:15:17.507", - "lastModified": "2024-11-13T17:01:16.850", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-07T16:18:47.907", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -49,12 +49,72 @@ "value": "CWE-77" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:azure_database_for_postgresql_flexible_server:*:*:*:*:*:*:*:*", + "versionStartIncluding": "12.0", + "versionEndExcluding": "12.20", + "matchCriteriaId": "F25F5854-0980-4069-BCBE-4CEC993AA077" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:azure_database_for_postgresql_flexible_server:*:*:*:*:*:*:*:*", + "versionStartIncluding": "13.0", + "versionEndExcluding": "13.16", + "matchCriteriaId": "35F08558-BF70-494F-8395-671AA48E2211" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:azure_database_for_postgresql_flexible_server:*:*:*:*:*:*:*:*", + "versionStartIncluding": "14.0", + "versionEndExcluding": "14.13", + "matchCriteriaId": "ECF39F10-8251-4639-B588-2D8AEBD74F43" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:azure_database_for_postgresql_flexible_server:*:*:*:*:*:*:*:*", + "versionStartIncluding": "15.0", + "versionEndExcluding": "15.8", + "matchCriteriaId": "0579FD8F-3CE2-493C-B2AE-00F304CDE43A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:azure_database_for_postgresql_flexible_server:*:*:*:*:*:*:*:*", + "versionStartIncluding": "16.0", + "versionEndExcluding": "16.4", + "matchCriteriaId": "3367EB48-658F-4ACC-86AA-2E83A54240E3" + } + ] + } + ] } ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49042", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-490xx/CVE-2024-49056.json b/CVE-2024/CVE-2024-490xx/CVE-2024-49056.json index 0982adb7c54..b581701e554 100644 --- a/CVE-2024/CVE-2024-490xx/CVE-2024-49056.json +++ b/CVE-2024/CVE-2024-490xx/CVE-2024-49056.json @@ -2,8 +2,8 @@ "id": "CVE-2024-49056", "sourceIdentifier": "secure@microsoft.com", "published": "2024-11-12T18:15:46.273", - "lastModified": "2024-11-13T17:01:58.603", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-07T16:33:01.547", + "vulnStatus": "Analyzed", "cveTags": [ { "sourceIdentifier": "secure@microsoft.com", @@ -43,6 +43,26 @@ }, "exploitabilityScore": 2.1, "impactScore": 5.2 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 } ] }, @@ -56,12 +76,42 @@ "value": "CWE-302" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:airlift_microsoft_com:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2E3D0CED-1CBE-43AA-9B62-DF77F3FCEA37" + } + ] + } + ] } ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49056", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-502xx/CVE-2024-50292.json b/CVE-2024/CVE-2024-502xx/CVE-2024-50292.json index e0b814c87b0..c093f72384a 100644 --- a/CVE-2024/CVE-2024-502xx/CVE-2024-50292.json +++ b/CVE-2024/CVE-2024-502xx/CVE-2024-50292.json @@ -2,8 +2,8 @@ "id": "CVE-2024-50292", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-11-19T02:16:31.363", - "lastModified": "2024-11-19T21:57:32.967", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-07T16:10:33.080", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,31 +15,161 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ASoC: stm32: spdifrx: corrige la liberaci\u00f3n del canal DMA en stm32_spdifrx_remove En caso de error al solicitar el canal DMA ctrl_chan, ctrl_chan no es nulo. Por lo tanto, la liberaci\u00f3n del canal DMA genera el siguiente problema: [4.879000] st,stm32-spdifrx 500d0000.audio-controller: error dma_request_slave_channel -19 [4.888975] No se puede manejar la desreferencia del puntero NULL del n\u00facleo en la direcci\u00f3n virtual 000000000000003d [...] [5.096577] Rastreo de llamadas: [5.099099] dma_release_channel+0x24/0x100 [5.103235] stm32_spdifrx_remove+0x24/0x60 [snd_soc_stm32_spdifrx] [5.109494] stm32_spdifrx_probe+0x320/0x4c4 [snd_soc_stm32_spdifrx] Para evitar este problema, libere el canal solo si el puntero es v\u00e1lido." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.7", + "versionEndExcluding": "5.10.230", + "matchCriteriaId": "04A73BBB-C9E5-4486-B220-A64782E11B3F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.172", + "matchCriteriaId": "88812664-4296-42AC-AE0F-ED71086C1BB1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.117", + "matchCriteriaId": "0DD7F755-2F6B-4707-8973-78496AD5AA8E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.61", + "matchCriteriaId": "630ED7EB-C97E-4435-B884-1E309E40D6F3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.11.8", + "matchCriteriaId": "0BD000F7-3DAD-4DD3-8906-98EA1EC67E95" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*", + "matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*", + "matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*", + "matchCriteriaId": "3C95E234-D335-4B6C-96BF-E2CEBD8654ED" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:*", + "matchCriteriaId": "E0F717D8-3014-4F84-8086-0124B2111379" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc5:*:*:*:*:*:*", + "matchCriteriaId": "24DBE6C7-2AAE-4818-AED2-E131F153D2FA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc6:*:*:*:*:*:*", + "matchCriteriaId": "24B88717-53F5-42AA-9B72-14C707639E3F" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/0d75f887aabd80cf37ea48d28f159afa7850ea28", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/22ae9321054cf7f36c537702af133659f51a0b88", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/23bdbd1ef3e063e03d3c50c15a591b005ebbae39", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/3a977b554f668382dfba31fd62e4cce4fe5643db", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/4f1d74f74752eab8af6b8b28797dc6490d57374c", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9bb4af400c386374ab1047df44c508512c08c31f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-502xx/CVE-2024-50293.json b/CVE-2024/CVE-2024-502xx/CVE-2024-50293.json index f7f375ccb54..dead54350ec 100644 --- a/CVE-2024/CVE-2024-502xx/CVE-2024-50293.json +++ b/CVE-2024/CVE-2024-502xx/CVE-2024-50293.json @@ -2,8 +2,8 @@ "id": "CVE-2024-50293", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-11-19T02:16:31.493", - "lastModified": "2024-11-19T21:57:32.967", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-07T16:11:07.423", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,15 +15,105 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net/smc: no deje un puntero sk colgando en __smc_create() Gracias a el commit 4bbd360a5084 (\"socket: Imprimir pf->create() cuando no borra sock->sk en caso de error.\"), syzbot encontr\u00f3 un problema con AF_SMC: smc_create debe borrar sock->sk en caso de error, familia: 43, tipo: 1, protocolo: 0 ADVERTENCIA: CPU: 0 PID: 5827 en net/socket.c:1565 __sock_create+0x96f/0xa30 net/socket.c:1563 M\u00f3dulos vinculados: CPU: 0 UID: 0 PID: 5827 Comm: syz-executor259 No contaminado 6.12.0-rc6-next-20241106-syzkaller #0 Nombre del hardware: Google Google Compute Engine/Google Compute Engine, BIOS Google 13/09/2024 RIP: 0010:__sock_create+0x96f/0xa30 net/socket.c:1563 C\u00f3digo: 03 00 74 08 4c 89 e7 e8 4f 3b 85 f8 49 8b 34 24 48 c7 c7 40 89 0c 8d 8b 54 24 04 8b 4c 24 0c 44 8b 44 24 08 e8 32 78 db f7 90 <0f> 0b 90 90 e9 d3 fd ff ff 89 e9 80 e1 07 fe c1 38 c1 0f 8c ee f7 RSP: 0018:ffffc90003e4fda0 EFLAGS: 00010246 RAX: 099c6f938c7f4700 RBX: 1ffffffff1a595fd RCX: ffff888034823c00 RDX: 0000000000000000 RSI: 000000000000000 RDI: 000000000000000 RBP: 00000000ffffffe9 R08: ffffffff81567052 R09: 1ffff920007c9f50 R10: dffffc0000000000 R11: fffff520007c9f51 R12: ffffffff8d2cafe8 R13: 1ffffffff1a595fe R14: ffffffff9a789c40 R15: ffff8880764298c0 FS: 000055557b518380(0000) GS:ffff8880b860 0000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007fa62ff43225 CR3: 0000000031628000 CR4: 000000000003526f0 DR0: 00000000000000000 DR1: 00000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Seguimiento de llamadas: sock_create net/socket.c:1616 [en l\u00ednea] __sys_socket_create net/socket.c:1653 [en l\u00ednea] __sys_socket+0x150/0x3c0 net/socket.c:1700 __do_sys_socket net/socket.c:1714 [en l\u00ednea] __se_sys_socket net/socket.c:1712 [en l\u00ednea] Para referencia, consulte el commit 2d859aff775d (\"Fusionar rama 'do-not-leave-dangling-sk-pointers-in-pf-create-functions'\")" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.11", + "versionEndExcluding": "6.11.8", + "matchCriteriaId": "728427FE-4653-45EF-AA11-DA6A6AF58B8F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*", + "matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*", + "matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*", + "matchCriteriaId": "3C95E234-D335-4B6C-96BF-E2CEBD8654ED" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:*", + "matchCriteriaId": "E0F717D8-3014-4F84-8086-0124B2111379" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc5:*:*:*:*:*:*", + "matchCriteriaId": "24DBE6C7-2AAE-4818-AED2-E131F153D2FA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc6:*:*:*:*:*:*", + "matchCriteriaId": "24B88717-53F5-42AA-9B72-14C707639E3F" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/d293958a8595ba566fb90b99da4d6263e14fee15", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d2cc492124e1f22daa1700f069bcc58788043381", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-511xx/CVE-2024-51112.json b/CVE-2024/CVE-2024-511xx/CVE-2024-51112.json index 76123aa780a..9b57d50a9c2 100644 --- a/CVE-2024/CVE-2024-511xx/CVE-2024-51112.json +++ b/CVE-2024/CVE-2024-511xx/CVE-2024-51112.json @@ -2,16 +2,55 @@ "id": "CVE-2024-51112", "sourceIdentifier": "cve@mitre.org", "published": "2025-01-06T16:15:28.943", - "lastModified": "2025-01-06T16:15:28.943", - "vulnStatus": "Received", + "lastModified": "2025-01-07T15:15:10.270", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Open Redirect vulnerability in Pnetlab 5.3.11 allows an attacker to manipulate URLs to redirect users to arbitrary external websites via a crafted script" + }, + { + "lang": "es", + "value": "La vulnerabilidad de redirecci\u00f3n abierta en Pnetlab 5.3.11 permite a un atacante manipular las URL para redirigir a los usuarios a sitios web externos arbitrarios a trav\u00e9s de un script manipulado espec\u00edficamente para ello." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] } ], - "metrics": {}, "references": [ { "url": "http://pnetlab.com", diff --git a/CVE-2024/CVE-2024-520xx/CVE-2024-52000.json b/CVE-2024/CVE-2024-520xx/CVE-2024-52000.json index 2f10f6f891f..c2845fecd31 100644 --- a/CVE-2024/CVE-2024-520xx/CVE-2024-52000.json +++ b/CVE-2024/CVE-2024-520xx/CVE-2024-52000.json @@ -2,8 +2,8 @@ "id": "CVE-2024-52000", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-08T23:15:03.817", - "lastModified": "2024-11-12T13:56:54.483", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-07T16:52:48.723", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -16,6 +16,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ], "cvssMetricV30": [ { "source": "security-advisories@github.com", @@ -49,12 +71,43 @@ "value": "CWE-79" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:combodo:itop:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.2.0", + "matchCriteriaId": "A59157AC-6016-4FB6-A3BD-08EAB161CF96" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/Combodo/iTop/security/advisories/GHSA-r58g-p5r9-8hfg", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-520xx/CVE-2024-52001.json b/CVE-2024/CVE-2024-520xx/CVE-2024-52001.json index 9e8e82c9639..29c8d4b598d 100644 --- a/CVE-2024/CVE-2024-520xx/CVE-2024-52001.json +++ b/CVE-2024/CVE-2024-520xx/CVE-2024-52001.json @@ -2,8 +2,8 @@ "id": "CVE-2024-52001", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-08T23:15:04.153", - "lastModified": "2024-11-12T13:56:54.483", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-07T16:48:41.057", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -16,6 +16,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ], "cvssMetricV30": [ { "source": "security-advisories@github.com", @@ -42,19 +64,50 @@ "weaknesses": [ { "source": "security-advisories@github.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", "value": "CWE-200" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:combodo:itop:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.2.0", + "matchCriteriaId": "A59157AC-6016-4FB6-A3BD-08EAB161CF96" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/Combodo/iTop/security/advisories/GHSA-9p26-v3wj-6q34", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-520xx/CVE-2024-52002.json b/CVE-2024/CVE-2024-520xx/CVE-2024-52002.json index 215b40093f2..f01ba69c899 100644 --- a/CVE-2024/CVE-2024-520xx/CVE-2024-52002.json +++ b/CVE-2024/CVE-2024-520xx/CVE-2024-52002.json @@ -2,8 +2,8 @@ "id": "CVE-2024-52002", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-08T23:15:04.410", - "lastModified": "2024-11-12T13:56:54.483", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-07T16:43:28.527", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -16,6 +16,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "security-advisories@github.com", @@ -51,10 +73,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:combodo:itop:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.2.0", + "matchCriteriaId": "A59157AC-6016-4FB6-A3BD-08EAB161CF96" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/Combodo/iTop/security/advisories/GHSA-xr4x-xq7v-7gqm", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-528xx/CVE-2024-52813.json b/CVE-2024/CVE-2024-528xx/CVE-2024-52813.json new file mode 100644 index 00000000000..bab11fe7bfb --- /dev/null +++ b/CVE-2024/CVE-2024-528xx/CVE-2024-52813.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-52813", + "sourceIdentifier": "security-advisories@github.com", + "published": "2025-01-07T16:15:35.610", + "lastModified": "2025-01-07T16:15:35.610", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "matrix-rust-sdk is an implementation of a Matrix client-server library in Rust. Versions of the matrix-sdk-crypto Rust crate before 0.8.0 lack a dedicated mechanism to notify that a user's cryptographic identity has changed from a verified to an unverified one, which could cause client applications relying on the SDK to overlook such changes. matrix-sdk-crypto 0.8.0 adds a new VerificationLevel::VerificationViolation enum variant which indicates that a previously verified identity has been changed." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-223" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/matrix-org/matrix-rust-sdk/pull/3795", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/matrix-org/matrix-rust-sdk/security/advisories/GHSA-r5vf-wf4h-82gg", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-530xx/CVE-2024-53096.json b/CVE-2024/CVE-2024-530xx/CVE-2024-53096.json index 6bbbcc3dd6a..e01de8f074e 100644 --- a/CVE-2024/CVE-2024-530xx/CVE-2024-53096.json +++ b/CVE-2024/CVE-2024-530xx/CVE-2024-53096.json @@ -2,8 +2,8 @@ "id": "CVE-2024-53096", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-11-25T22:15:15.287", - "lastModified": "2024-12-24T15:23:55.943", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-07T15:42:04.183", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -22,20 +22,20 @@ "type": "Primary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", - "baseScore": 6.1, - "baseSeverity": "MEDIUM", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", "availabilityImpact": "HIGH" }, "exploitabilityScore": 1.8, - "impactScore": 4.2 + "impactScore": 5.9 } ] }, @@ -61,37 +61,42 @@ { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", - "versionStartIncluding": "5.10.231", - "versionEndExcluding": "5.11", - "matchCriteriaId": "055DF185-747E-444A-AEC9-E23AA67777A2" + "versionStartIncluding": "5.10.150", + "versionEndExcluding": "5.10.231", + "matchCriteriaId": "5E49B9C7-7B50-4126-8CBA-66256295EB63" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", - "versionStartIncluding": "5.15.174", - "versionEndExcluding": "5.16", - "matchCriteriaId": "5EDFC1D5-0414-42C6-B6E2-1101700AA7DE" + "versionStartIncluding": "5.15.75", + "versionEndExcluding": "5.15.174", + "matchCriteriaId": "B8A791EF-FA57-4BA6-B758-F85DB2C9C332" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", - "versionStartIncluding": "6.1", + "versionStartIncluding": "6.0.3", + "versionEndExcluding": "6.1.119", + "matchCriteriaId": "5D6C7A20-9E1E-4463-9822-61E01EE9EE64" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.63", + "matchCriteriaId": "8800BB45-48BC-4B52-BDA5-B1E4633F42E5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", "versionEndExcluding": "6.12", - "matchCriteriaId": "24339331-7EFB-4BFD-A9FA-7F0B819B687F" + "matchCriteriaId": "D251AFC3-8DFD-4F80-861D-362FF9D2EA73" }, { "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", - "versionStartIncluding": "6.1.119", - "versionEndExcluding": "6.2", - "matchCriteriaId": "B76EFDD3-28A2-4DA2-B93A-00B7E269C313" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", - "versionStartIncluding": "6.6.63", - "versionEndExcluding": "6.7", - "matchCriteriaId": "2A5C3DA2-445F-4402-A7D0-93986901EBE0" + "criteria": "cpe:2.3:o:linux:linux_kernel:5.19.17:*:*:*:*:*:*:*", + "matchCriteriaId": "B02CA4B2-2E84-45BE-A5D3-122D9820527C" }, { "vulnerable": true, diff --git a/CVE-2024/CVE-2024-531xx/CVE-2024-53103.json b/CVE-2024/CVE-2024-531xx/CVE-2024-53103.json index 4f57511d465..f2ea4f9ce8e 100644 --- a/CVE-2024/CVE-2024-531xx/CVE-2024-53103.json +++ b/CVE-2024/CVE-2024-531xx/CVE-2024-53103.json @@ -2,8 +2,8 @@ "id": "CVE-2024-53103", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-12-02T08:15:08.537", - "lastModified": "2024-12-02T08:15:08.537", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-07T16:25:33.233", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,43 +15,205 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: hv_sock: inicializaci\u00f3n de vsk->trans en NULL para evitar un puntero colgante. Cuando se lanza hvs, existe la posibilidad de que vsk->trans no se inicialice en NULL, lo que podr\u00eda provocar un puntero colgante. Este problema se resuelve inicializando vsk->trans en NULL." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.19.324", + "matchCriteriaId": "0EBF3108-DBF4-4E6D-B699-384F2299858B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.4.286", + "matchCriteriaId": "9952C897-8A61-4D4B-9D6D-7D063E9EA15E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.230", + "matchCriteriaId": "BF5B32D0-72C9-41C3-A0BB-D4946153C134" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.172", + "matchCriteriaId": "88812664-4296-42AC-AE0F-ED71086C1BB1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.117", + "matchCriteriaId": "0DD7F755-2F6B-4707-8973-78496AD5AA8E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.61", + "matchCriteriaId": "630ED7EB-C97E-4435-B884-1E309E40D6F3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.11.8", + "matchCriteriaId": "0BD000F7-3DAD-4DD3-8906-98EA1EC67E95" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:-:*:*:*:*:*:*", + "matchCriteriaId": "0E698080-7669-4132-8817-4C674EEBCE54" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*", + "matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*", + "matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*", + "matchCriteriaId": "3C95E234-D335-4B6C-96BF-E2CEBD8654ED" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:*", + "matchCriteriaId": "E0F717D8-3014-4F84-8086-0124B2111379" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc5:*:*:*:*:*:*", + "matchCriteriaId": "24DBE6C7-2AAE-4818-AED2-E131F153D2FA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc6:*:*:*:*:*:*", + "matchCriteriaId": "24B88717-53F5-42AA-9B72-14C707639E3F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc7:*:*:*:*:*:*", + "matchCriteriaId": "1EF8CD82-1EAE-4254-9545-F85AB94CF90F" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/285266ef92f7b4bf7d26e1e95e215ce6a6badb4a", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/414476c4fb11be070c09ab8f3e75c9ee324a108a", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/4bdc5a62c6e50600d8a1c3e18fd6dce0c27c9497", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/4fe1d42f2acc463b733bb42e3f8e67dbc2a0eb2d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/7cf25987820350cb950856c71b409e5b6eed52bd", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8621725afb38e111969c64280b71480afde2aace", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/98d8dde9232250a57ad5ef16479bf6a349e09b80", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e0fe3392371293175f25028020ded5267f4cd8e3", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e629295bd60abf4da1db85b82819ca6a4f6c1e79", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-531xx/CVE-2024-53145.json b/CVE-2024/CVE-2024-531xx/CVE-2024-53145.json index 94136b61d4b..3a0290e7d67 100644 --- a/CVE-2024/CVE-2024-531xx/CVE-2024-53145.json +++ b/CVE-2024/CVE-2024-531xx/CVE-2024-53145.json @@ -2,8 +2,8 @@ "id": "CVE-2024-53145", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-12-24T12:15:22.507", - "lastModified": "2024-12-24T12:15:22.507", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-07T16:14:57.543", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,39 +15,159 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: um: corrige el posible desbordamiento de enteros durante la configuraci\u00f3n de physmem. Este problema ocurre cuando el tama\u00f1o real del mapa es mayor que LONG_MAX, lo que se puede activar f\u00e1cilmente en UML/i386." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-190" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.1", + "versionEndExcluding": "5.4.287", + "matchCriteriaId": "4B08AFEE-D4EF-47B3-BD35-5A861B359191" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.231", + "matchCriteriaId": "B5C644CC-2BD7-4E32-BC54-8DCC7ABE9935" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.174", + "matchCriteriaId": "419FD073-1517-4FD5-8158-F94BC68A1E89" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.120", + "matchCriteriaId": "09AC6122-E2A4-40FE-9D33-268A1B2EC265" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.64", + "matchCriteriaId": "CA16DEE3-ABEC-4449-9F4A-7A3DC4FC36C7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.11.11", + "matchCriteriaId": "21434379-192D-472F-9B54-D45E3650E893" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.12", + "versionEndExcluding": "6.12.2", + "matchCriteriaId": "D8882B1B-2ABC-4838-AC1D-DBDBB5764776" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/1575df968650d11771359e5ac78278c5b0cc19f3", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/1bd118c5f887802cef2d9ba0d1917258667f1cae", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/5c710f45811e7e2bfcf703980c306f19c7e1ecfe", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a875c023155ea92b75d6323977003e64d92ae7fc", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a98b7761f697e590ed5d610d87fa12be66f23419", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a9c95f787b88b29165563fd97761032db77116e7", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d1a211e5210d31da8f49fc0021bf7129b726468c", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e6102b72edc4eb8c0858df00ba74b5ce579c8fa2", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-531xx/CVE-2024-53149.json b/CVE-2024/CVE-2024-531xx/CVE-2024-53149.json index 7e7cad75449..35da8bd78c8 100644 --- a/CVE-2024/CVE-2024-531xx/CVE-2024-53149.json +++ b/CVE-2024/CVE-2024-531xx/CVE-2024-53149.json @@ -2,8 +2,8 @@ "id": "CVE-2024-53149", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-12-24T12:15:23.007", - "lastModified": "2024-12-24T12:15:23.007", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-07T16:36:45.343", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,19 +15,89 @@ "value": "En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: usb: typec: ucsi: glink: fix off-by-one in Connector_status Los \u00edndices del conector UCSI comienzan desde 1 hasta 3, PMIC_GLINK_MAX_PORTS. Corrija la condici\u00f3n en la devoluci\u00f3n de llamada pmic_glink_ucsi_connector_status(), arreglando el informe de orientaci\u00f3n tipo C para el tercer conector USB-C." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 4.6, + "baseSeverity": "MEDIUM", + "attackVector": "PHYSICAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 0.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-193" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.10", + "versionEndExcluding": "6.11.11", + "matchCriteriaId": "158A6B22-9260-41D7-965A-A81798A5A969" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.12", + "versionEndExcluding": "6.12.2", + "matchCriteriaId": "D8882B1B-2ABC-4838-AC1D-DBDBB5764776" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/4a22918810980897393fa1776ea3877e4baf8cca", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/6ba6f7f29e0dff47a2799e60dcd1b5c29cd811a5", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9a5a8b5bd72169aa7a8ec800ef57be2f2cb4d9b2", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-531xx/CVE-2024-53150.json b/CVE-2024/CVE-2024-531xx/CVE-2024-53150.json index 88bd134f256..008011d6015 100644 --- a/CVE-2024/CVE-2024-531xx/CVE-2024-53150.json +++ b/CVE-2024/CVE-2024-531xx/CVE-2024-53150.json @@ -2,8 +2,8 @@ "id": "CVE-2024-53150", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-12-24T12:15:23.117", - "lastModified": "2024-12-24T12:15:23.117", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-07T16:38:32.010", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,39 +15,158 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: ALSA: usb-audio: corrige lecturas fuera de los l\u00edmites al encontrar fuentes de reloj. El c\u00f3digo actual del controlador de audio USB no verifica la bLongitud de cada descriptor al atravesar los descriptores de reloj. Es decir, cuando un dispositivo proporciona un descriptor falso con una longitud b m\u00e1s corta, el controlador podr\u00eda alcanzar lecturas fuera de los l\u00edmites. Para solucionarlo, este parche agrega controles de cordura a las funciones de validaci\u00f3n para el recorrido del descriptor de reloj. Cuando la longitud del descriptor es m\u00e1s corta de lo esperado, se omite en el bucle. Para los descriptores de fuente de reloj y multiplicador de reloj, podemos comparar bLength con el sizeof() de cada tipo de descriptor. OTOH, el descriptor del selector de reloj de UAC2 y UAC3 tiene una matriz de elementos bNrInPins y dos campos m\u00e1s en su cola, por lo que deben verificarse adem\u00e1s de la verificaci\u00f3n sizeof()." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.4.287", + "matchCriteriaId": "DC7D5C80-B677-4131-A399-3366D7F3961C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.231", + "matchCriteriaId": "B5C644CC-2BD7-4E32-BC54-8DCC7ABE9935" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.174", + "matchCriteriaId": "419FD073-1517-4FD5-8158-F94BC68A1E89" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.120", + "matchCriteriaId": "09AC6122-E2A4-40FE-9D33-268A1B2EC265" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.64", + "matchCriteriaId": "CA16DEE3-ABEC-4449-9F4A-7A3DC4FC36C7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.11.11", + "matchCriteriaId": "21434379-192D-472F-9B54-D45E3650E893" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.12", + "versionEndExcluding": "6.12.2", + "matchCriteriaId": "D8882B1B-2ABC-4838-AC1D-DBDBB5764776" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/096bb5b43edf755bc4477e64004fa3a20539ec2f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/45a92cbc88e4013bfed7fd2ccab3ade45f8e896b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/74cb86e1006c5437b1d90084d22018da30fddc77", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a3dd4d63eeb452cfb064a13862fb376ab108f6a6", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a632bdcb359fd8145e86486ff8612da98e239acd", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ab011f7439d9bbfd34fd3b9cef4b2d6d952c9bb9", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/da13ade87a12dd58829278bc816a61bea06a56a9", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ea0fa76f61cf8e932d1d26e6193513230816e11d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-531xx/CVE-2024-53151.json b/CVE-2024/CVE-2024-531xx/CVE-2024-53151.json index df0430125ea..2ad7d3af5bc 100644 --- a/CVE-2024/CVE-2024-531xx/CVE-2024-53151.json +++ b/CVE-2024/CVE-2024-531xx/CVE-2024-53151.json @@ -2,8 +2,8 @@ "id": "CVE-2024-53151", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-12-24T12:15:23.240", - "lastModified": "2024-12-24T12:15:23.240", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-07T16:41:42.637", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,31 +15,131 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: svcrdma: soluciona un desbordamiento de enteros Dan Carpenter informa: > Commit 78147ca8b4a9 (\"svcrdma: agrega una estructura de datos de lista de fragmentos analizados\") del 22 de junio de 2020 (linux-next ), conduce a la siguiente > Advertencia del comprobador est\u00e1tico Smatch: > > net/sunrpc/xprtrdma/svc_rdma_recvfrom.c:498 xdr_check_write_chunk() > advertencia: tama\u00f1o de desbordamiento potencial controlado por el usuario 'segcount * 4 * 4' > > net/sunrpc/xprtrdma/svc_rdma_recvfrom.c > 488 static bool xdr_check_write_chunk(struct svc_rdma_recv_ctxt *rctxt) > 489 { > 490 u32 segcount; > 491 __be32 *p; > 492 > 493 if (xdr_stream_decode_u32(&rctxt->rc_stream, &segcount)) > ^^^^^^^^ > > 494 devuelve falso; > 495 > 496 /* Un recuento de segmentos falso provoca que esta comprobaci\u00f3n de desbordamiento del b\u00fafer falle. */> 497 p = xdr_inline_decode(&rctxt->rc_stream, > --> 498 segcount * rpcrdma_segment_maxsz * sizeof(*p)); > > > segcount es un u32 que no es de confianza. En sistemas de 32 bits, cualquier cosa >= TAMA\u00d1O_MAX / 16 tendr\u00e1 > un desbordamiento de enteros y algunos de esos valores ser\u00e1n aceptados por > xdr_inline_decode()." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-190" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.174", + "matchCriteriaId": "419FD073-1517-4FD5-8158-F94BC68A1E89" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.120", + "matchCriteriaId": "09AC6122-E2A4-40FE-9D33-268A1B2EC265" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.64", + "matchCriteriaId": "CA16DEE3-ABEC-4449-9F4A-7A3DC4FC36C7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.11.11", + "matchCriteriaId": "21434379-192D-472F-9B54-D45E3650E893" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.12", + "versionEndExcluding": "6.12.2", + "matchCriteriaId": "D8882B1B-2ABC-4838-AC1D-DBDBB5764776" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/21e1cf688fb0397788c8dd42e1e0b08d58ac5c7b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/3c63d8946e578663b868cb9912dac616ea68bfd0", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/4cbc3ba6dc2f746497cade60bcbaa82ae3696689", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/838dd342962cef4c320632a5af48d3c31f2f9877", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c1f8195bf68edd2cef0f18a4cead394075a54b5a", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e5c440c227ecdc721f2da0dd88b6358afd1031a7", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-531xx/CVE-2024-53154.json b/CVE-2024/CVE-2024-531xx/CVE-2024-53154.json index e71f47ecd27..618a481ed60 100644 --- a/CVE-2024/CVE-2024-531xx/CVE-2024-53154.json +++ b/CVE-2024/CVE-2024-531xx/CVE-2024-53154.json @@ -2,8 +2,8 @@ "id": "CVE-2024-53154", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-12-24T12:15:23.580", - "lastModified": "2024-12-24T12:15:23.580", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-07T15:58:21.587", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,27 +15,117 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: clk: clk-apple-nco: Agregar verificaci\u00f3n NULL en applnco_probe Agregar verificaci\u00f3n NULL en applnco_probe, para gestionar el error de desreferencia del puntero NULL del kernel." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.18", + "versionEndExcluding": "6.1.120", + "matchCriteriaId": "4EB97A09-F7D3-4B32-8BA0-E85161566B20" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.64", + "matchCriteriaId": "CA16DEE3-ABEC-4449-9F4A-7A3DC4FC36C7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.11.11", + "matchCriteriaId": "21434379-192D-472F-9B54-D45E3650E893" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.12", + "versionEndExcluding": "6.12.2", + "matchCriteriaId": "D8882B1B-2ABC-4838-AC1D-DBDBB5764776" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/066c14619e8379c1bafbbf8196fd38eac303472b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/534e02f83889ccef5fe6beb46e773ab9d4ae1655", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/72ea9a7e9e260aa39f9d1c9254cf92adfb05c4f5", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/969c765e2b508cca9099d246c010a1e48dcfd089", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9a5905b725739af6a105f9e564e7c80d69969d2b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-531xx/CVE-2024-53155.json b/CVE-2024/CVE-2024-531xx/CVE-2024-53155.json index 5c108ab529e..0856ee0ebbb 100644 --- a/CVE-2024/CVE-2024-531xx/CVE-2024-53155.json +++ b/CVE-2024/CVE-2024-531xx/CVE-2024-53155.json @@ -2,8 +2,8 @@ "id": "CVE-2024-53155", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-12-24T12:15:23.700", - "lastModified": "2024-12-24T12:15:23.700", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-07T16:00:13.753", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,43 +15,173 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ocfs2: corrige el valor no inicializado en ocfs2_file_read_iter() Syzbot ha informado el siguiente s\u00edmbolo KMSAN: ERROR: KMSAN: valor uninicial en ocfs2_file_read_iter+0x9a4/0xf80 ocfs2_file_read_iter+0x9a4/0xf80 __io_read+0x8d4/0x20f0 io_read+0x3e/0xf0 io_issue_sqe+0x42b/0x22c0 io_wq_submit_work+0xaf9/0xdc0 io_worker_handle_work+0xd13/0x2110 io_wq_worker+0x447/0x1410 ret_from_fork+0x6f/0x90 ret_from_fork_asm+0x1a/0x30 Uninit se cre\u00f3 en: __alloc_pages_noprof+0x9a7/0xe00 alloc_pages_mpol_noprof+0x299/0x990 alloc_pages_noprof+0x1bf/0x1e0 allocate_slab+0x33a/0x1250 ___slab_alloc+0x12ef/0x35e0 kmem_cache_alloc_bulk_noprof+0x486/0x1330 __io_alloc_req_refill+0x84/0x560 io_submit_sqes+0x172f/0x2f30 __se_sys_io_uring_enter+0x406/0x41c0 __x64_sys_io_uring_enter+0x11f/0x1a0 x64_sys_call+0x2b54/0x3ba0 do_syscall_64+0xcd/0x1e0 Entry_SYSCALL_64_after_hwframe+0x77/0x7f Dado que una instancia de 'struct kiocb' puede pasarse desde la capa de bloque con el campo 'privado' no inicializado, introduzca 'ocfs2_iocb_init_rw_locked()' y util\u00edcelo desde donde podr\u00eda tomar 'ocfs2_dio_end_io()' cuidado, es decir en 'ocfs2_file_read_iter()' y 'ocfs2_file_write_iter()'." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-908" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "2.6.22", + "versionEndExcluding": "4.19.325", + "matchCriteriaId": "7E224302-1ABD-4043-A983-C2B7F13E4454" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.4.287", + "matchCriteriaId": "E4B15788-D35E-4E5B-A9C0-070AE3729B34" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.231", + "matchCriteriaId": "B5C644CC-2BD7-4E32-BC54-8DCC7ABE9935" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.174", + "matchCriteriaId": "419FD073-1517-4FD5-8158-F94BC68A1E89" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.120", + "matchCriteriaId": "09AC6122-E2A4-40FE-9D33-268A1B2EC265" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.64", + "matchCriteriaId": "CA16DEE3-ABEC-4449-9F4A-7A3DC4FC36C7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.11.11", + "matchCriteriaId": "21434379-192D-472F-9B54-D45E3650E893" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.12", + "versionEndExcluding": "6.12.2", + "matchCriteriaId": "D8882B1B-2ABC-4838-AC1D-DBDBB5764776" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/366c933c2ab34dd6551acc03b4872726b7605143", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/66b7ddd1804e2c4216dd7ead8eeb746cdbb3b62f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/6c8f8d1e595dabd5389817f6d798cc8bd95c40ab", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/83f8713a0ef1d55d6a287bcfadcaab8245ac5098", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8c966150d5abff58c3c2bdb9a6e63fd773782905", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8e0de82ed18ba0e71f817adbd81317fd1032ca5a", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/adc77b19f62d7e80f98400b2fca9d700d2afdd6f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/dc78efe556fed162d48736ef24066f42e463e27c", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f4078ef38d3163e6be47403a619558b19c4bfccd", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-531xx/CVE-2024-53156.json b/CVE-2024/CVE-2024-531xx/CVE-2024-53156.json index baa3c274e59..7d36cfdc60b 100644 --- a/CVE-2024/CVE-2024-531xx/CVE-2024-53156.json +++ b/CVE-2024/CVE-2024-531xx/CVE-2024-53156.json @@ -2,8 +2,8 @@ "id": "CVE-2024-53156", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-12-24T12:15:23.833", - "lastModified": "2024-12-24T12:15:23.833", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-07T16:02:00.303", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,43 +15,173 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: wifi: ath9k: agregue verificaci\u00f3n de rango para conn_rsp_epid en htc_connect_service() Encontr\u00e9 el siguiente error en mi fuzzer: UBSAN: array-index-out-of-bounds in drivers/net/ wireless/ath/ath9k/htc_hst.c:26:51 el \u00edndice 255 est\u00e1 fuera del rango para el tipo 'htc_endpoint [22]' CPU: 0 UID: 0 PID: 8 Comm: kworker/0:0 Not tainted 6.11.0-rc6-dirty #14 Nombre del hardware: PC est\u00e1ndar QEMU (i440FX + PIIX, 1996), BIOS 1.15.0- 1 01/04/2014 Cola de trabajo: eventos request_firmware_work_func Seguimiento de llamadas: dump_stack_lvl+0x180/0x1b0 __ubsan_handle_out_of_bounds+0xd4/0x130 htc_issue_send.constprop.0+0x20c/0x230 ? _raw_spin_unlock_irqrestore+0x3c/0x70 ath9k_wmi_cmd+0x41d/0x610 ? mark_held_locks+0x9f/0xe0... Dado que se ha confirmado que este error es causado por una verificaci\u00f3n insuficiente de conn_rsp_epid, creo que ser\u00eda apropiado agregar una verificaci\u00f3n de rango para conn_rsp_epid a htc_connect_service() para evitar que ocurra el error." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-129" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "2.6.35", + "versionEndExcluding": "4.19.325", + "matchCriteriaId": "F75B4423-D5AE-4F06-9130-EB774DC1DF91" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.4.287", + "matchCriteriaId": "E4B15788-D35E-4E5B-A9C0-070AE3729B34" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.231", + "matchCriteriaId": "B5C644CC-2BD7-4E32-BC54-8DCC7ABE9935" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.174", + "matchCriteriaId": "419FD073-1517-4FD5-8158-F94BC68A1E89" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.120", + "matchCriteriaId": "09AC6122-E2A4-40FE-9D33-268A1B2EC265" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.64", + "matchCriteriaId": "CA16DEE3-ABEC-4449-9F4A-7A3DC4FC36C7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.11.11", + "matchCriteriaId": "21434379-192D-472F-9B54-D45E3650E893" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.12", + "versionEndExcluding": "6.12.2", + "matchCriteriaId": "D8882B1B-2ABC-4838-AC1D-DBDBB5764776" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/3fe99b9690b99606d3743c9961ebee865cfa1ab8", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/5f177fb9d01355ac183e65ad8909ea8ef734e0cf", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/70eae50d2156cb6e078d0d78809b49bf2f4c7540", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8619593634cbdf5abf43f5714df49b04e4ef09ab", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8965db7fe2e913ee0802b05fc94c6d6aa74e0596", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b6551479daf2bfa80bfd5d9016b02a810e508bfb", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/bc981179ab5d1a2715f35e3db4e4bb822bacc849", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c941af142200d975dd3be632aeb490f4cb91dae4", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/cb480ae80fd4d0f1ac9e107ce799183beee5124b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-531xx/CVE-2024-53157.json b/CVE-2024/CVE-2024-531xx/CVE-2024-53157.json index d5e42197616..403a238c30b 100644 --- a/CVE-2024/CVE-2024-531xx/CVE-2024-53157.json +++ b/CVE-2024/CVE-2024-531xx/CVE-2024-53157.json @@ -2,8 +2,8 @@ "id": "CVE-2024-53157", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-12-24T12:15:23.970", - "lastModified": "2024-12-24T12:15:23.970", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-07T16:02:21.087", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,43 +15,173 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: firmware: arm_scpi: Verificar el recuento de OPP de DVFS devuelto por el firmware Corrige un fallo del kernel con el siguiente seguimiento de llamadas cuando el firmware SCPI devuelve un recuento de OPP de cero. dvfs_info.opp_count puede ser cero en algunas plataformas durante la prueba de reinicio, y el kernel se bloquear\u00e1 despu\u00e9s de desreferenciar el puntero a kcalloc(info->count, sizeof(*opp), GFP_KERNEL). | No se puede gestionar la desreferencia del puntero NULL del kernel en la direcci\u00f3n virtual 0000000000000028 | Informaci\u00f3n de aborto de memoria: | ESR = 0x96000004 | Clase de excepci\u00f3n = DABT (EL actual), IL = 32 bits | SET = 0, FnV = 0 | EA = 0, S1PTW = 0 | Informaci\u00f3n de aborto de datos: | ISV = 0, ISS = 0x00000004 | CM = 0, WnR = 0 | usuario pgtable: 4k p\u00e1ginas, VAs de 48 bits, pgdp = 00000000faefa08c | [0000000000000028] pgd=0000000000000000 | Error interno: Oops: 96000004 [#1] SMP | scpi-hwmon: la sonda de PHYT000D:00 fall\u00f3 con el error -110 | Proceso systemd-udevd (pid: 1701, l\u00edmite de pila = 0x00000000aaede86c) | CPU: 2 PID: 1701 Comm: systemd-udevd No contaminado 4.19.90+ #1 | Nombre del hardware: PHYTIUM LTD Phytium FT2000/4/Phytium FT2000/4, BIOS | pstate: 60000005 (nZCv daif -PAN -UAO) | pc : scpi_dvfs_recalc_rate+0x40/0x58 [clk_scpi] | lr : clk_register+0x438/0x720 | Rastreo de llamadas: | scpi_dvfs_recalc_rate+0x40/0x58 [clk_scpi] | devm_clk_hw_register+0x50/0xa0 | scpi_clk_ops_init.isra.2+0xa0/0x138 [clk_scpi] | scpi_clocks_probe+0x528/0x70c [clk_scpi] | plataforma_drv_probe+0x58/0xa8 | realmente_probe+0x260/0x3d0 | dispositivo_sonda_controlador+0x12c/0x148 | adjuntar_controlador_dispositivo+0x74/0x98 | __adjuntar_controlador+0xb4/0xe8 | bus_para_cada_dispositivo+0x88/0xe0 | adjuntar_controlador+0x30/0x40 | agregar_controlador_bus+0x178/0x2b0 | registro_controlador+0x64/0x118 | __registro_controlador_plataforma+0x54/0x60 | scpi_clocks_driver_init+0x24/0x1000 [clk_scpi] | hacer_una_llamada_inicio+0x54/0x220 | do_init_module+0x54/0x1c8 | load_module+0x14a4/0x1668 | __se_sys_finit_module+0xf8/0x110 | __arm64_sys_finit_module+0x24/0x30 | el0_svc_common+0x78/0x170 | el0_svc_handler+0x38/0x78 | el0_svc+0x8/0x340 | C\u00f3digo: 937d7c00 a94153f3 a8c27bfd f9400421 (b8606820) | ---[ fin del seguimiento 06feb22469d89fa8 ]--- | P\u00e1nico del kernel: no se sincroniza: Excepci\u00f3n fatal | SMP: deteniendo las CPU secundarias | Desplazamiento del kernel: deshabilitado | Caracter\u00edsticas de la CPU: 0x10,a0002008 | L\u00edmite de memoria: ninguno" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.4", + "versionEndExcluding": "4.19.325", + "matchCriteriaId": "460C0DA0-B91D-44E5-B1F9-455944C5AD6B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.4.287", + "matchCriteriaId": "E4B15788-D35E-4E5B-A9C0-070AE3729B34" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.231", + "matchCriteriaId": "B5C644CC-2BD7-4E32-BC54-8DCC7ABE9935" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.174", + "matchCriteriaId": "419FD073-1517-4FD5-8158-F94BC68A1E89" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.120", + "matchCriteriaId": "09AC6122-E2A4-40FE-9D33-268A1B2EC265" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.64", + "matchCriteriaId": "CA16DEE3-ABEC-4449-9F4A-7A3DC4FC36C7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.11.11", + "matchCriteriaId": "21434379-192D-472F-9B54-D45E3650E893" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.12", + "versionEndExcluding": "6.12.2", + "matchCriteriaId": "D8882B1B-2ABC-4838-AC1D-DBDBB5764776" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/025067eeb945aa17c7dd483a63960125b7efb577", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/06258e57fee253f4046d3a6a86d7fde09f596eac", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/109aa654f85c5141e813b2cd1bd36d90be678407", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/12e2c520a0a4202575e4a45ea41f06a8e9aa3417", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/2a5b8de6fcb944f9af0c5fcb30bb0c039705e051", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/380c0e1d96f3b522f3170c18ee5e0f1a28fec5d6", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8be4e51f3ecfb0915e3510b600c4cce0dc68a383", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9beaff47bcea5eec7d4ead98f5043057161fd71a", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/dfc9c2aa7f04f7db7e7225a5e118a24bf1c3b325", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-532xx/CVE-2024-53235.json b/CVE-2024/CVE-2024-532xx/CVE-2024-53235.json index 5742b17dfc1..7e84439c70c 100644 --- a/CVE-2024/CVE-2024-532xx/CVE-2024-53235.json +++ b/CVE-2024/CVE-2024-532xx/CVE-2024-53235.json @@ -2,8 +2,8 @@ "id": "CVE-2024-53235", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-12-27T14:15:31.900", - "lastModified": "2024-12-27T14:15:31.900", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-07T16:02:48.350", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,15 +15,75 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: erofs: se corrigen los montajes respaldados por archivos sobre FUSE syzbot inform\u00f3 de un null-ptr-deref en fuse_read_args_fill: fuse_read_folio+0xb0/0x100 fs/fuse/file.c:905 filemap_read_folio+0xc6/0x2a0 mm/filemap.c:2367 do_read_cache_folio+0x263/0x5c0 mm/filemap.c:3825 read_mapping_folio include/linux/pagemap.h:1011 [en l\u00ednea] erofs_bread+0x34d/0x7e0 fs/erofs/data.c:41 erofs_read_superblock fs/erofs/super.c:281 [en l\u00ednea] erofs_fc_fill_super+0x2b9/0x2500 fs/erofs/super.c:625 A diferencia de la mayor\u00eda de los sistemas de archivos, algunos sistemas de archivos de red y FUSE necesitan punteros de `archivo` v\u00e1lidos e inevitables para sus E/S de lectura [1]. De todos modos, esos casos de uso tambi\u00e9n deben ser compatibles. [1] https://docs.kernel.org/filesystems/vfs.html" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.12", + "versionEndExcluding": "6.12.2", + "matchCriteriaId": "D8882B1B-2ABC-4838-AC1D-DBDBB5764776" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/3a23787ca8756920d65fda39f41353a4be1d1642", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/5036f2f024cac40a02ea6ea70de2c3a4407d16bc", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-533xx/CVE-2024-53345.json b/CVE-2024/CVE-2024-533xx/CVE-2024-53345.json new file mode 100644 index 00000000000..7738995e2f4 --- /dev/null +++ b/CVE-2024/CVE-2024-533xx/CVE-2024-53345.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-53345", + "sourceIdentifier": "cve@mitre.org", + "published": "2025-01-07T16:15:35.777", + "lastModified": "2025-01-07T16:15:35.777", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An authenticated arbitrary file upload vulnerability in Car Rental Management System v1.0 to v1.3 allows attackers to execute arbitrary code via uploading a crafted file." + } + ], + "metrics": {}, + "references": [ + { + "url": "http://car.com", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/ShadowByte1/CVE-2024-53345", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-538xx/CVE-2024-53800.json b/CVE-2024/CVE-2024-538xx/CVE-2024-53800.json new file mode 100644 index 00000000000..f41c401a0c8 --- /dev/null +++ b/CVE-2024/CVE-2024-538xx/CVE-2024-53800.json @@ -0,0 +1,86 @@ +{ + "id": "CVE-2024-53800", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:35.883", + "lastModified": "2025-01-07T16:15:35.883", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Rezgo Rezgo allows PHP Local File Inclusion.This issue affects Rezgo: from n/a through 4.15." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.2, + "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.2, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-98" + } + ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-829" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/rezgo/vulnerability/wordpress-rezgo-online-booking-plugin-4-15-local-file-inclusion-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-547xx/CVE-2024-54767.json b/CVE-2024/CVE-2024-547xx/CVE-2024-54767.json index 88afe44db9e..7ae1dd8aacd 100644 --- a/CVE-2024/CVE-2024-547xx/CVE-2024-54767.json +++ b/CVE-2024/CVE-2024-547xx/CVE-2024-54767.json @@ -2,16 +2,55 @@ "id": "CVE-2024-54767", "sourceIdentifier": "cve@mitre.org", "published": "2025-01-06T23:15:07.513", - "lastModified": "2025-01-06T23:15:07.513", + "lastModified": "2025-01-07T16:15:36.157", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An access control issue in the component /juis_boxinfo.xml of AVM FRITZ!Box 7530 AX v7.59 allows attackers to obtain sensitive information without authentication." + }, + { + "lang": "es", + "value": "Un problema de control de acceso en el componente /juis_boxinfo.xml de AVM FRITZ!Box 7530 AX v7.59 permite a los atacantes obtener informaci\u00f3n confidencial sin autenticaci\u00f3n." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-203" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/Shuanunio/CVE_Requests/blob/main/AVM/fritz/AVM_FRITZ%21Box_7530%20AX_unauthorized_access_vulnerability_first.md", diff --git a/CVE-2024/CVE-2024-549xx/CVE-2024-54984.json b/CVE-2024/CVE-2024-549xx/CVE-2024-54984.json index f1590f3c2ad..56afde56c87 100644 --- a/CVE-2024/CVE-2024-549xx/CVE-2024-54984.json +++ b/CVE-2024/CVE-2024-549xx/CVE-2024-54984.json @@ -2,13 +2,20 @@ "id": "CVE-2024-54984", "sourceIdentifier": "cve@mitre.org", "published": "2024-12-19T22:15:06.563", - "lastModified": "2024-12-31T20:16:07.547", + "lastModified": "2025-01-07T15:15:10.720", "vulnStatus": "Awaiting Analysis", - "cveTags": [], + "cveTags": [ + { + "sourceIdentifier": "cve@mitre.org", + "tags": [ + "disputed" + ] + } + ], "descriptions": [ { "lang": "en", - "value": "An issue in Quectel BG96 BG96MAR02A08M1G allows attackers to bypass authentication via a crafted NAS message." + "value": "An issue in Quectel BG96 BG96MAR02A08M1G allows attackers to bypass authentication via a crafted NAS message. NOTE: this is disputed by the supplier." }, { "lang": "es", diff --git a/CVE-2024/CVE-2024-550xx/CVE-2024-55008.json b/CVE-2024/CVE-2024-550xx/CVE-2024-55008.json new file mode 100644 index 00000000000..30cb4a222f4 --- /dev/null +++ b/CVE-2024/CVE-2024-550xx/CVE-2024-55008.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-55008", + "sourceIdentifier": "cve@mitre.org", + "published": "2025-01-07T16:15:36.337", + "lastModified": "2025-01-07T16:15:36.337", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "JATOS 3.9.4 contains a denial-of-service (DoS) vulnerability in the authentication system, where an attacker can prevent legitimate users from accessing their accounts by repeatedly sending multiple failed login attempts. Specifically, by submitting 3 incorrect login attempts every minute, the attacker can trigger the account lockout mechanism on the account level, effectively locking the user out indefinitely. Since the lockout is applied to the user account and not based on the IP address, any attacker can trigger the lockout on any user account, regardless of their privileges." + } + ], + "metrics": {}, + "references": [ + { + "url": "http://jatos.com", + "source": "cve@mitre.org" + }, + { + "url": "https://hacking-notes.medium.com/cve-2024-51379-jatos-v3-9-4-account-lockout-denial-of-service-cc970f4ca58f", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-554xx/CVE-2024-55407.json b/CVE-2024/CVE-2024-554xx/CVE-2024-55407.json index 91b702fdb64..e217163cbd8 100644 --- a/CVE-2024/CVE-2024-554xx/CVE-2024-55407.json +++ b/CVE-2024/CVE-2024-554xx/CVE-2024-55407.json @@ -2,16 +2,55 @@ "id": "CVE-2024-55407", "sourceIdentifier": "cve@mitre.org", "published": "2025-01-06T19:15:12.910", - "lastModified": "2025-01-06T19:15:12.910", - "vulnStatus": "Received", + "lastModified": "2025-01-07T16:15:36.480", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in the DeviceloControl function of ITE Tech. Inc ITE IO Access v1.0.0.0 allows attackers to perform arbitrary port read and write actions via supplying crafted IOCTL requests." + }, + { + "lang": "es", + "value": "Un problema en la funci\u00f3n DeviceloControl de ITE Tech. Inc ITE IO Access v1.0.0.0 permite a los atacantes realizar acciones arbitrarias de lectura y escritura de puertos mediante el suministro de solicitudes IOCTL manipuladas." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-1284" + } + ] } ], - "metrics": {}, "references": [ { "url": "http://ite.com", diff --git a/CVE-2024/CVE-2024-555xx/CVE-2024-55550.json b/CVE-2024/CVE-2024-555xx/CVE-2024-55550.json index 2d714b8d4d5..5ce0d6bd6a8 100644 --- a/CVE-2024/CVE-2024-555xx/CVE-2024-55550.json +++ b/CVE-2024/CVE-2024-555xx/CVE-2024-55550.json @@ -2,7 +2,7 @@ "id": "CVE-2024-55550", "sourceIdentifier": "cve@mitre.org", "published": "2024-12-10T19:15:31.110", - "lastModified": "2024-12-11T15:15:19.653", + "lastModified": "2025-01-07T16:15:36.660", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -46,7 +46,7 @@ "description": [ { "lang": "en", - "value": "CWE-125" + "value": "CWE-22" } ] } diff --git a/CVE-2024/CVE-2024-555xx/CVE-2024-55553.json b/CVE-2024/CVE-2024-555xx/CVE-2024-55553.json index 85a6a05b638..affc1ac21c0 100644 --- a/CVE-2024/CVE-2024-555xx/CVE-2024-55553.json +++ b/CVE-2024/CVE-2024-555xx/CVE-2024-55553.json @@ -2,16 +2,55 @@ "id": "CVE-2024-55553", "sourceIdentifier": "cve@mitre.org", "published": "2025-01-06T23:15:07.637", - "lastModified": "2025-01-06T23:15:07.637", + "lastModified": "2025-01-07T16:15:36.840", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In FRRouting (FRR) before 10.3, it is possible for an attacker to trigger repeated RIB revalidation by sending approximately 500 RPKI updates, potentially leading to prolonged revalidation times and a Denial of Service (DoS) scenario." + }, + { + "lang": "es", + "value": "En FRRouting (FRR) anterior a 10.3, es posible que un atacante active la revalidaci\u00f3n repetida de RIB enviando aproximadamente 500 actualizaciones de RPKI, lo que potencialmente genera tiempos de revalidaci\u00f3n prolongados y un escenario de denegaci\u00f3n de servicio (DoS)." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-404" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://frrouting.org/security/cve-2024-55553/", diff --git a/CVE-2024/CVE-2024-555xx/CVE-2024-55556.json b/CVE-2024/CVE-2024-555xx/CVE-2024-55556.json new file mode 100644 index 00000000000..4dc57fa4920 --- /dev/null +++ b/CVE-2024/CVE-2024-555xx/CVE-2024-55556.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2024-55556", + "sourceIdentifier": "cve@mitre.org", + "published": "2025-01-07T16:15:37.017", + "lastModified": "2025-01-07T16:15:37.017", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability in Crater Invoice allows an unauthenticated attacker with knowledge of the APP_KEY to achieve remote command execution on the server by manipulating the laravel_session cookie, exploiting arbitrary deserialization through the encrypted session data. The exploitation vector of this vulnerability relies on an attacker obtaining Laravel's secret APP_KEY, which would allow them to decrypt and manipulate session cookies (laravel_session) containing serialized data. By altering this data and re-encrypting it with the APP_KEY, the attacker could trigger arbitrary deserialization on the server, potentially leading to remote command execution (RCE). The vulnerability is primarily exploited by accessing an exposed cookie and manipulating it using the secret key to gain malicious access to the server." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/crater-invoice/crater", + "source": "cve@mitre.org" + }, + { + "url": "https://www.synacktiv.com/", + "source": "cve@mitre.org" + }, + { + "url": "https://www.synacktiv.com/advisories/crater-invoice-unauthenticated-remote-command-execution-when-appkey-known", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-560xx/CVE-2024-56056.json b/CVE-2024/CVE-2024-560xx/CVE-2024-56056.json new file mode 100644 index 00000000000..0da292d4644 --- /dev/null +++ b/CVE-2024/CVE-2024-560xx/CVE-2024-56056.json @@ -0,0 +1,86 @@ +{ + "id": "CVE-2024-56056", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:37.140", + "lastModified": "2025-01-07T16:15:37.140", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kmfoysal06 SimpleCharm allows Reflected XSS.This issue affects SimpleCharm: from n/a through 1.4.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/theme/simplecharm/vulnerability/wordpress-simplecharm-theme-1-4-3-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-88xx/CVE-2024-8855.json b/CVE-2024/CVE-2024-88xx/CVE-2024-8855.json index 0838f1d3cb4..f09023689d4 100644 --- a/CVE-2024/CVE-2024-88xx/CVE-2024-8855.json +++ b/CVE-2024/CVE-2024-88xx/CVE-2024-8855.json @@ -2,16 +2,55 @@ "id": "CVE-2024-8855", "sourceIdentifier": "contact@wpscan.com", "published": "2025-01-07T06:15:17.977", - "lastModified": "2025-01-07T06:15:17.977", + "lastModified": "2025-01-07T16:15:37.873", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The WordPress Auction Plugin WordPress plugin through 3.7 does not sanitize and escape a parameter before using it in a SQL statement, allowing editors and above to perform SQL injection attacks" + }, + { + "lang": "es", + "value": "El complemento WordPress Auction Plugin de WordPress El complemento de WordPress hasta la versi\u00f3n 3.7 no desinfecta ni escapa un par\u00e1metro antes de usarlo en una declaraci\u00f3n SQL, lo que permite a los editores y superiores realizar ataques de inyecci\u00f3n SQL" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://wpscan.com/vulnerability/04084f2a-45b8-4249-a472-f156fad0c90a/", diff --git a/CVE-2024/CVE-2024-88xx/CVE-2024-8857.json b/CVE-2024/CVE-2024-88xx/CVE-2024-8857.json index b2ea8e6d420..0b32ee954e9 100644 --- a/CVE-2024/CVE-2024-88xx/CVE-2024-8857.json +++ b/CVE-2024/CVE-2024-88xx/CVE-2024-8857.json @@ -2,16 +2,55 @@ "id": "CVE-2024-8857", "sourceIdentifier": "contact@wpscan.com", "published": "2025-01-07T06:15:18.100", - "lastModified": "2025-01-07T06:15:18.100", + "lastModified": "2025-01-07T16:15:38.023", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The WordPress Auction Plugin WordPress plugin through 3.7 does not sanitise and escape some of its settings, which could allow high privilege users such as editors to perform Stored Cross-Site Scripting attacks." + }, + { + "lang": "es", + "value": "El complemento WordPress Auction Plugin de WordPress El complemento de WordPress hasta la versi\u00f3n 3.7 no desinfecta ni escapa a algunas de sus configuraciones, lo que podr\u00eda permitir que usuarios con altos privilegios, como editores, realicen ataques de cross site scripting almacenado." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 4.8, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://wpscan.com/vulnerability/08ca6daa-09f4-4604-ac9e-15a1b33d599d/", diff --git a/CVE-2024/CVE-2024-96xx/CVE-2024-9638.json b/CVE-2024/CVE-2024-96xx/CVE-2024-9638.json index 918effc8e4f..66fa92bbdfc 100644 --- a/CVE-2024/CVE-2024-96xx/CVE-2024-9638.json +++ b/CVE-2024/CVE-2024-96xx/CVE-2024-9638.json @@ -2,16 +2,55 @@ "id": "CVE-2024-9638", "sourceIdentifier": "contact@wpscan.com", "published": "2025-01-07T06:15:18.217", - "lastModified": "2025-01-07T06:15:18.217", + "lastModified": "2025-01-07T16:15:38.170", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Category Posts Widget WordPress plugin before 4.9.18 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)." + }, + { + "lang": "es", + "value": "El complemento Category Posts Widget de WordPress anterior a la versi\u00f3n 4.9.18 no desinfecta ni escapa a algunas de sus configuraciones, lo que podr\u00eda permitir a usuarios con privilegios elevados como el administrador realizar ataques de cross site scripting almacenado incluso cuando la capacidad unfiltered_html no est\u00e1 permitida (por ejemplo, en una configuraci\u00f3n de varios sitios)." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 4.8, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://wpscan.com/vulnerability/119d5249-48e4-429e-8a1d-ad112e0c966d/", diff --git a/CVE-2025/CVE-2025-02xx/CVE-2025-0237.json b/CVE-2025/CVE-2025-02xx/CVE-2025-0237.json new file mode 100644 index 00000000000..fbf5ef0ea14 --- /dev/null +++ b/CVE-2025/CVE-2025-02xx/CVE-2025-0237.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2025-0237", + "sourceIdentifier": "security@mozilla.org", + "published": "2025-01-07T16:15:38.323", + "lastModified": "2025-01-07T16:15:38.323", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The WebChannel API, which is used to transport various information across processes, did not check the sending principal but rather accepted the principal being sent. This could have led to privilege escalation attacks. This vulnerability affects Firefox < 134 and Firefox ESR < 128.6." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1915257", + "source": "security@mozilla.org" + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2025-01/", + "source": "security@mozilla.org" + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2025-02/", + "source": "security@mozilla.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-02xx/CVE-2025-0238.json b/CVE-2025/CVE-2025-02xx/CVE-2025-0238.json new file mode 100644 index 00000000000..750228f48ae --- /dev/null +++ b/CVE-2025/CVE-2025-02xx/CVE-2025-0238.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2025-0238", + "sourceIdentifier": "security@mozilla.org", + "published": "2025-01-07T16:15:38.470", + "lastModified": "2025-01-07T16:15:38.470", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Assuming a controlled failed memory allocation, an attacker could have caused a use-after-free, leading to a potentially exploitable crash. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, and Firefox ESR < 115.19." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1915535", + "source": "security@mozilla.org" + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2025-01/", + "source": "security@mozilla.org" + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2025-02/", + "source": "security@mozilla.org" + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2025-03/", + "source": "security@mozilla.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-02xx/CVE-2025-0239.json b/CVE-2025/CVE-2025-02xx/CVE-2025-0239.json new file mode 100644 index 00000000000..16b2b7ceeb2 --- /dev/null +++ b/CVE-2025/CVE-2025-02xx/CVE-2025-0239.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2025-0239", + "sourceIdentifier": "security@mozilla.org", + "published": "2025-01-07T16:15:38.563", + "lastModified": "2025-01-07T16:15:38.563", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "When using Alt-Svc, ALPN did not properly validate certificates when the original server is redirecting to an insecure site. This vulnerability affects Firefox < 134 and Firefox ESR < 128.6." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1929156", + "source": "security@mozilla.org" + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2025-01/", + "source": "security@mozilla.org" + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2025-02/", + "source": "security@mozilla.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-02xx/CVE-2025-0240.json b/CVE-2025/CVE-2025-02xx/CVE-2025-0240.json new file mode 100644 index 00000000000..ffba73e951d --- /dev/null +++ b/CVE-2025/CVE-2025-02xx/CVE-2025-0240.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2025-0240", + "sourceIdentifier": "security@mozilla.org", + "published": "2025-01-07T16:15:38.663", + "lastModified": "2025-01-07T16:15:38.663", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Parsing a JavaScript module as JSON could, under some circumstances, cause cross-compartment access, which may result in a use-after-free. This vulnerability affects Firefox < 134 and Firefox ESR < 128.6." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1929623", + "source": "security@mozilla.org" + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2025-01/", + "source": "security@mozilla.org" + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2025-02/", + "source": "security@mozilla.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-02xx/CVE-2025-0241.json b/CVE-2025/CVE-2025-02xx/CVE-2025-0241.json new file mode 100644 index 00000000000..103b5ee832e --- /dev/null +++ b/CVE-2025/CVE-2025-02xx/CVE-2025-0241.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2025-0241", + "sourceIdentifier": "security@mozilla.org", + "published": "2025-01-07T16:15:38.767", + "lastModified": "2025-01-07T16:15:38.767", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "When segmenting specially crafted text, segmentation would corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox < 134 and Firefox ESR < 128.6." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1933023", + "source": "security@mozilla.org" + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2025-01/", + "source": "security@mozilla.org" + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2025-02/", + "source": "security@mozilla.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-02xx/CVE-2025-0242.json b/CVE-2025/CVE-2025-02xx/CVE-2025-0242.json new file mode 100644 index 00000000000..d57ebbb097a --- /dev/null +++ b/CVE-2025/CVE-2025-02xx/CVE-2025-0242.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2025-0242", + "sourceIdentifier": "security@mozilla.org", + "published": "2025-01-07T16:15:38.860", + "lastModified": "2025-01-07T16:15:38.860", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Memory safety bugs present in Firefox 133, Thunderbird 133, Firefox ESR 115.18, Firefox ESR 128.5, Thunderbird 115.18, and Thunderbird 128.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, and Firefox ESR < 115.19." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1874523%2C1926454%2C1931873%2C1932169", + "source": "security@mozilla.org" + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2025-01/", + "source": "security@mozilla.org" + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2025-02/", + "source": "security@mozilla.org" + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2025-03/", + "source": "security@mozilla.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-02xx/CVE-2025-0243.json b/CVE-2025/CVE-2025-02xx/CVE-2025-0243.json new file mode 100644 index 00000000000..32df55d5757 --- /dev/null +++ b/CVE-2025/CVE-2025-02xx/CVE-2025-0243.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2025-0243", + "sourceIdentifier": "security@mozilla.org", + "published": "2025-01-07T16:15:38.973", + "lastModified": "2025-01-07T16:15:38.973", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Memory safety bugs present in Firefox 133, Thunderbird 133, Firefox ESR 128.5, and Thunderbird 128.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 134 and Firefox ESR < 128.6." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1827142%2C1932783", + "source": "security@mozilla.org" + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2025-01/", + "source": "security@mozilla.org" + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2025-02/", + "source": "security@mozilla.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-02xx/CVE-2025-0244.json b/CVE-2025/CVE-2025-02xx/CVE-2025-0244.json new file mode 100644 index 00000000000..3bcf7a73d10 --- /dev/null +++ b/CVE-2025/CVE-2025-02xx/CVE-2025-0244.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2025-0244", + "sourceIdentifier": "security@mozilla.org", + "published": "2025-01-07T16:15:39.073", + "lastModified": "2025-01-07T16:15:39.073", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "When redirecting to an invalid protocol scheme, an attacker could spoof the address bar. \n*Note: This issue only affected Android operating systems. Other operating systems are unaffected.* This vulnerability affects Firefox < 134." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1929584", + "source": "security@mozilla.org" + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2025-01/", + "source": "security@mozilla.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-02xx/CVE-2025-0245.json b/CVE-2025/CVE-2025-02xx/CVE-2025-0245.json new file mode 100644 index 00000000000..052d1cd7b47 --- /dev/null +++ b/CVE-2025/CVE-2025-02xx/CVE-2025-0245.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2025-0245", + "sourceIdentifier": "security@mozilla.org", + "published": "2025-01-07T16:15:39.167", + "lastModified": "2025-01-07T16:15:39.167", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Under certain circumstances, a user opt-in setting that Focus should require authentication before use could have been be bypassed. This vulnerability affects Firefox < 134." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1895342", + "source": "security@mozilla.org" + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2025-01/", + "source": "security@mozilla.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-02xx/CVE-2025-0246.json b/CVE-2025/CVE-2025-02xx/CVE-2025-0246.json new file mode 100644 index 00000000000..fee56c5ce86 --- /dev/null +++ b/CVE-2025/CVE-2025-02xx/CVE-2025-0246.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2025-0246", + "sourceIdentifier": "security@mozilla.org", + "published": "2025-01-07T16:15:39.260", + "lastModified": "2025-01-07T16:15:39.260", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "When using an invalid protocol scheme, an attacker could spoof the address bar. \n*Note: This issue only affected Android operating systems. Other operating systems are unaffected.*\n*Note: This issue is a different issue from CVE-2025-0244. This vulnerability affects Firefox < 134." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1912709", + "source": "security@mozilla.org" + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2025-01/", + "source": "security@mozilla.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-02xx/CVE-2025-0247.json b/CVE-2025/CVE-2025-02xx/CVE-2025-0247.json new file mode 100644 index 00000000000..a4ed2c82e9d --- /dev/null +++ b/CVE-2025/CVE-2025-02xx/CVE-2025-0247.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2025-0247", + "sourceIdentifier": "security@mozilla.org", + "published": "2025-01-07T16:15:39.357", + "lastModified": "2025-01-07T16:15:39.357", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Memory safety bugs present in Firefox 133 and Thunderbird 133. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 134." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1835193%2C1910021%2C1919803%2C1931576%2C1931948%2C1932173", + "source": "security@mozilla.org" + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2025-01/", + "source": "security@mozilla.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-02xx/CVE-2025-0294.json b/CVE-2025/CVE-2025-02xx/CVE-2025-0294.json index f7cb9e57a24..671bb2d0fe0 100644 --- a/CVE-2025/CVE-2025-02xx/CVE-2025-0294.json +++ b/CVE-2025/CVE-2025-02xx/CVE-2025-0294.json @@ -2,7 +2,7 @@ "id": "CVE-2025-0294", "sourceIdentifier": "cna@vuldb.com", "published": "2025-01-07T14:15:24.277", - "lastModified": "2025-01-07T14:15:24.277", + "lastModified": "2025-01-07T15:15:12.113", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -107,7 +107,7 @@ "weaknesses": [ { "source": "cna@vuldb.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -140,6 +140,10 @@ { "url": "https://www.sourcecodester.com/", "source": "cna@vuldb.com" + }, + { + "url": "https://github.com/xiaosguang/cve/blob/main/Home%20Clean%20Services%20Management/Home%20Clean%20Services%20Management%20System%20process.php%20id%20SQL%20injection.md", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-02xx/CVE-2025-0295.json b/CVE-2025/CVE-2025-02xx/CVE-2025-0295.json new file mode 100644 index 00000000000..c385a50d4c4 --- /dev/null +++ b/CVE-2025/CVE-2025-02xx/CVE-2025-0295.json @@ -0,0 +1,175 @@ +{ + "id": "CVE-2025-0295", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-01-07T15:15:12.320", + "lastModified": "2025-01-07T16:15:39.460", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in code-projects Online Book Shop 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /booklist.php?subcatid=1. The manipulation of the argument subcatnm leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 3.5, + "baseSeverity": "LOW", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.1, + "impactScore": 1.4 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 3.5, + "baseSeverity": "LOW", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.1, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", + "baseScore": 4.0, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "NONE" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + }, + { + "lang": "en", + "value": "CWE-94" + } + ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "references": [ + { + "url": "https://code-projects.org/", + "source": "cna@vuldb.com" + }, + { + "url": "https://gist.github.com/th4s1s/19d21e7fdbaf3512fccfd75df3080657", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.290444", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.290444", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.475134", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-02xx/CVE-2025-0296.json b/CVE-2025/CVE-2025-02xx/CVE-2025-0296.json new file mode 100644 index 00000000000..dc7361f447f --- /dev/null +++ b/CVE-2025/CVE-2025-02xx/CVE-2025-0296.json @@ -0,0 +1,175 @@ +{ + "id": "CVE-2025-0296", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-01-07T15:15:12.530", + "lastModified": "2025-01-07T16:15:39.673", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in code-projects Online Book Shop 1.0. It has been classified as critical. This affects an unknown part of the file /booklist.php. The manipulation of the argument subcatid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 6.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 6.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "baseScore": 6.5, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-74" + }, + { + "lang": "en", + "value": "CWE-89" + } + ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://code-projects.org/", + "source": "cna@vuldb.com" + }, + { + "url": "https://gist.github.com/th4s1s/4ebf1c60bbec213119f2eaac9cd29118", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.290445", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.290445", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.475135", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-02xx/CVE-2025-0297.json b/CVE-2025/CVE-2025-02xx/CVE-2025-0297.json new file mode 100644 index 00000000000..bb00b838e9e --- /dev/null +++ b/CVE-2025/CVE-2025-02xx/CVE-2025-0297.json @@ -0,0 +1,175 @@ +{ + "id": "CVE-2025-0297", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-01-07T16:15:39.887", + "lastModified": "2025-01-07T16:15:39.887", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in code-projects Online Book Shop 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /detail.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 6.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 6.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "baseScore": 6.5, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-74" + }, + { + "lang": "en", + "value": "CWE-89" + } + ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://code-projects.org/", + "source": "cna@vuldb.com" + }, + { + "url": "https://gist.github.com/th4s1s/782f2e19784f48bb80e4d658a49bd680", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.290446", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.290446", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.475138", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-02xx/CVE-2025-0298.json b/CVE-2025/CVE-2025-02xx/CVE-2025-0298.json new file mode 100644 index 00000000000..19740ae6f5c --- /dev/null +++ b/CVE-2025/CVE-2025-02xx/CVE-2025-0298.json @@ -0,0 +1,145 @@ +{ + "id": "CVE-2025-0298", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-01-07T16:15:40.167", + "lastModified": "2025-01-07T16:15:40.167", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in code-projects Online Book Shop 1.0. It has been rated as critical. This issue affects some unknown processing of the file /process_login.php. The manipulation of the argument usernm leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 6.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "baseScore": 6.5, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-74" + }, + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://code-projects.org/", + "source": "cna@vuldb.com" + }, + { + "url": "https://gist.github.com/th4s1s/5435e605e6e9f14a5b76c313483eb58a", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.290447", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.290447", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.475159", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-216xx/CVE-2025-21616.json b/CVE-2025/CVE-2025-216xx/CVE-2025-21616.json index 0f6930d751a..836c6b284bd 100644 --- a/CVE-2025/CVE-2025-216xx/CVE-2025-21616.json +++ b/CVE-2025/CVE-2025-216xx/CVE-2025-21616.json @@ -2,13 +2,17 @@ "id": "CVE-2025-21616", "sourceIdentifier": "security-advisories@github.com", "published": "2025-01-06T22:15:11.023", - "lastModified": "2025-01-06T22:15:11.023", + "lastModified": "2025-01-07T16:15:40.390", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Plane is an open-source project management tool. A cross-site scripting (XSS) vulnerability has been identified in Plane versions prior to 0.23. The vulnerability allows authenticated users to upload SVG files containing malicious JavaScript code as profile images, which gets executed in victims' browsers when viewing the profile image." + }, + { + "lang": "es", + "value": "Plane es una herramienta de gesti\u00f3n de proyectos de c\u00f3digo abierto. Se ha identificado una vulnerabilidad de cross site scripting (XSS) en versiones de Plane anteriores a la 0.23. La vulnerabilidad permite a los usuarios autenticados cargar archivos SVG que contienen c\u00f3digo JavaScript malicioso como im\u00e1genes de perfil, que se ejecutan en los navegadores de las v\u00edctimas cuando ven la imagen de perfil." } ], "metrics": { @@ -38,7 +42,7 @@ "weaknesses": [ { "source": "security-advisories@github.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -51,6 +55,10 @@ { "url": "https://github.com/makeplane/plane/security/advisories/GHSA-rcg8-g69v-x23j", "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/makeplane/plane/security/advisories/GHSA-rcg8-g69v-x23j", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-216xx/CVE-2025-21622.json b/CVE-2025/CVE-2025-216xx/CVE-2025-21622.json new file mode 100644 index 00000000000..bb806934612 --- /dev/null +++ b/CVE-2025/CVE-2025-216xx/CVE-2025-21622.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2025-21622", + "sourceIdentifier": "security-advisories@github.com", + "published": "2025-01-07T16:15:40.510", + "lastModified": "2025-01-07T16:15:40.510", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "ClipBucket V5 provides open source video hosting with PHP. During the user avatar upload workflow, a user can choose to upload and change their avatar at any time. During deletion, ClipBucket checks for the avatar_url as a filepath within the avatars subdirectory. If the URL path exists within the avatars directory, ClipBucket will delete it. There is no check for path traversal sequences in the provided user input (stored in the DB as avatar_url) therefore the final $file variable could be tainted with path traversal sequences. This leads to file deletion outside of the intended scope of the avatars folder. This vulnerability is fixed in 5.5.1 - 237." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/MacWarrior/clipbucket-v5/commit/22329c4675e82c7c95e74024ba247f837ac9e00b", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/MacWarrior/clipbucket-v5/security/advisories/GHSA-5qpx-23rw-36gg", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-216xx/CVE-2025-21623.json b/CVE-2025/CVE-2025-216xx/CVE-2025-21623.json new file mode 100644 index 00000000000..f4145793966 --- /dev/null +++ b/CVE-2025/CVE-2025-216xx/CVE-2025-21623.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2025-21623", + "sourceIdentifier": "security-advisories@github.com", + "published": "2025-01-07T16:15:40.690", + "lastModified": "2025-01-07T16:15:40.690", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "ClipBucket V5 provides open source video hosting with PHP. Prior to 5.5.1 - 238, ClipBucket V5 allows unauthenticated attackers to change the template directory via a directory traversal, which results in a denial of service." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + }, + { + "lang": "en", + "value": "CWE-306" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/MacWarrior/clipbucket-v5/commit/75d663f010cd8569eb9e278f030838174fb30188", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/MacWarrior/clipbucket-v5/security/advisories/GHSA-ffhj-hprx-7qvr", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-216xx/CVE-2025-21624.json b/CVE-2025/CVE-2025-216xx/CVE-2025-21624.json new file mode 100644 index 00000000000..6948fe15d58 --- /dev/null +++ b/CVE-2025/CVE-2025-216xx/CVE-2025-21624.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2025-21624", + "sourceIdentifier": "security-advisories@github.com", + "published": "2025-01-07T16:15:40.853", + "lastModified": "2025-01-07T16:15:40.853", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "ClipBucket V5 provides open source video hosting with PHP. Prior to 5.5.1 - 239, a file upload vulnerability exists in the Manage Playlist functionality of the application, specifically surrounding the uploading of playlist cover images. Without proper checks, an attacker can upload a PHP script file instead of an image file, thus allowing a webshell or other malicious files to be stored and executed on the server. This attack vector exists in both the admin area and low-level user area. This vulnerability is fixed in 5.5.1 - 239." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/MacWarrior/clipbucket-v5/commit/893bfb0f1236c4a59b5e2843ab8d27a1e491b12b", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/MacWarrior/clipbucket-v5/security/advisories/GHSA-98vm-2xqm-xrcc", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-222xx/CVE-2025-22294.json b/CVE-2025/CVE-2025-222xx/CVE-2025-22294.json new file mode 100644 index 00000000000..8921cd84172 --- /dev/null +++ b/CVE-2025/CVE-2025-222xx/CVE-2025-22294.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22294", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:41.137", + "lastModified": "2025-01-07T16:15:41.137", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Gravity Master Custom Field For WP Job Manager allows Reflected XSS.This issue affects Custom Field For WP Job Manager: from n/a through 1.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/custom-field-for-wp-job-manager/vulnerability/wordpress-custom-field-for-wp-job-manager-plugin-1-3-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-223xx/CVE-2025-22335.json b/CVE-2025/CVE-2025-223xx/CVE-2025-22335.json new file mode 100644 index 00000000000..f6898d78ed6 --- /dev/null +++ b/CVE-2025/CVE-2025-223xx/CVE-2025-22335.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22335", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:42.703", + "lastModified": "2025-01-07T16:15:42.703", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Md. Rajib Dewan Opencart Product in WP allows Reflected XSS.This issue affects Opencart Product in WP: from n/a through 1.0.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/opencart-product-in-wp/vulnerability/wordpress-opencart-product-in-wp-plugin-1-0-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-223xx/CVE-2025-22338.json b/CVE-2025/CVE-2025-223xx/CVE-2025-22338.json new file mode 100644 index 00000000000..50cd3013a1e --- /dev/null +++ b/CVE-2025/CVE-2025-223xx/CVE-2025-22338.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22338", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:44.117", + "lastModified": "2025-01-07T16:15:44.117", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in lich_wang WP-tagMaker allows Reflected XSS.This issue affects WP-tagMaker: from n/a through 0.2.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/tagmaker/vulnerability/wordpress-wp-tagmaker-plugin-0-2-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22502.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22502.json new file mode 100644 index 00000000000..689b4d98383 --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22502.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22502", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:45.717", + "lastModified": "2025-01-07T16:15:45.717", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mindvalley MindValley Super PageMash allows SQL Injection.This issue affects MindValley Super PageMash: from n/a through 1.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L", + "baseScore": 7.6, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/mindvalley-pagemash/vulnerability/wordpress-mindvalley-super-pagemash-plugin-1-1-sql-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22503.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22503.json new file mode 100644 index 00000000000..1a716db5331 --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22503.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22503", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:45.877", + "lastModified": "2025-01-07T16:15:45.877", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Digital Zoom Studio Admin debug wordpress \u2013 enable debug allows Cross Site Request Forgery.This issue affects Admin debug wordpress \u2013 enable debug: from n/a through 1.0.13." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/dzs-enable-debug/vulnerability/wordpress-admin-debug-wordpress-enable-debug-plugin-1-0-13-cross-site-request-forgery-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22507.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22507.json new file mode 100644 index 00000000000..4b98efe749a --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22507.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22507", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:46.040", + "lastModified": "2025-01-07T16:15:46.040", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Benjamin Santalucia (ben@woow-fr.com) WPMU Prefill Post allows SQL Injection.This issue affects WPMU Prefill Post: from n/a through 1.02." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L", + "baseScore": 7.6, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wpmu-prefill-post/vulnerability/wordpress-wpmu-prefill-post-plugin-1-02-sql-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22511.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22511.json new file mode 100644 index 00000000000..378bd7fbdc3 --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22511.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22511", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:46.180", + "lastModified": "2025-01-07T16:15:46.180", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ella van Durpe Slides & Presentations allows Stored XSS.This issue affects Slides & Presentations: from n/a through 0.0.39." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/slide/vulnerability/wordpress-slides-presentations-plugin-0-0-39-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22512.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22512.json new file mode 100644 index 00000000000..ccfcc2af17b --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22512.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22512", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:46.320", + "lastModified": "2025-01-07T16:15:46.320", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in Sprout Apps Help Scout allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Help Scout: from n/a through 6.5.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/help-scout/vulnerability/wordpress-help-scout-plugin-6-5-1-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22515.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22515.json new file mode 100644 index 00000000000..0356ada6ce2 --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22515.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22515", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:46.497", + "lastModified": "2025-01-07T16:15:46.497", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Simon Chuang Show Google Analytics widget allows Stored XSS.This issue affects Show Google Analytics widget: from n/a through 1.5.4." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/show-google-analytics-widget/vulnerability/wordpress-show-google-analytics-widget-plugin-1-5-4-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22516.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22516.json new file mode 100644 index 00000000000..0def5882c3b --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22516.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22516", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:46.653", + "lastModified": "2025-01-07T16:15:46.653", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hitesh Patel Metadata SEO allows Stored XSS.This issue affects Metadata SEO: from n/a through 2.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/metadata-seo/vulnerability/wordpress-metadata-seo-plugin-2-3-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22517.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22517.json new file mode 100644 index 00000000000..024a04e0472 --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22517.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22517", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:46.820", + "lastModified": "2025-01-07T16:15:46.820", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ben Huson List Pages at Depth allows Stored XSS.This issue affects List Pages at Depth: from n/a through 1.5." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/list-pages-at-depth/vulnerability/wordpress-list-pages-at-depth-plugin-1-5-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22518.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22518.json new file mode 100644 index 00000000000..cc5b5a0aadd --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22518.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22518", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:46.990", + "lastModified": "2025-01-07T16:15:46.990", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in KentoThemes Justified Image Gallery allows Stored XSS.This issue affects Justified Image Gallery: from n/a through 1.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/justified-image-gallery/vulnerability/wordpress-justified-image-gallery-plugin-1-0-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22519.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22519.json new file mode 100644 index 00000000000..a7c0b3cd785 --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22519.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22519", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:47.140", + "lastModified": "2025-01-07T16:15:47.140", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in eDoc Intelligence LLC eDoc Easy Tables allows SQL Injection.This issue affects eDoc Easy Tables: from n/a through 1.29." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L", + "baseScore": 8.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.1, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/edoc-easy-tables/vulnerability/wordpress-edoc-easy-tables-plugin-1-29-sql-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22520.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22520.json new file mode 100644 index 00000000000..cf2c3f73e39 --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22520.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22520", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:47.310", + "lastModified": "2025-01-07T16:15:47.310", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Tock Tock Widget allows Cross Site Request Forgery.This issue affects Tock Widget: from n/a through 1.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/tock-widget/vulnerability/wordpress-tock-widget-plugin-1-1-csrf-to-stored-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22522.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22522.json new file mode 100644 index 00000000000..0a58141ae74 --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22522.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22522", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:47.513", + "lastModified": "2025-01-07T16:15:47.513", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Roya Khosravi SingSong allows Stored XSS.This issue affects SingSong: from n/a through 1.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/singsong/vulnerability/wordpress-singsong-plugin-1-2-csrf-to-stored-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22524.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22524.json new file mode 100644 index 00000000000..f41aa525fed --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22524.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22524", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:47.680", + "lastModified": "2025-01-07T16:15:47.680", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in instaform.ir \u0641\u0631\u0645 \u0633\u0627\u0632 \u0641\u0631\u0645 \u0627\u0641\u0632\u0627\u0631 allows Stored XSS.This issue affects \u0641\u0631\u0645 \u0633\u0627\u0632 \u0641\u0631\u0645 \u0627\u0641\u0632\u0627\u0631: from n/a through 2.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/formafzar/vulnerability/wordpress-frm-s-z-frm-fz-r-plugin-2-0-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22525.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22525.json new file mode 100644 index 00000000000..106cf914fe7 --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22525.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22525", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:47.830", + "lastModified": "2025-01-07T16:15:47.830", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bharatkambariya Donation Block For PayPal allows Stored XSS.This issue affects Donation Block For PayPal: from n/a through 2.2.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/donations-block/vulnerability/wordpress-donation-block-for-paypal-plugin-2-2-0-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22528.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22528.json new file mode 100644 index 00000000000..d5a52319a0c --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22528.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22528", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:47.987", + "lastModified": "2025-01-07T16:15:47.987", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Huurkalender Huurkalender WP allows Stored XSS.This issue affects Huurkalender WP: from n/a through 1.5.6." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/huurkalender-wp/vulnerability/wordpress-huurkalender-wp-plugin-1-5-6-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22529.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22529.json new file mode 100644 index 00000000000..9ba558fcda9 --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22529.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22529", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:48.180", + "lastModified": "2025-01-07T16:15:48.180", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WORDPRESTEEM WE Blocks allows Stored XSS.This issue affects WE Blocks: from n/a through 1.3.5." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/we-blocks/vulnerability/wordpress-we-blocks-1-3-5-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22530.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22530.json new file mode 100644 index 00000000000..55da6ac392e --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22530.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22530", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:48.350", + "lastModified": "2025-01-07T16:15:48.350", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SIOT \uc544\uc784\ud3ec\ud2b8 \uacb0\uc81c\ubc84\ud2bc \uc0dd\uc131 \ud50c\ub7ec\uadf8\uc778 allows Stored XSS.This issue affects \uc544\uc784\ud3ec\ud2b8 \uacb0\uc81c\ubc84\ud2bc \uc0dd\uc131 \ud50c\ub7ec\uadf8\uc778: from n/a through 1.1.19." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/iamport-payment/vulnerability/wordpress-plugin-1-1-19-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22531.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22531.json new file mode 100644 index 00000000000..e27d1d1c286 --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22531.json @@ -0,0 +1,86 @@ +{ + "id": "CVE-2025-22531", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:48.520", + "lastModified": "2025-01-07T16:15:48.520", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in M Bilal M Urdu Formatter \u2013 Shamil allows Stored XSS.This issue affects Urdu Formatter \u2013 Shamil: from n/a through 0.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/urdu-formatter-shamil/vulnerability/wordpress-urdu-formatter-shamil-plugin-0-1-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22532.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22532.json new file mode 100644 index 00000000000..d451007aa03 --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22532.json @@ -0,0 +1,86 @@ +{ + "id": "CVE-2025-22532", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:48.747", + "lastModified": "2025-01-07T16:15:48.747", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nagy Sandor Simple Photo Sphere allows Stored XSS.This issue affects Simple Photo Sphere: from n/a through 0.0.10." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/simple-photo-sphere/vulnerability/wordpress-simple-photo-sphere-plugin-0-0-10-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22533.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22533.json new file mode 100644 index 00000000000..ea609d26f62 --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22533.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22533", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:48.980", + "lastModified": "2025-01-07T16:15:48.980", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WOOEXIM.COM WOOEXIM allows SQL Injection.This issue affects WOOEXIM: from n/a through 5.0.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L", + "baseScore": 7.6, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wooexim/vulnerability/wordpress-wooexim-plugin-5-0-0-sql-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22534.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22534.json new file mode 100644 index 00000000000..7df17cddf86 --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22534.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22534", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:49.130", + "lastModified": "2025-01-07T16:15:49.130", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in Ella van Durpe Slides & Presentations allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Slides & Presentations: from n/a through 0.0.39." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/slide/vulnerability/wordpress-slides-presentations-plugin-0-0-39-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22536.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22536.json new file mode 100644 index 00000000000..29104ac9ad7 --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22536.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22536", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:49.293", + "lastModified": "2025-01-07T16:15:49.293", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Hiren Patel WP Music Player allows SQL Injection.This issue affects WP Music Player: from n/a through 1.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L", + "baseScore": 7.6, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wp-music-player/vulnerability/wordpress-wp-music-player-plugin-1-3-sql-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22538.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22538.json new file mode 100644 index 00000000000..dd9964a7f72 --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22538.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22538", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:49.460", + "lastModified": "2025-01-07T16:15:49.460", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Ofek Nakar Virtual Bot allows Stored XSS.This issue affects Virtual Bot: from n/a through 1.0.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/virtual-bot/vulnerability/wordpress-virtual-bot-plugin-1-0-0-csrf-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22541.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22541.json new file mode 100644 index 00000000000..976da6a0c04 --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22541.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22541", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:49.670", + "lastModified": "2025-01-07T16:15:49.670", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in Etruel Developments LLC WP Delete Post Copies allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Delete Post Copies: from n/a through 5.5." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/etruel-del-post-copies/vulnerability/wordpress-wp-delete-post-copies-plugin-5-5-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22543.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22543.json new file mode 100644 index 00000000000..eaba55712c1 --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22543.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22543", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:49.830", + "lastModified": "2025-01-07T16:15:49.830", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in Beautiful Templates ST Gallery WP allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ST Gallery WP: from n/a through 1.0.8." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/st-gallery-wp/vulnerability/wordpress-st-gallery-wp-plugin-1-0-8-settings-change-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22544.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22544.json new file mode 100644 index 00000000000..2a87a51ac09 --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22544.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22544", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:50.003", + "lastModified": "2025-01-07T16:15:50.003", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mind Doodle Mind Doodle Visual Sitemaps & Tasks allows Stored XSS.This issue affects Mind Doodle Visual Sitemaps & Tasks: from n/a through 1.6." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/mind-doodle-sitemap/vulnerability/wordpress-mind-doodle-visual-sitemaps-tasks-plugin-1-6-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22545.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22545.json new file mode 100644 index 00000000000..e4ea85594f5 --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22545.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22545", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:50.140", + "lastModified": "2025-01-07T16:15:50.140", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sw-galati.ro iframe to embed allows Stored XSS.This issue affects iframe to embed: from n/a through 1.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/iframe-to-embed/vulnerability/wordpress-iframe-to-embed-plugin-1-2-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22546.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22546.json new file mode 100644 index 00000000000..060ef1dac06 --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22546.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22546", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:50.300", + "lastModified": "2025-01-07T16:15:50.300", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in One Plus Solution jQuery TwentyTwenty allows Stored XSS.This issue affects jQuery TwentyTwenty: from n/a through 1.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/js-twentytwenty/vulnerability/wordpress-jquery-twentytwenty-plugin-1-0-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22547.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22547.json new file mode 100644 index 00000000000..04a84d0060c --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22547.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22547", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:50.463", + "lastModified": "2025-01-07T16:15:50.463", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jay Krishnan G JK Html To Pdf allows Stored XSS.This issue affects JK Html To Pdf: from n/a through 1.0.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/jk-html-to-pdf/vulnerability/wordpress-jk-html-to-pdf-plugin-1-0-0-csrf-to-stored-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22548.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22548.json new file mode 100644 index 00000000000..ec130090076 --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22548.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22548", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:50.623", + "lastModified": "2025-01-07T16:15:50.623", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Frank Koenen ldap_login_password_and_role_manager allows Stored XSS.This issue affects ldap_login_password_and_role_manager: from n/a through 1.0.12." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/ldap-login-password-and-role-manager/vulnerability/wordpress-ldap-login-password-and-role-manager-plugin-1-0-12-csrf-to-stored-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22549.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22549.json new file mode 100644 index 00000000000..e625be82378 --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22549.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22549", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:50.790", + "lastModified": "2025-01-07T16:15:50.790", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pablo Cornehl WP Github allows Stored XSS.This issue affects WP Github: from n/a through 1.3.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wp-github/vulnerability/wordpress-wp-github-plugin-1-3-3-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22550.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22550.json new file mode 100644 index 00000000000..5008029f3d3 --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22550.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22550", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:50.960", + "lastModified": "2025-01-07T16:15:50.960", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AddFunc AddFunc Mobile Detect allows Stored XSS.This issue affects AddFunc Mobile Detect: from n/a through 3.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/addfunc-mobile-detect/vulnerability/wordpress-addfunc-mobile-detect-plugin-3-1-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22551.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22551.json new file mode 100644 index 00000000000..131c993badd --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22551.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22551", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:51.127", + "lastModified": "2025-01-07T16:15:51.127", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Julien Crego Boot-Modal allows Stored XSS.This issue affects Boot-Modal: from n/a through 1.9.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/boot-modal/vulnerability/wordpress-boot-modal-plugin-1-9-1-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22552.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22552.json new file mode 100644 index 00000000000..da98e4ddfbf --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22552.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22552", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:51.277", + "lastModified": "2025-01-07T16:15:51.277", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Jason Keeley, Bryan Nielsen Affiliate Disclosure Statement allows Cross Site Request Forgery.This issue affects Affiliate Disclosure Statement: from n/a through 0.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/affiliate-disclosure-statement/vulnerability/wordpress-affiliate-disclosure-statement-plugin-0-3-csrf-to-stored-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22554.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22554.json new file mode 100644 index 00000000000..14bd57be0d8 --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22554.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22554", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:51.443", + "lastModified": "2025-01-07T16:15:51.443", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Eric Franklin Video Embed Optimizer allows Stored XSS.This issue affects Video Embed Optimizer: from n/a through 1.0.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/video-embed-optimizer/vulnerability/wordpress-video-embed-optimizer-plugin-1-0-0-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22555.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22555.json new file mode 100644 index 00000000000..f4c409de290 --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22555.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22555", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:51.627", + "lastModified": "2025-01-07T16:15:51.627", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Noel Jarencio. Smoothness Slider Shortcode allows Cross Site Request Forgery.This issue affects Smoothness Slider Shortcode: from n/a through v1.2.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/smoothness-slider-shortcode/vulnerability/wordpress-smoothness-slider-shortcode-plugin-v1-2-2-csrf-to-stored-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22556.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22556.json new file mode 100644 index 00000000000..f22c09ea039 --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22556.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22556", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:51.780", + "lastModified": "2025-01-07T16:15:51.780", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Greg Whitehead Norse Rune Oracle Plugin allows Cross Site Request Forgery.This issue affects Norse Rune Oracle Plugin: from n/a through 1.4.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/norse-runes-oracle/vulnerability/wordpress-norse-rune-oracle-plugin-1-4-1-csrf-to-stored-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22557.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22557.json new file mode 100644 index 00000000000..66ea9663ac4 --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22557.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22557", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:51.920", + "lastModified": "2025-01-07T16:15:51.920", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in WPMagic News Publisher Autopilot allows Cross Site Request Forgery.This issue affects News Publisher Autopilot: from n/a through 2.1.4." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wpm-news-api/vulnerability/wordpress-news-publisher-autopilot-plugin-2-1-4-csrf-to-stored-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22558.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22558.json new file mode 100644 index 00000000000..b6eba3f2d92 --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22558.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22558", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:52.080", + "lastModified": "2025-01-07T16:15:52.080", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Marcus C. J. Hartmann mcjh button shortcode allows Stored XSS.This issue affects mcjh button shortcode: from n/a through 1.6.4." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/mcjh-button-shortcode/vulnerability/wordpress-mcjh-button-shortcode-plugin-1-6-4-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22559.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22559.json new file mode 100644 index 00000000000..064e12068f4 --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22559.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22559", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:52.243", + "lastModified": "2025-01-07T16:15:52.243", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Mario Mansour and Geoff Peters TubePress.NET allows Cross Site Request Forgery.This issue affects TubePress.NET: from n/a through 4.0.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/tubepressnet/vulnerability/wordpress-tubepress-net-plugin-4-0-1-csrf-to-stored-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22560.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22560.json new file mode 100644 index 00000000000..418dfb33b29 --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22560.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22560", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:52.380", + "lastModified": "2025-01-07T16:15:52.380", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in Saoshyant.1994 Saoshyant Page Builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Saoshyant Page Builder: from n/a through 3.8." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/saoshyant-page-builder/vulnerability/wordpress-saoshyant-page-builder-plugin-3-8-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22562.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22562.json new file mode 100644 index 00000000000..76cb72c1f6d --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22562.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22562", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:52.540", + "lastModified": "2025-01-07T16:15:52.540", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Jason Funk Title Experiments Free allows Cross Site Request Forgery.This issue affects Title Experiments Free: from n/a through 9.0.4." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wp-experiments-free/vulnerability/wordpress-title-experiments-free-plugin-9-0-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22563.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22563.json new file mode 100644 index 00000000000..a339b2ef7b4 --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22563.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22563", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:52.940", + "lastModified": "2025-01-07T16:15:52.940", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Faaiq Pretty Url allows Cross Site Request Forgery.This issue affects Pretty Url: from n/a through 1.5.4." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/pretty-url/vulnerability/wordpress-pretty-urls-plugin-1-5-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22571.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22571.json new file mode 100644 index 00000000000..2ef0246a308 --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22571.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22571", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:53.187", + "lastModified": "2025-01-07T16:15:53.187", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Instabot Instabot allows Cross Site Request Forgery.This issue affects Instabot: from n/a through 1.10." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/instabot/vulnerability/wordpress-instabot-plugin-1-10-csrf-to-stored-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22572.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22572.json new file mode 100644 index 00000000000..17435a45c9d --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22572.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22572", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:53.357", + "lastModified": "2025-01-07T16:15:53.357", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in brianmiyaji Legacy ePlayer allows Stored XSS.This issue affects Legacy ePlayer: from n/a through 0.9.9." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/sportspress-tv/vulnerability/wordpress-legacy-eplayer-plugin-0-9-9-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22573.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22573.json new file mode 100644 index 00000000000..9041c17296b --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22573.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22573", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:53.520", + "lastModified": "2025-01-07T16:15:53.520", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in copist Icons Enricher allows Stored XSS.This issue affects Icons Enricher: from n/a through 1.0.8." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/icons-enricher/vulnerability/wordpress-icons-enricher-plugin-1-0-8-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22574.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22574.json new file mode 100644 index 00000000000..de916961ba6 --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22574.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22574", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:53.667", + "lastModified": "2025-01-07T16:15:53.667", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Joe Motacek ICS Button allows Stored XSS.This issue affects ICS Button: from n/a through 0.6." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/ics-button/vulnerability/wordpress-ics-button-plugin-0-6-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22577.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22577.json new file mode 100644 index 00000000000..2ca5416f02c --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22577.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22577", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:53.823", + "lastModified": "2025-01-07T16:15:53.823", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Damion Armentrout Able Player allows DOM-Based XSS.This issue affects Able Player: from n/a through 1.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wp-able-player/vulnerability/wordpress-able-player-plugin-1-0-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22578.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22578.json new file mode 100644 index 00000000000..66bd0270a5e --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22578.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22578", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:53.970", + "lastModified": "2025-01-07T16:15:53.970", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AazzTech WP Cookie allows Stored XSS.This issue affects WP Cookie: from n/a through 1.0.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 5.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 1.7, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wp-cookie/vulnerability/wordpress-wp-cookie-plugin-1-0-0-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22579.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22579.json new file mode 100644 index 00000000000..9fdc567a2dc --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22579.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22579", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:54.130", + "lastModified": "2025-01-07T16:15:54.130", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Arefly WP Header Notification allows Stored XSS.This issue affects WP Header Notification: from n/a through 1.2.7." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 5.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 1.7, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wp-header-notification/vulnerability/wordpress-wp-header-notification-plugin-1-2-7-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22580.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22580.json new file mode 100644 index 00000000000..6854cabbc3e --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22580.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22580", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:54.303", + "lastModified": "2025-01-07T16:15:54.303", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Biltorvet A/S Biltorvet Dealer Tools allows Stored XSS.This issue affects Biltorvet Dealer Tools: from n/a through 1.0.22." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/biltorvet-dealer-tools/vulnerability/wordpress-biltorvet-dealer-tools-plugin-1-0-22-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22581.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22581.json new file mode 100644 index 00000000000..b24102149bd --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22581.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22581", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:54.467", + "lastModified": "2025-01-07T16:15:54.467", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bytephp Arcade Ready allows Stored XSS.This issue affects Arcade Ready: from n/a through 1.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/arcadeready/vulnerability/wordpress-arcade-ready-plugin-1-1-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22582.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22582.json new file mode 100644 index 00000000000..d4c45b680c3 --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22582.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22582", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:54.640", + "lastModified": "2025-01-07T16:15:54.640", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Scott Nell\u00e9 Uptime Robot allows Stored XSS.This issue affects Uptime Robot: from n/a through 0.1.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/uptime-robot/vulnerability/wordpress-uptime-robot-plugin-0-1-3-csrf-to-stored-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22584.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22584.json new file mode 100644 index 00000000000..c25184957d4 --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22584.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22584", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:54.780", + "lastModified": "2025-01-07T16:15:54.780", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in pluginspoint Timeline Pro allows DOM-Based XSS.This issue affects Timeline Pro: from n/a through 1.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/timeline-pro/vulnerability/wordpress-timeline-pro-plugin-1-3-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22585.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22585.json new file mode 100644 index 00000000000..2265c49dc49 --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22585.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22585", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:54.923", + "lastModified": "2025-01-07T16:15:54.923", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themebon Ultimate Image Hover Effects allows DOM-Based XSS.This issue affects Ultimate Image Hover Effects: from n/a through 1.1.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/ultimate-image-hover-effects/vulnerability/wordpress-ultimate-image-hover-effects-plugin-1-1-2-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22589.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22589.json new file mode 100644 index 00000000000..c5ff36d98b8 --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22589.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22589", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:55.053", + "lastModified": "2025-01-07T16:15:55.053", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in bozdoz Quote Tweet allows Stored XSS.This issue affects Quote Tweet: from n/a through 0.7." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/quote-tweet/vulnerability/wordpress-quote-tweet-plugin-0-7-csrf-to-stored-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22590.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22590.json new file mode 100644 index 00000000000..5a830c70829 --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22590.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22590", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:55.200", + "lastModified": "2025-01-07T16:15:55.200", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in mmrs151 Prayer Times Anywhere allows Stored XSS.This issue affects Prayer Times Anywhere: from n/a through 2.0.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/prayer-times-anywhere/vulnerability/wordpress-prayer-times-anywhere-plugin-2-0-1-csrf-to-stored-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22591.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22591.json new file mode 100644 index 00000000000..5437cc53c7b --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22591.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22591", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:55.337", + "lastModified": "2025-01-07T16:15:55.337", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in Lenderd 1003 Mortgage Application allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 1003 Mortgage Application: from n/a through 1.87." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/1003-mortgage-application/vulnerability/wordpress-1003-mortgage-application-plugin-1-87-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22592.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22592.json new file mode 100644 index 00000000000..fc1c9606801 --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22592.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22592", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:55.470", + "lastModified": "2025-01-07T16:15:55.470", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in Lenderd 1003 Mortgage Application allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects 1003 Mortgage Application: from n/a through 1.87." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/1003-mortgage-application/vulnerability/wordpress-1003-mortgage-application-plugin-1-87-broken-access-control-vulnerability-2?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-225xx/CVE-2025-22593.json b/CVE-2025/CVE-2025-225xx/CVE-2025-22593.json new file mode 100644 index 00000000000..b809a8ed811 --- /dev/null +++ b/CVE-2025/CVE-2025-225xx/CVE-2025-22593.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-22593", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-07T16:15:55.627", + "lastModified": "2025-01-07T16:15:55.627", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Burria Laika Pedigree Tree allows Stored XSS.This issue affects Laika Pedigree Tree: from n/a through 1.4." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/laika-pedigree-tree/vulnerability/wordpress-laika-pedigree-tree-plugin-1-4-csrf-to-stored-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index c74396b9c57..fb482f79faf 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2025-01-07T15:00:39.340148+00:00 +2025-01-07T17:00:28.092861+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2025-01-07T14:53:39.337000+00:00 +2025-01-07T17:00:00.897000+00:00 ``` ### Last Data Feed Release @@ -33,43 +33,69 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -276064 +276162 ``` ### CVEs added in the last Commit -Recently added CVEs: `6` +Recently added CVEs: `98` -- [CVE-2024-12131](CVE-2024/CVE-2024-121xx/CVE-2024-12131.json) (`2025-01-07T13:15:06.440`) -- [CVE-2024-12426](CVE-2024/CVE-2024-124xx/CVE-2024-12426.json) (`2025-01-07T13:15:07.210`) -- [CVE-2024-12738](CVE-2024/CVE-2024-127xx/CVE-2024-12738.json) (`2025-01-07T13:15:07.357`) -- [CVE-2024-45100](CVE-2024/CVE-2024-451xx/CVE-2024-45100.json) (`2025-01-07T13:15:07.530`) -- [CVE-2024-45640](CVE-2024/CVE-2024-456xx/CVE-2024-45640.json) (`2025-01-07T13:15:07.690`) -- [CVE-2025-0294](CVE-2025/CVE-2025-02xx/CVE-2025-0294.json) (`2025-01-07T14:15:24.277`) +- [CVE-2025-22555](CVE-2025/CVE-2025-225xx/CVE-2025-22555.json) (`2025-01-07T16:15:51.627`) +- [CVE-2025-22556](CVE-2025/CVE-2025-225xx/CVE-2025-22556.json) (`2025-01-07T16:15:51.780`) +- [CVE-2025-22557](CVE-2025/CVE-2025-225xx/CVE-2025-22557.json) (`2025-01-07T16:15:51.920`) +- [CVE-2025-22558](CVE-2025/CVE-2025-225xx/CVE-2025-22558.json) (`2025-01-07T16:15:52.080`) +- [CVE-2025-22559](CVE-2025/CVE-2025-225xx/CVE-2025-22559.json) (`2025-01-07T16:15:52.243`) +- [CVE-2025-22560](CVE-2025/CVE-2025-225xx/CVE-2025-22560.json) (`2025-01-07T16:15:52.380`) +- [CVE-2025-22562](CVE-2025/CVE-2025-225xx/CVE-2025-22562.json) (`2025-01-07T16:15:52.540`) +- [CVE-2025-22563](CVE-2025/CVE-2025-225xx/CVE-2025-22563.json) (`2025-01-07T16:15:52.940`) +- [CVE-2025-22571](CVE-2025/CVE-2025-225xx/CVE-2025-22571.json) (`2025-01-07T16:15:53.187`) +- [CVE-2025-22572](CVE-2025/CVE-2025-225xx/CVE-2025-22572.json) (`2025-01-07T16:15:53.357`) +- [CVE-2025-22573](CVE-2025/CVE-2025-225xx/CVE-2025-22573.json) (`2025-01-07T16:15:53.520`) +- [CVE-2025-22574](CVE-2025/CVE-2025-225xx/CVE-2025-22574.json) (`2025-01-07T16:15:53.667`) +- [CVE-2025-22577](CVE-2025/CVE-2025-225xx/CVE-2025-22577.json) (`2025-01-07T16:15:53.823`) +- [CVE-2025-22578](CVE-2025/CVE-2025-225xx/CVE-2025-22578.json) (`2025-01-07T16:15:53.970`) +- [CVE-2025-22579](CVE-2025/CVE-2025-225xx/CVE-2025-22579.json) (`2025-01-07T16:15:54.130`) +- [CVE-2025-22580](CVE-2025/CVE-2025-225xx/CVE-2025-22580.json) (`2025-01-07T16:15:54.303`) +- [CVE-2025-22581](CVE-2025/CVE-2025-225xx/CVE-2025-22581.json) (`2025-01-07T16:15:54.467`) +- [CVE-2025-22582](CVE-2025/CVE-2025-225xx/CVE-2025-22582.json) (`2025-01-07T16:15:54.640`) +- [CVE-2025-22584](CVE-2025/CVE-2025-225xx/CVE-2025-22584.json) (`2025-01-07T16:15:54.780`) +- [CVE-2025-22585](CVE-2025/CVE-2025-225xx/CVE-2025-22585.json) (`2025-01-07T16:15:54.923`) +- [CVE-2025-22589](CVE-2025/CVE-2025-225xx/CVE-2025-22589.json) (`2025-01-07T16:15:55.053`) +- [CVE-2025-22590](CVE-2025/CVE-2025-225xx/CVE-2025-22590.json) (`2025-01-07T16:15:55.200`) +- [CVE-2025-22591](CVE-2025/CVE-2025-225xx/CVE-2025-22591.json) (`2025-01-07T16:15:55.337`) +- [CVE-2025-22592](CVE-2025/CVE-2025-225xx/CVE-2025-22592.json) (`2025-01-07T16:15:55.470`) +- [CVE-2025-22593](CVE-2025/CVE-2025-225xx/CVE-2025-22593.json) (`2025-01-07T16:15:55.627`) ### CVEs modified in the last Commit -Recently modified CVEs: `18` +Recently modified CVEs: `86` -- [CVE-2023-25174](CVE-2023/CVE-2023-251xx/CVE-2023-25174.json) (`2025-01-07T14:46:09.667`) -- [CVE-2023-28739](CVE-2023/CVE-2023-287xx/CVE-2023-28739.json) (`2025-01-07T14:46:07.007`) -- [CVE-2023-50927](CVE-2023/CVE-2023-509xx/CVE-2023-50927.json) (`2025-01-07T14:53:39.337`) -- [CVE-2024-1649](CVE-2024/CVE-2024-16xx/CVE-2024-1649.json) (`2025-01-07T14:36:30.327`) -- [CVE-2024-1650](CVE-2024/CVE-2024-16xx/CVE-2024-1650.json) (`2025-01-07T14:36:06.543`) -- [CVE-2024-1652](CVE-2024/CVE-2024-16xx/CVE-2024-1652.json) (`2025-01-07T14:35:51.790`) -- [CVE-2024-1653](CVE-2024/CVE-2024-16xx/CVE-2024-1653.json) (`2025-01-07T14:35:33.360`) -- [CVE-2024-1906](CVE-2024/CVE-2024-19xx/CVE-2024-1906.json) (`2025-01-07T14:34:56.787`) -- [CVE-2024-1907](CVE-2024/CVE-2024-19xx/CVE-2024-1907.json) (`2025-01-07T14:34:27.417`) -- [CVE-2024-1909](CVE-2024/CVE-2024-19xx/CVE-2024-1909.json) (`2025-01-07T14:34:08.927`) -- [CVE-2024-1910](CVE-2024/CVE-2024-19xx/CVE-2024-1910.json) (`2025-01-07T14:33:31.300`) -- [CVE-2024-1912](CVE-2024/CVE-2024-19xx/CVE-2024-1912.json) (`2025-01-07T14:24:01.063`) -- [CVE-2024-45073](CVE-2024/CVE-2024-450xx/CVE-2024-45073.json) (`2025-01-07T14:36:34.757`) -- [CVE-2024-47298](CVE-2024/CVE-2024-472xx/CVE-2024-47298.json) (`2025-01-07T13:07:48.557`) -- [CVE-2024-47357](CVE-2024/CVE-2024-473xx/CVE-2024-47357.json) (`2025-01-07T13:29:50.210`) -- [CVE-2024-47391](CVE-2024/CVE-2024-473xx/CVE-2024-47391.json) (`2025-01-07T13:57:47.850`) -- [CVE-2024-52893](CVE-2024/CVE-2024-528xx/CVE-2024-52893.json) (`2025-01-07T12:15:25.153`) -- [CVE-2024-9358](CVE-2024/CVE-2024-93xx/CVE-2024-9358.json) (`2025-01-07T14:23:31.477`) +- [CVE-2024-51112](CVE-2024/CVE-2024-511xx/CVE-2024-51112.json) (`2025-01-07T15:15:10.270`) +- [CVE-2024-52000](CVE-2024/CVE-2024-520xx/CVE-2024-52000.json) (`2025-01-07T16:52:48.723`) +- [CVE-2024-52001](CVE-2024/CVE-2024-520xx/CVE-2024-52001.json) (`2025-01-07T16:48:41.057`) +- [CVE-2024-52002](CVE-2024/CVE-2024-520xx/CVE-2024-52002.json) (`2025-01-07T16:43:28.527`) +- [CVE-2024-53096](CVE-2024/CVE-2024-530xx/CVE-2024-53096.json) (`2025-01-07T15:42:04.183`) +- [CVE-2024-53103](CVE-2024/CVE-2024-531xx/CVE-2024-53103.json) (`2025-01-07T16:25:33.233`) +- [CVE-2024-53145](CVE-2024/CVE-2024-531xx/CVE-2024-53145.json) (`2025-01-07T16:14:57.543`) +- [CVE-2024-53149](CVE-2024/CVE-2024-531xx/CVE-2024-53149.json) (`2025-01-07T16:36:45.343`) +- [CVE-2024-53150](CVE-2024/CVE-2024-531xx/CVE-2024-53150.json) (`2025-01-07T16:38:32.010`) +- [CVE-2024-53151](CVE-2024/CVE-2024-531xx/CVE-2024-53151.json) (`2025-01-07T16:41:42.637`) +- [CVE-2024-53154](CVE-2024/CVE-2024-531xx/CVE-2024-53154.json) (`2025-01-07T15:58:21.587`) +- [CVE-2024-53155](CVE-2024/CVE-2024-531xx/CVE-2024-53155.json) (`2025-01-07T16:00:13.753`) +- [CVE-2024-53156](CVE-2024/CVE-2024-531xx/CVE-2024-53156.json) (`2025-01-07T16:02:00.303`) +- [CVE-2024-53157](CVE-2024/CVE-2024-531xx/CVE-2024-53157.json) (`2025-01-07T16:02:21.087`) +- [CVE-2024-53235](CVE-2024/CVE-2024-532xx/CVE-2024-53235.json) (`2025-01-07T16:02:48.350`) +- [CVE-2024-54767](CVE-2024/CVE-2024-547xx/CVE-2024-54767.json) (`2025-01-07T16:15:36.157`) +- [CVE-2024-54984](CVE-2024/CVE-2024-549xx/CVE-2024-54984.json) (`2025-01-07T15:15:10.720`) +- [CVE-2024-55407](CVE-2024/CVE-2024-554xx/CVE-2024-55407.json) (`2025-01-07T16:15:36.480`) +- [CVE-2024-55550](CVE-2024/CVE-2024-555xx/CVE-2024-55550.json) (`2025-01-07T16:15:36.660`) +- [CVE-2024-55553](CVE-2024/CVE-2024-555xx/CVE-2024-55553.json) (`2025-01-07T16:15:36.840`) +- [CVE-2024-8855](CVE-2024/CVE-2024-88xx/CVE-2024-8855.json) (`2025-01-07T16:15:37.873`) +- [CVE-2024-8857](CVE-2024/CVE-2024-88xx/CVE-2024-8857.json) (`2025-01-07T16:15:38.023`) +- [CVE-2024-9638](CVE-2024/CVE-2024-96xx/CVE-2024-9638.json) (`2025-01-07T16:15:38.170`) +- [CVE-2025-0294](CVE-2025/CVE-2025-02xx/CVE-2025-0294.json) (`2025-01-07T15:15:12.113`) +- [CVE-2025-21616](CVE-2025/CVE-2025-216xx/CVE-2025-21616.json) (`2025-01-07T16:15:40.390`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 58f59017f3a..a77715b7b6f 100644 --- a/_state.csv +++ b/_state.csv @@ -167039,6 +167039,7 @@ CVE-2021-20450,0,0,c277954dcc01142621c71d59d5d1fc644df23a1ada38b6368abecc3ca6c27 CVE-2021-20451,0,0,140727ef7c978a379a035c1b2ba5c8d9e8b59652213bcdbe5ff21accf16ab86f,2024-11-21T05:46:36.977000 CVE-2021-20453,0,0,69cac692ccb994b91ee56611307326b4371e627412e63b371dd093ede4578a39,2024-11-21T05:46:37.100000 CVE-2021-20454,0,0,b5a9b823983a12936ec287dc3098e2bed23b7aa3e8189b7deea101639225c258,2024-11-21T05:46:37.220000 +CVE-2021-20455,1,1,8b7018f692a10e801c382acdf873135d57690a09d34295e52fba3a2cb6405207,2025-01-07T16:15:27.430000 CVE-2021-2046,0,0,ad9de75bfb455d28bedfc8d0200a0362300a00bb9087c78e5ba220afb8420fbc,2024-11-21T06:02:15.540000 CVE-2021-20461,0,0,32bb741266cc653229bac24a9612d59bf6c19ecf87f4dbca4826c2185db1cdaf,2024-11-21T05:46:37.343000 CVE-2021-20464,0,0,47ae6cb8b812d3b3a5c9f84cd7749fc1250c97a6b5585c32f4656f620f51f5cf,2024-11-21T05:46:37.480000 @@ -192019,6 +192020,7 @@ CVE-2022-22358,0,0,84767261124809a9d1ed519f9f64155fc6ba5ec9fdf71fddbcd7410488522 CVE-2022-22359,0,0,2bf01eb540622dca847eaacee6236e255186c1277196c7cc79e981387a737156,2024-11-21T06:46:41.857000 CVE-2022-22360,0,0,565952d652a3bdb7d639feb074a1b0e26498767df3453bcf21d65b3148621e6f,2024-11-21T06:46:41.973000 CVE-2022-22361,0,0,10b0f271693e25631ef1989315b59440c197a948d70ee3735bfc385e81ac916f,2024-11-21T06:46:42.090000 +CVE-2022-22363,1,1,e770f7f5dbc3b57de7d846ca0e694a449e70e29864fe0c3385ac95fbf3aa5eb9,2025-01-07T16:15:28.050000 CVE-2022-22364,0,0,b731fe796d62d66b4e178e785141a2fdcaec9d0de2086193da11eb7b1cbc2491,2024-11-21T06:46:42.210000 CVE-2022-22365,0,0,93b131a9b6677b900794e8bfb444f14fa30b748b1163134645f09fea46b11764,2024-11-21T06:46:42.330000 CVE-2022-22366,0,0,09a7cac2af7c3326b1c4db129ec697d7b77dfaf6bb69f773673a6a77e39cac91,2024-11-21T06:46:42.450000 @@ -209399,7 +209401,7 @@ CVE-2022-43845,0,0,4dd0555a0d80dc6547097d2325e631aae8cc1a25ed03e0c104688f7fd5b7e CVE-2022-43848,0,0,10733803c11c371a0a9c9ee79c86f454e6481168e95b3e9730f0535811d5ceb8,2024-11-21T07:27:16.430000 CVE-2022-43849,0,0,19b75e027c95da1828001070b83b6be44a4cfbf71a32632e6411f0d83c7bf310,2024-11-21T07:27:16.567000 CVE-2022-4385,0,0,65f1a561c3e1db592a3f66f59cbfa3bb56e5e753c26fd7e5291d3b919454eb87,2024-11-21T07:35:10.627000 -CVE-2022-43855,0,0,d704a30800b4813275121053f8d67d07cc0bc76055bacfeb8e4efe8770112759,2024-11-21T07:27:16.697000 +CVE-2022-43855,0,1,64fbe7dc298ae5c5ac98c70a6d144003654c18affb03fce85bbaadaad755a546,2025-01-07T15:38:33.697000 CVE-2022-43857,0,0,c2306b55f2b4c37a83b047fd2388728e99b12612bc990aa59fe7703ba18ae695,2024-11-21T07:27:16.837000 CVE-2022-43858,0,0,f37263e6c9a749dffda738fdd0099cd194b151233806de545336aaf55f4891b9,2024-11-21T07:27:16.990000 CVE-2022-43859,0,0,fb5fcf2008667bf8e36fcb4c86b0d5f159050715bb8a549a5cfbc9fc72c9e289,2024-11-21T07:27:17.153000 @@ -212606,8 +212608,8 @@ CVE-2022-48638,0,0,7a36934df459d35a752e9c19975343358bc638b0a6803ab6e929e9511ae19 CVE-2022-48639,0,0,2bf64fdcd67f028c10f8b9e564b4b89ca3aa02bab5ff7a158a3f571c972d4c15,2024-11-21T07:33:40.237000 CVE-2022-4864,0,0,59b15f5eec2180ddfa7ce36526893d26fb614ed7bf416e8ac4ed3714bd6e2186,2024-11-21T07:36:05.780000 CVE-2022-48640,0,0,5e756f70cbddf596ac5b8ae586dd2af870a1a48da17b6fd47eabf03f4ed205b8,2024-11-21T07:33:40.350000 -CVE-2022-48641,0,0,4ba3df675183bf95be637d28c941a8e34686e0156044c932f75bcd4584baf243,2024-11-21T07:33:40.470000 -CVE-2022-48642,0,0,b753eacf71c73cb5318bce3fa9fee7340192e8e35156e658f3b56d43cbafa9e9,2024-11-21T07:33:40.583000 +CVE-2022-48641,0,1,99cb3d858a92705b7faa733f64ea99edcf4ba5c00c38154dda248e15af991606,2025-01-07T16:57:26.363000 +CVE-2022-48642,0,1,68582f54759adaad89e7572c48a2bb40facbf5e58029a83e5488b10b4265fdd3,2025-01-07T16:58:08.190000 CVE-2022-48643,0,0,ab9b649f55ad96816c2493c31f5a05b2eb566c44703b1f0180a6a102d8ac6207,2024-11-21T07:33:40.710000 CVE-2022-48644,0,0,c5039b46b0d136554ba427d83c4470091587ebeb56eef158e382b1a908e7e2d6,2024-11-21T07:33:40.817000 CVE-2022-48645,0,0,4d8ec773eaf2c6a6981744ed20ef9fe75b117903e4fb588c647780c2e96ceca6,2024-11-21T07:33:40.933000 @@ -213748,9 +213750,9 @@ CVE-2023-0662,0,0,c41719169476ca9b8e5799d04b3db3add3444c0ea739c0a159030df6d85174 CVE-2023-0663,0,0,e551da6aa8b74e91f43f593061ac3862fa32da542869afeccfd2b069aa7b8f68,2024-11-21T07:37:34.953000 CVE-2023-0664,0,0,c52e01a2288988dad950f445c26784fe498a8022c387f4a0b5bc8ba3c8d2af2a,2024-11-21T07:37:35.087000 CVE-2023-0665,0,0,f38be998f5b2ed4f8a710dae6c708e87a0da01499468b6ac7f9425307dec03ce,2024-11-21T07:37:35.217000 -CVE-2023-0666,0,0,e601d6e2ef968013e4ad3d2c16396937aeda160f1d59d5ed313d1e907ae09f38,2024-11-21T07:37:35.337000 +CVE-2023-0666,0,1,ffdb9ed65b66d9501fb7ba4f3ba75e2f59e17b429aa8ed9e9aade22c103edf94,2025-01-07T16:15:28.873000 CVE-2023-0667,0,0,6ce2da8cd021a850e6b966b13d3f1c5aa6c4612f36c388d5e418ef2a0edd1e51,2025-01-06T21:15:08.783000 -CVE-2023-0668,0,0,1221f6f7674e0e5532e0a96f2bb02fec11ded7bb0e1a8757ae41ec8d07299e5d,2024-11-21T07:37:35.593000 +CVE-2023-0668,0,1,0bcd556958f148852498223d61a9b6e12f93a04aba52c0ec5107946ad0f89ac1,2025-01-07T16:15:29.157000 CVE-2023-0669,0,0,fff921b621ad70082c23fad8bf9015d87babc283877a7fa6ac12ff58fee6f287,2024-11-21T07:37:35.710000 CVE-2023-0670,0,0,5bdded158185e9657a0a331db34ccdf5912942247170670e10672ccd4117ea74,2024-11-21T07:37:35.850000 CVE-2023-0671,0,0,31a0191d43d5caefbf53a2b1834f7f7af28c570b673efd2065d279713f8ddd58,2024-11-21T07:37:35.960000 @@ -215679,8 +215681,8 @@ CVE-2023-20884,0,0,4423dfb254ef19cd65eb6cdc64b42d779ddefab65e5ccd6f3e9ec2229f3ac CVE-2023-20885,0,0,0dfdf492922f0b854de542b4e33abc881f21c058cd2a01cc3c31dff463cde87b,2024-12-16T20:15:06.557000 CVE-2023-20886,0,0,7a982823666f96ea57050e3be9fa8d457665501ecee354ebbfe73207a1794a5a,2024-11-21T07:41:45.290000 CVE-2023-20887,0,0,072fa55b19037026443d59f5a8b6eb8c8f0d66a8ce2a12de803a75a2e2066424,2025-01-06T22:15:07.900000 -CVE-2023-20888,0,0,e03cf06dd5012afdda78f681ac98a364559ac8fc4597fa2ee9018f51d61300f4,2024-11-21T07:41:45.533000 -CVE-2023-20889,0,0,e6e44142c6e6e1330ee4d8b33b4bc75384a23d6170302608e58ef0009bf5d341,2024-11-21T07:41:45.643000 +CVE-2023-20888,0,1,723c7f0b957cdef56a4661c479c825f356eedc0bc04101cdf7f7700b2e357931,2025-01-07T16:15:29.400000 +CVE-2023-20889,0,1,fd83950042aec40275dad2507592571009f6b50d10101fb2b79214d35f573bc1,2025-01-07T16:15:29.613000 CVE-2023-2089,0,0,71b86ef69634c1f1cecb80679171d8c1d18cdf2b9a712b87a474c4a7b660ee38,2024-11-21T07:57:54.870000 CVE-2023-20890,0,0,c6d89d2ff550700edc8ac2e64d97d12842613e678a3a487ff3860e6c922c6b29,2024-11-21T07:41:45.750000 CVE-2023-20891,0,0,0a9ec7ceee2a6f45f9dcb69e11b8f16e9ae513637c8989ce0cc9bd0e4e2531fb,2024-11-21T07:41:45.863000 @@ -219410,7 +219412,7 @@ CVE-2023-25170,0,0,057160f9314983baa5bd227323f297f78082e35eb18fa071d47f11bc94530 CVE-2023-25171,0,0,3e0eb2aee734110dba13b518961bca99c6bad99ec89c7c7ae9df2952cbcc990a,2024-11-21T07:49:14.837000 CVE-2023-25172,0,0,16eb8035eb7a049197550b4a5e2ecfc61fed9e8f54e6b5b457d430c9cbfb80d7,2024-11-21T07:49:14.957000 CVE-2023-25173,0,0,edc8e484655ace43d21b795a9a7b322378a7dc4bbde3e375322232d4b7665cad,2024-11-21T07:49:15.083000 -CVE-2023-25174,0,1,6d36d193b6b4d244d306ab2b76dca2fa5cb420816b4a4916979b86b11a9f4d99,2025-01-07T14:46:09.667000 +CVE-2023-25174,0,0,6d36d193b6b4d244d306ab2b76dca2fa5cb420816b4a4916979b86b11a9f4d99,2025-01-07T14:46:09.667000 CVE-2023-25175,0,0,14da3309e449a26f2db353e124e6628f013b4b5c892a809706d8afea473929fc,2024-11-21T07:49:15.347000 CVE-2023-25176,0,0,811bd6f815bdd74f9f545f98c1b4e42191046e2d4b0c1c9a556dbfe2119917ed,2024-12-16T19:50:09.707000 CVE-2023-25177,0,0,f6878620bdd8eb602a1de3da15bb032f97d2cfaa52f6f2789905c937aa83b2f0,2024-11-21T07:49:15.593000 @@ -219486,7 +219488,7 @@ CVE-2023-25289,0,0,de0ce224bffd109739500be01369899ca72d949f8d8a7146bf4bf245dda25 CVE-2023-2529,0,0,e0c597e5f44df4f0fa35a31922c8c63e9eda9621312de091657b5b531d976868,2024-11-21T07:58:47.050000 CVE-2023-25292,0,0,1f86a32d6a4338c659d4285a5fc98df6a17b54f2c670480f9fe0a7bdeb97ad9e,2024-11-21T07:49:23.620000 CVE-2023-25295,0,0,a98834b6bd1f87785173f8777c2482cbef1ded510a102976fe5e23312fa33c78,2024-11-21T07:49:23.760000 -CVE-2023-2530,0,0,71950678ea29c0822897ee1040924f35fe65122366c933e3a80c6283d9a26944,2024-11-21T07:58:47.160000 +CVE-2023-2530,0,1,db6a677f08220af6ab3816d0cbd5e5581c51871954258b8e0fcc2eb2fac4c605,2025-01-07T16:15:29.843000 CVE-2023-25303,0,0,0fff8997fbb0dad0658b1458cb96909339d0a3ee3f17f6cda9f8e25ba49cee9d,2024-11-21T07:49:23.910000 CVE-2023-25304,0,0,28a9fcfe9f8defd2b94db49ca3a63558bcf2cd3ca6efe7b0c3e6f407ffddeb97,2024-11-21T07:49:24.047000 CVE-2023-25305,0,0,e034ff43c37edb7c066168ed0e8780cecf32ded05354e03285f0640dac3342bf,2024-11-21T07:49:24.173000 @@ -222353,7 +222355,7 @@ CVE-2023-28733,0,0,f8c56c8da91c51950a8edf16e490e31729908ff8feeb3f9beb82ebef1f06c CVE-2023-28736,0,0,e553d2934b14a833ca8e1f8e29391076f339e58bb0cda964897ef06bc36a6b96,2024-11-21T07:55:53.890000 CVE-2023-28737,0,0,80a324cb0b176cbc33e16427a86e53b56e3a06a6554775124cd700d4f799907b,2024-11-21T07:55:54.023000 CVE-2023-28738,0,0,87e5d8a1c7d6b79fc18ae9a4627a7fb69f89c652f6ddc7c831d1d374a2937881,2024-11-21T07:55:54.190000 -CVE-2023-28739,0,1,59f43d38acf972741a16c9e2a8f50fc65ef56a4b500388f4cf2eac00df63ba4a,2025-01-07T14:46:07.007000 +CVE-2023-28739,0,0,59f43d38acf972741a16c9e2a8f50fc65ef56a4b500388f4cf2eac00df63ba4a,2025-01-07T14:46:07.007000 CVE-2023-2874,0,0,08f1d9fa206e08b840e71219c636c6e57a18cc2cf199fbee37dcbf5b282c9f0b,2024-11-21T07:59:28.273000 CVE-2023-28740,0,0,bbbfb5ca24f7883135a918ee4c0108a6173cc23456bfce0c658f08eeca95e96d,2024-11-21T07:55:54.487000 CVE-2023-28741,0,0,cad3eed9224b90e7979599e5e4b4870b693defeef43fda97fa3e5d7443e0ed3c,2024-11-21T07:55:54.657000 @@ -224149,9 +224151,9 @@ CVE-2023-31101,0,0,84390422dbf5a5821e8f914f92993664c448911aa69b3d18f44ad9c02ab10 CVE-2023-31102,0,0,0befc70f83111f1d99f825978a0e14dbded8ec6a90b35f966fe71f085d9e1dd9,2024-11-21T08:01:25.310000 CVE-2023-31103,0,0,c126d74ecf5c8750ea2a8ac6630f10fb115366517006f7188ade051da19d7f41,2024-11-21T08:01:25.553000 CVE-2023-3111,0,0,6d3d3c61c7709921810ccdbf24a159b026d4c2c7113ef97420750e9567380cc7,2024-11-21T08:16:29.017000 -CVE-2023-31114,0,0,3684b5e686f898612ab5c45dc2831f56d1d0f51351ead93ee88b0602e8fe2728,2024-11-21T08:01:25.737000 -CVE-2023-31115,0,0,90c12615cf9eae8dee8393d616e9323b8522e6a406c53142a56ccf3b17c09948,2024-11-21T08:01:25.877000 -CVE-2023-31116,0,0,f27b45f6decd67798cf4d287bb4940e8333e2df3ee1b9708308e8705f5bb2df9,2024-11-21T08:01:26.033000 +CVE-2023-31114,0,1,00399776dc80a67be64865596040d39cdeea521434ac9adca360562a6af8fb2f,2025-01-07T15:15:06.800000 +CVE-2023-31115,0,1,0a9658ffe7dda834de67822bab10923e699c8c59bb4f6fc69994082426af92d9,2025-01-07T15:15:07.683000 +CVE-2023-31116,0,1,c55675266d454aebeb27737d038748d80f3794b5e0768fb210700351bf7de879,2025-01-07T15:15:07.850000 CVE-2023-3112,0,0,5732cc69571acd1eb4f8657f50860bcffb6be054e7e94a4152f7d92b7818c82a,2024-11-21T08:16:29.187000 CVE-2023-31122,0,0,775fb6ca489442b871f995b94e395eecdc6cd94f9e7eb529e9f77ce9781aabcf,2024-11-21T08:01:26.177000 CVE-2023-31123,0,0,ea5a6bfa14cbab83c854da8d4aca838cc24c3e204831291f3a9eee8f9ee2648a,2024-11-21T08:01:26.327000 @@ -225933,9 +225935,9 @@ CVE-2023-33279,0,0,c5b52a353f3ee6325fcdbc23e78def6dd9840f906e0c4aa43a168e1260736 CVE-2023-3328,0,0,19ff79881d8bc75c570024c2c95120dd8f165b34196c4c953dd29948c4479610,2024-11-21T08:17:01.480000 CVE-2023-33280,0,0,dd129b41a63a61652c937421f2797c2268bcb168616b41614739762f2d92381c,2024-11-21T08:05:19.307000 CVE-2023-33281,0,0,067771f6ca325b24677ebeb151358c2c9e2cc8b783e08f179c67a9925546697e,2024-11-21T08:05:19.500000 -CVE-2023-33282,0,0,ff8a75936207fcaef8bafafba146b7fe265d99ab40a1df85fcd5a955e1aa192a,2024-11-21T08:05:19.683000 -CVE-2023-33283,0,0,68270e11a4fbabfbdb51f52b5ee260bb7afd89dcf1a8ea12313ad5f6f93804cd,2024-11-21T08:05:19.853000 -CVE-2023-33284,0,0,085a117e74eb024616b29c83de2724dfcbd4ebfb0c81a29443de9df9aedb282e,2024-11-21T08:05:20 +CVE-2023-33282,0,1,b9105cd79bc3fe38b67de1004c426bb3546015ffe36bedcfc063a51cc7e790da,2025-01-07T15:15:08 +CVE-2023-33283,0,1,aa728629f1c9780c7132c3e98fa5e81cf6102cf0d8ded155986326ffa98868c5,2025-01-07T16:15:29.973000 +CVE-2023-33284,0,1,db41d8e24bc207a166de9f5ad7b6c86c72497666dab7cc586996e222d3bc20d4,2025-01-07T16:15:30.170000 CVE-2023-33285,0,0,30741f1677c923d9321a174f24cbcfbb45d70b7fa16adbecc164042f72c69993,2024-11-21T08:05:20.157000 CVE-2023-33287,0,0,1725d54a85eb14ed5ed43bcb323871ad9163e79462681a72627cfeea124f1f79,2024-11-21T08:05:20.330000 CVE-2023-33288,0,0,26838f7327104c1b47d024f5db0a9eb1c2668da883675bbf3c61e6d3c54ee2da,2024-11-21T08:05:20.497000 @@ -226061,14 +226063,14 @@ CVE-2023-3349,0,0,198f0750e28fec680b199f31ee62e51097776525e0e38e70fe1488f9073098 CVE-2023-33492,0,0,f18ce2f813c3ba55047411a06441328b89b300d96f041da133c6dcfb061e2cf2,2024-11-21T08:05:38.440000 CVE-2023-33493,0,0,1adf36c0169de71a220f9b04ac78654488990b0d222648e1c9e4c1d68f48a9b9,2024-11-21T08:05:38.587000 CVE-2023-33495,0,0,b41da8a24563d7ec6c8b1e481c93b00b01b328f982e2b129df4bb9b0e2fe8de5,2024-12-09T22:15:21.557000 -CVE-2023-33496,0,0,758beb1f8b493d2155631c7cb1f19b85af1df6ef9836236b8d4be1675866ee2b,2024-11-21T08:05:38.913000 -CVE-2023-33498,0,0,fd8e8c10bb9ad45add6850d4bb9955f93726f5588436ce05c17dc50b51749d4a,2024-11-21T08:05:39.070000 +CVE-2023-33496,0,1,3fd0a52821141bf6f5309c19678c375cd3da0df157cfd4491cb9856f63310f2a,2025-01-07T16:15:30.370000 +CVE-2023-33498,0,1,379c46b468fd16d5349d5ed08fd815599da430bed83605ed93a8b87d62e95229,2025-01-07T16:15:30.577000 CVE-2023-3350,0,0,c693ece6a6dc8a063084324beeed66e17765ab0612916966eb644715f1b77e3f,2024-11-21T08:17:04.707000 CVE-2023-33507,0,0,8c8de104a836f2a97cd9fdb66854a75143bede63381b0f6428367968cc3647c8,2024-11-21T08:05:39.220000 CVE-2023-33508,0,0,eefee40d15da825ff91a58514af3667b807a8d58fe173d0d65d33f631700d05f,2024-11-21T08:05:39.370000 CVE-2023-33509,0,0,7c087a342d0e252ecbe0a47b1cafba10b65eb1c2aefbfbfaa10685cf24ed5b5c,2024-11-21T08:05:39.520000 CVE-2023-3351,0,0,f64258e34e1f6e2c3debe6ab542c8550e84fbbc69c1d8f132c263991d8bde067,2023-11-07T04:18:34.703000 -CVE-2023-33510,0,0,d29b90ff15a726b648e2993c8bf68a5f552f1568c008c0fe5eeca3aa45af10d6,2024-11-21T08:05:39.667000 +CVE-2023-33510,0,1,2fdbca3ef3ec1beb92f8e78ca0e200b48de108215e8c467acd4f2362be303f38,2025-01-07T16:15:30.803000 CVE-2023-33515,0,0,365a9a5f6a7f4c9eca56bb36b50c44f896d0d4286fd9bf91ea545127cf4cb344,2025-01-06T18:15:14.737000 CVE-2023-33517,0,0,b525e4f20df193bb6cbce03994f81acd991418a35811daa2f53394dfc22d6d82,2024-11-21T08:05:39.983000 CVE-2023-33518,0,0,d2a984b73ce9cab4514b9daac0fd3b164012234648668d157ade4d7b4b4aa3a9,2024-11-21T08:05:40.207000 @@ -226080,9 +226082,9 @@ CVE-2023-33530,0,0,57857e1bf8e466401ac30cdd0dc887f8986765437c17856ecb13f708f7f9e CVE-2023-33532,0,0,50ab32c25e361dd582a0b7febef0af88121e3f6206486854b3e53aec4e9993fe,2024-11-21T08:05:40.760000 CVE-2023-33533,0,0,24981bd383e42008ed24aba8323ae2f18199e8d390590f1a85d2ffb5a9e35a06,2024-11-21T08:05:40.900000 CVE-2023-33534,0,0,375224b30005c5c6b4df976c11ab08ed3b921dbd5d50ac7db6447c43e9441aad,2024-11-21T08:05:41.057000 -CVE-2023-33536,0,0,b5a0f552ac986a5d55db93f96383cc12cf371550f84a29bbc025121be2893e1f,2024-11-21T08:05:41.220000 -CVE-2023-33537,0,0,20c2446447a99cb03f1403138f8f636a9fa7ab75f2fefd90d7e25e9d2c871bc4,2024-11-21T08:05:41.383000 -CVE-2023-33538,0,0,5e30788367fd76f572e044d5bda0aa690afbe41f38ddb69b258ba78d5af8994c,2024-11-21T08:05:41.547000 +CVE-2023-33536,0,1,4483a4c84bae9df5f08f3544144640e560096a5f4d7b065a9e0bcbbe032477f3,2025-01-07T16:15:31.153000 +CVE-2023-33537,0,1,06a836a8ec9a8a82dac73cdff5c990d7b4a0e29c9bc271ecada9cf746e2d2bd8,2025-01-07T16:15:31.423000 +CVE-2023-33538,0,1,b3b643fe39302a1c48ae218034aade7823381ded5695561882bb311b6c1280d5,2025-01-07T15:15:08.190000 CVE-2023-3354,0,0,c1971a8d35c84792a7e3b4b69170665e207a3bb365fff75d5a707072047933e4,2024-11-21T08:17:05.117000 CVE-2023-33544,0,0,88bef72ec7a83ed8f48a74d9d233d68d45815d12dcef7901cc8dd38c21b6c141,2024-11-21T08:05:41.690000 CVE-2023-33546,0,0,9e82aede766f4b9b701714d917a2868af3b3571a49bd4b295d6aba2bb98c278a,2024-11-21T08:05:41.850000 @@ -226090,8 +226092,8 @@ CVE-2023-33548,0,0,b51dc1575c1f7daa608b0b5836c474f314a242a913214763d5debf853883d CVE-2023-3355,0,0,66c43df3dd0ee91c832932172c9cb5c8a55655cbcbf5f77d9dc727f70b08e4ec,2024-11-21T08:17:05.290000 CVE-2023-33551,0,0,15ca22be4f110c38b80ef279ae23e0f0520d88f7835dffae7ff26ecf6ce6cde8,2024-11-21T08:05:42.157000 CVE-2023-33552,0,0,d954eec01e7648a78344657472a098bc82cdf50ddc5f7580444f9b507c1e3dbe,2024-11-21T08:05:42.310000 -CVE-2023-33553,0,0,3e45fe36eaea584646bef73a6be0635df469749915e87654cc6e212a560bcc17,2024-11-21T08:05:42.463000 -CVE-2023-33556,0,0,4533d7ebbf770d62d87a476cb183e77b38116854e0650689de07ee3efb4dc4d1,2024-11-21T08:05:42.613000 +CVE-2023-33553,0,1,100e48dbe8dcd919ffada509e862616914253c61bf4e10f091c0f3eae04e1bbc,2025-01-07T15:15:08.367000 +CVE-2023-33556,0,1,296f7cfa4be2684388b87c0d047b815a94475706490d2524330b63115be6fe38,2025-01-07T15:15:08.523000 CVE-2023-33557,0,0,cc03734a1aa1840f74f9352ffd50d3d02541603dee095c93032d40edd69bf2c3,2025-01-06T18:15:15.217000 CVE-2023-33558,0,0,b7fdfe8e2f5f7ef9885330921ddc07a85ad745f4e7ac06e0631fdd030c9d0f58,2024-11-21T08:05:42.920000 CVE-2023-33559,0,0,fc3f3f42dddfccb0ab6605167a971e0c19be007ce1b19ab51ab90f1e64cff7d5,2024-11-21T08:05:43.100000 @@ -226116,8 +226118,8 @@ CVE-2023-33591,0,0,ff986afc0316a9e18af2b67e930a74090c24895de581e443e4716ade8f286 CVE-2023-33592,0,0,8922d2c6a40eff40aef481311ec4cf8aae1ed6d293035442c831315c238899fb,2024-11-21T08:05:45.073000 CVE-2023-33595,0,0,1bfc607aeb14ad4037561ccdc7e1d651e1c4e212d60ea37d1fe5cb863b850c2c,2024-11-21T08:05:45.207000 CVE-2023-33599,0,0,55db37be74a013892d3fb1b0b959784c91c13cb15114f0eb3da8abcea57b2b27,2024-11-21T08:05:45.340000 -CVE-2023-33601,0,0,b06afebf7fbc41fb50774998ee830a0753b3b493b662498f8899876db0d4d6f6,2024-11-21T08:05:45.477000 -CVE-2023-33604,0,0,5ead98cbf8f86922c19457a71076e41171108f9794f82e8d3061aa5beeb69bdb,2024-11-21T08:05:45.607000 +CVE-2023-33601,0,1,083f601d16fc0c97e32a1d9a35e9fc894753c7797215ae07c91ec9209ba10419,2025-01-07T15:15:08.683000 +CVE-2023-33604,0,1,9226692a3dd315a1017ff5ed1441afdde1ea9512e7a0c2d0d0e313e5471408b4,2025-01-07T15:15:08.840000 CVE-2023-3361,0,0,9ebef56d12e80daf97a750299f08bde92471b07cbe9f6a4eb2f93a79cb7a07a2,2024-11-21T08:17:05.957000 CVE-2023-33613,0,0,d31ff0ae7b47563662632adcd8b48a93c5fd23279ad6dd401f2b3d9233df15bc,2024-11-21T08:05:45.750000 CVE-2023-33617,0,0,cdd85c4f3a32f88b6ddbe476650229c42a93db6627fcd104ee4ed51cbc91add9,2024-11-21T08:05:45.893000 @@ -226227,7 +226229,7 @@ CVE-2023-33778,0,0,a42a0c1ec1262b6938bad9833717ee5df22f921f3c2249d491299db7d9b42 CVE-2023-33779,0,0,1eb55c2bfcdb14a79b3fd3b01e17b005110092a805fd4ef937e8dad4263f6c70,2024-11-21T08:05:59.100000 CVE-2023-3378,0,0,b0837eae984d75a22386db3789972e8c74c698027c143f4d7579a37ec8c86ee2,2023-11-07T04:18:37.350000 CVE-2023-33780,0,0,9ae1d559f1968f9d1c9b4ea057170a356d47e42b68a94bb638f2d18fa1a6a09f,2024-11-21T08:05:59.243000 -CVE-2023-33781,0,0,3b2406693f006c871d2f55737c07072d88fdfa8452e8a645c84781f6269401d9,2024-11-21T08:05:59.383000 +CVE-2023-33781,0,1,c90d3f3e88fc22ed2c2116e02df4f6097f4d0f53cc84aa386821b9da17b0bf0a,2025-01-07T15:15:09.010000 CVE-2023-33782,0,0,7113ddd4c34555a3f3c6eb824db06cb3a795e9dfcb0ec4ed13c5bc2328a8b8ae,2025-01-06T21:15:11.420000 CVE-2023-33785,0,0,9c7ec92d4a5d0a7399391c5080a052fcbd29a0f4edc35f1cf7df2fe324674784,2024-11-21T08:05:59.697000 CVE-2023-33786,0,0,47b4a818f4852512dedbd0ed4174db94426bfbe71bb01a9a604089696e58ed83,2024-11-21T08:05:59.840000 @@ -226281,7 +226283,7 @@ CVE-2023-3386,0,0,d30955c349e34a557fc3604c8361d5876aa81b368c9209af3e63334e0abe2a CVE-2023-33860,0,0,e017fbdba9558f00704985467fbde4b07f66309a8eaddc6d0377f397c304755f,2024-11-21T08:06:05.317000 CVE-2023-33863,0,0,fd4de3cd204ecd9abde1ab83a4548dd63ee41b30d6ee69afbfb6ee012922f30f,2024-11-21T08:06:05.450000 CVE-2023-33864,0,0,3b7d281acce4d93babd99bc9e0a9e089bae23d3b36fb18770832c44296dfe6fa,2024-11-21T08:06:05.600000 -CVE-2023-33865,0,0,2bc9e459d4753accb0ff4ed35332cd0fcb219f9fffdefca7d49f0c782ab451a8,2024-11-21T08:06:05.743000 +CVE-2023-33865,0,1,591f9efdebada9c214b8e020ad4d4a40ea13edda60a879949af086ed7a44751d,2025-01-07T16:15:31.647000 CVE-2023-33866,0,0,53d4f76ee94f995d0e197f13a803b8e21e4131a9ec8c445c7c4748c9b252e41c,2024-11-21T08:06:05.900000 CVE-2023-33867,0,0,98339c98bcebc4a0583c8f1275d8bbeb85001b283b4aa10d817a65e0b7c91382,2024-11-21T08:06:06.030000 CVE-2023-33868,0,0,e24a1154738a185102ea2e84d77190f97c9ca31bac268c2b85291c46052f93b0,2024-11-21T08:06:06.163000 @@ -230166,8 +230168,8 @@ CVE-2023-38941,0,0,f42f2dd234548ad3bcfc87ebbb40bb1737da50e91b3d54994b775a6e31240 CVE-2023-38942,0,0,82aee0951d543d730982b7bc343b25fa2f97d6709e4b9187b4aac5e20178cbe5,2024-11-21T08:14:29.713000 CVE-2023-38943,0,0,e695fcf2ae5d518077dea7995f85cff2c02d0b248aadd31a7a9abfe0adbfadd7,2024-11-21T08:14:29.850000 CVE-2023-38944,0,0,d49d604e9fb29439b39f01f4ddda0ad5f164f7103a704a0a4ba2af50691bb1a5,2025-01-03T20:12:34.917000 -CVE-2023-38945,0,0,e02a42cb7a42424b19a85fb2b867e5331ecb51772e921d278f135c30931f453d,2024-11-21T08:14:30.217000 -CVE-2023-38946,0,0,b64fdb34487d44d79e60df83880176ec805e52436b6c961dc32e8ddfcf028c7f,2024-11-21T08:14:30.423000 +CVE-2023-38945,0,1,896d887bc64789cb4c29982bc567b80505440c14b0aa9992e49a07caf6901286,2025-01-07T15:14:46.853000 +CVE-2023-38946,0,1,f2edf9352f8495b3ca5311cea746301b6200567518be1e6d5e0353690d9a43b3,2025-01-07T15:16:04.743000 CVE-2023-38947,0,0,4b170c719db2192efd9102401f3f6cc979e345599bd9ddb234da0273152742ba,2024-11-21T08:14:30.630000 CVE-2023-38948,0,0,7f9a4531f6471458e67c1014544195b67754e27b0669a00f971903e09a3b5f0d,2024-11-21T08:14:30.857000 CVE-2023-38949,0,0,c240796243f9ded0b6052fbc9a21be405bd0ca548837dcc16f4cb50e1af9c800,2024-11-21T08:14:31 @@ -238846,7 +238848,7 @@ CVE-2023-50922,0,0,6bf236a9898ccf306bebe92404b72fd903bc082b793476e5e69a5665a62b5 CVE-2023-50923,0,0,41746b2328d03f226300e1d453aa06f98f173172b6df557f7fc6b5b090ebfb79,2024-12-04T21:15:19.777000 CVE-2023-50924,0,0,ca556db944b3691a7d54a96ff4cb871f507ba9ba13687ba88c121111ca983c8d,2024-11-21T08:37:32.523000 CVE-2023-50926,0,0,bd9e26d125e89ba14d77cc8e80fb87b46ea39ca58778d29d384b0f164c76a0f8,2025-01-06T15:30:54.840000 -CVE-2023-50927,0,1,41dec98027d272a748ab085be5dd44d4b756dd700b81e5fcf7856df719d1eaf9,2025-01-07T14:53:39.337000 +CVE-2023-50927,0,0,41dec98027d272a748ab085be5dd44d4b756dd700b81e5fcf7856df719d1eaf9,2025-01-07T14:53:39.337000 CVE-2023-50928,0,0,22cd2c91424b965e0c20afcef32d35cc4bfe393e5f2d12047954179597d626c6,2024-11-21T08:37:32.913000 CVE-2023-50930,0,0,6265c57a5fe972a8fcb40cfec78599317296a10256c2052480630685d43338f2,2024-11-21T08:37:33.060000 CVE-2023-50931,0,0,85b1b106fbbde43fd1953c109732def348598d940d65f1bda9e96293a409674e,2024-11-21T08:37:33.220000 @@ -239973,7 +239975,7 @@ CVE-2023-52487,0,0,de51440deae5dacc8c190c40f2337dde434f7fd0e2594ff02b6d5684b9903 CVE-2023-52488,0,0,68738be0d8dede65f330b32169dd66b0b6cfe13f45fb773a272170dda25fe6ce,2024-11-21T08:39:53.130000 CVE-2023-52489,0,0,06ac4268c68ddb320c502594803f5971db0d61ef37b6150af57f566836747b11,2024-11-21T08:39:53.273000 CVE-2023-5249,0,0,66795859b94115699a1a33c2c476e77d83b1313b38a4d4dd71029c0ce4694430,2024-11-21T08:41:22.310000 -CVE-2023-52490,0,0,075130e67b77580b9f474adc2c59c69bd7ed5e147c8d2b6e8755c60d4d329bf0,2024-11-21T08:39:53.407000 +CVE-2023-52490,0,1,ac0645c6d93b992f3c60098d66e2a3b8bd3e99c282442be872cc6bbd165e3480,2025-01-07T15:44:33.343000 CVE-2023-52491,0,0,033c3717ec0e3c1ff278f67e39cabcd6c9f75e93df8df5930180e00b807e6f9f,2024-12-12T17:32:00.693000 CVE-2023-52492,0,0,633066263ed0b651947b542854e436bd97416b7d5443fb71ca249df44c30da50,2024-11-21T08:39:53.663000 CVE-2023-52493,0,0,226a91067fa9e733403ac59e421c8bf19e75585ed93a94075b47dc216a3235f1,2024-12-12T15:57:46.703000 @@ -240163,8 +240165,8 @@ CVE-2023-5266,0,0,36a025257ca1a5a01d1722477c5cdddc95c4c243398db33d451514cf043d9a CVE-2023-52660,0,0,358e8dc47410610b9f9672166cf82c0f3b48f9a136624210ebe4beaef46e7ab7,2024-11-21T08:40:18.393000 CVE-2023-52661,0,0,0db12b4ae9b466f647d72616423afc1e5dd602ae3df1ae15ad3bd6d59fb9c4be,2024-11-21T08:40:18.493000 CVE-2023-52662,0,0,71b7d56d340dab206fb48342916ff0b200957de03180e9c58fa9a030a0275af4,2024-11-21T08:40:18.603000 -CVE-2023-52663,0,0,02a2a343d866cc58211235946ec7baa8ab1176d7141ce20c399dd6f0b13c5e92,2024-11-21T08:40:18.717000 -CVE-2023-52664,0,0,d4cef420a7d74212703e68d38df549fea2f143d3f3c9c1c332f562d4581a2c8a,2024-11-21T08:40:18.823000 +CVE-2023-52663,0,1,aefc7fb34e639ac7685e30d0b290105bfc4363d7a68f57c98b607c4c70ad7ba4,2025-01-07T16:58:24.913000 +CVE-2023-52664,0,1,53dda01e84d35fa34f80702d177af01142220912b2b78efcb2f400625fec3ee0,2025-01-07T17:00:00.897000 CVE-2023-52665,0,0,791f31a412c848c4b6b18dc59ee81ece8b7e34e43416814b97f8d3b507c03dd4,2024-05-21T07:15:08.063000 CVE-2023-52666,0,0,7ef0df6672c0f5762714f0a9e3035a23c9863435e59c0a7d3d97d8876562167e,2024-06-12T09:15:16.760000 CVE-2023-52667,0,0,0505f1d35650169f79911397440e10c3a7f0dc3a68a8ff6a4985e0ea1ab32fc2,2024-11-21T08:40:18.970000 @@ -241414,7 +241416,7 @@ CVE-2023-6322,0,0,d5c869bd35acfde6cf7110d1bc4153435a496bfbdf9c1d3628a98a6f01fcae CVE-2023-6323,0,0,3e99fe9db7b6b54d633f4268a64b0fc6585cbb702703718a2d4c3321e6c9a60e,2024-11-21T08:43:37.493000 CVE-2023-6324,0,0,bebd0cce90083c61e0bdd531be86f95c2246eae82a5bcef3a8a84c129d68148c,2024-11-21T08:43:37.627000 CVE-2023-6325,0,0,e17101d7e855c4f4674887a9fc98e3c8c9faa0a57755c37cf1b80bf7c278189b,2024-11-21T08:43:37.750000 -CVE-2023-6326,0,0,88da3ff69cd4e6372b8bdfb4eae58ec51d8f769f9c17e2ddc25219215614bfd9,2024-11-21T08:43:37.887000 +CVE-2023-6326,0,1,3b19c482d703b72f7f2773ed50202b1b773327d6b76cceeba23b1b47c6c23dbe,2025-01-07T16:35:32.547000 CVE-2023-6327,0,0,3501e80d5828b88c1388859a9a8f98cdd39d9d123d23b068f0f48068ef35d850,2024-11-21T08:43:38.007000 CVE-2023-6329,0,0,4c2ee01ec4e81d5caa17fabee54fcc52d6be16725c3211c88533d88574dbd9cf,2024-11-21T08:43:38.127000 CVE-2023-6333,0,0,961ff0506817d5b19435905357d5cda18c6d500dab05b45ec6426977d561b32c,2024-11-21T08:43:38.257000 @@ -241463,7 +241465,7 @@ CVE-2023-6378,0,0,76f7c841f67442acf1ca356626d1c1e29040905fb2f472985bb7db6ce6fe73 CVE-2023-6379,0,0,56e43b1d6863cea65350fcd99bdae74a5424c38e5e9804170909e3e2e9aedece,2024-11-21T08:43:44.673000 CVE-2023-6380,0,0,dd8cbae4f4c7c6750547de2a45fef685851c32ee677b163797c886d1edf5c505,2024-11-21T08:43:44.820000 CVE-2023-6381,0,0,ee3ced35aaedcb71670b465138656fc1f3af9cc181ad6962f9cffc9a7f86b5c6,2024-11-21T08:43:44.960000 -CVE-2023-6382,0,0,4edace77211ddb5bc68a0ae7ddb9e99d66f4f8212a3b8092aeb8b45b21c9ba38,2024-11-21T08:43:45.100000 +CVE-2023-6382,0,1,eafe3a31f33c2bd501743c597775950cfefbce67ffcc860f53932a9242acd44f,2025-01-07T16:37:07.597000 CVE-2023-6383,0,0,59528aa83fcb44c4ddb21de622a524ccd599edf11acdb850f1df2f683548db37,2024-11-21T08:43:45.233000 CVE-2023-6384,0,0,531fd45eb2bfac343d3d0c6d6337e476841abd93ba70599722414ec5ccd5843b,2024-11-21T08:43:45.357000 CVE-2023-6385,0,0,aaefc98730bd631213481acf06dc37b5e840fda532acd38cfd4c3144862e6e8f,2024-11-21T08:43:45.477000 @@ -242815,7 +242817,7 @@ CVE-2024-0607,0,0,7593ab4432ea7553985e7b16ebd4406e544edfa1354f24e856a4b897e755a0 CVE-2024-0608,0,0,364ed7c1816141e08551230deeb225e6f9581f28de27c921e03af6d7943a316a,2024-11-21T08:46:59.527000 CVE-2024-0609,0,0,fe969d910275d5a3a2703bfbabc3af993e9947034bdebc50e55519d8d7cbf919,2024-11-21T08:46:59.647000 CVE-2024-0610,0,0,887040afeacfe3c398060bb033448abdd3d146ff8a900aad2223c9e43bcbaaf4,2024-11-21T08:46:59.760000 -CVE-2024-0611,0,0,467b3b90c48aa7287f47beaf783b9c129e26da880ce47141a9d0e9445fe38ae1,2024-11-21T08:46:59.887000 +CVE-2024-0611,0,1,618db9e60b15032faee10b841b129b2fc33aef4bb715f366cb4958ea521cafb8,2025-01-07T16:41:54.303000 CVE-2024-0612,0,0,da64d0a677fd45a04382f6cbc2c145ee6f8fef3954e4d1e4ac27b2a8c4b9f266,2024-11-21T08:46:59.997000 CVE-2024-0613,0,0,da8643fc97b531c82d214469e3fab5ad51b81a35aa2fb83e969424e9e3503eb0,2024-11-21T08:47:00.130000 CVE-2024-0614,0,0,8ef2fd0e88a079773d26e3260e074716b398c31bfe09434fb6fc0840a8fda420,2024-11-21T08:47:00.257000 @@ -243189,8 +243191,8 @@ CVE-2024-10008,0,0,430e5c41cd163f95f6d041350798011748203d8006a8933be6815e52fc33e CVE-2024-1001,0,0,140fc173e33ae8fa7b986d187129f7b01af76bf1cd74c6ed57f4103bfb5a0ff3,2024-11-21T08:49:33.840000 CVE-2024-10010,0,0,3c516bdbb96231263dc71a10acb05a3ca22dee1eea755f0c63dcfc8d58f0508f,2024-12-12T16:15:09.483000 CVE-2024-10011,0,0,37a7a2add316aa62fc644e677a8222291d1b4d2f7d89a6ec187d4cc2ee2d4a93,2024-11-06T16:01:39.573000 -CVE-2024-10012,0,0,a1d3986eecf86ec6fb020d670b9767264eba718fce49a9056a14a4a2ccc7ffc8,2024-11-13T17:01:16.850000 -CVE-2024-10013,0,0,18b4cd69acc5bd28df0450ceb88797ccf8d955253882c50971f8cc5d369fb3c0,2024-11-13T17:01:16.850000 +CVE-2024-10012,0,1,d10a75ec4724d8f74c105946730627ba41f26c77e16892042087e9ac3b05647b,2025-01-07T15:59:23.043000 +CVE-2024-10013,0,1,329fbb074d0a9c6e588f04324f32210f857340af98d86ed46e47ef2cfe85fd3b,2025-01-07T15:46:38.317000 CVE-2024-10014,0,0,50214c84cef4e2fd21abb109362711999bfa6a60090d35936fd0e9cba0811d5b,2024-10-29T16:58:48.127000 CVE-2024-10015,0,0,217a292c789a9f8ea3b1717a9a4b42a5c13589b9293af6ac699c09a1f0997322,2024-11-18T17:11:17.393000 CVE-2024-10016,0,0,f77f52c803ffaca4f851d3ea7a048b10f89ed8d8abf952ae01a553fb73da8ac4,2024-10-25T12:56:07.750000 @@ -244584,6 +244586,7 @@ CVE-2024-11677,0,0,87a6177c5b391fe3e3720d37e67024bea5a041e744a962c7b6d3c8e2d9ea8 CVE-2024-11678,0,0,fce9fb7e025c917df93cde2de1c865701af156abefa3010e32d19624bfee04c2,2024-12-04T20:39:07.400000 CVE-2024-1168,0,0,361fc3dacab1a6af3309993965ec9d946bde5b152da006d3137d0cea2c78645f,2024-11-21T08:49:57.020000 CVE-2024-11680,0,0,413293c09da5679a3e6b3bb9a6bdd26dd9245aca40b801761cabf7d2cf810aa4,2024-12-06T18:42:17.390000 +CVE-2024-11681,1,1,d3f9f5399f018a89696b7dd5177496fdcee19e93f2567f6159786f1fbca01bb6,2025-01-07T16:15:32.097000 CVE-2024-11682,0,0,560590a5be0c603e71436f75adade57eb313e8dad3069a7dc031cb3c6f8d4225,2024-12-21T07:15:08.260000 CVE-2024-11683,0,0,c5c34a549f676b6e4bfb5a3fd3e5626bf20a1dd88602d5be54893cdf8cd9f992,2024-12-12T04:15:06.490000 CVE-2024-11684,0,0,12cb277c9205905669ffa100f303ceaebc405f85837f54097728fa8f404b4d50,2024-11-28T09:15:04.793000 @@ -244934,7 +244937,7 @@ CVE-2024-12127,0,0,5a71954d556e5e4eca59c6ef18b25e4cca9d5062e24f45d25c54cd9cd4087 CVE-2024-12128,0,0,c4db33033b659bed09aac37afde730f735bf98fa121412b3aa3432fe49f39a39,2024-12-07T10:15:05.843000 CVE-2024-1213,0,0,71ef51029e532fbd05d5ffce04ca88ce9c1183a8c328c139d7f9dd3d163c9edb,2024-11-21T08:50:03.180000 CVE-2024-12130,0,0,05811205e7cf6b9d5db685121cc1c0a1d80fffaab6e459b31891b300ff7dfa2c,2024-12-17T15:52:01.670000 -CVE-2024-12131,1,1,b50dc8141efb54545f53e53503958a7d227de839d3f1683a10114224d869f79a,2025-01-07T13:15:06.440000 +CVE-2024-12131,0,0,b50dc8141efb54545f53e53503958a7d227de839d3f1683a10114224d869f79a,2025-01-07T13:15:06.440000 CVE-2024-12132,0,0,80a7c8d496b1886913eb9109e260df5ae2c0aa6f78d2c4d5ff0aee7f1f0cf7f0,2025-01-03T09:15:05.983000 CVE-2024-12138,0,0,8d975d6d21268c978bf38e4ecd10070b486d972f9cb2bde16883c51e239ae6fa,2024-12-04T14:15:19.413000 CVE-2024-1214,0,0,006edfeb44add0513d6df0049d407da5a783feee7b6e41af090a449d9f26b334,2024-11-21T08:50:03.383000 @@ -245135,7 +245138,7 @@ CVE-2024-12420,0,0,ae8d110f5efef295dc5d542d71461638a083f9c010e00a24758178ab1b247 CVE-2024-12421,0,0,d0800edd844bf37ccee00fc76da3ec64bb2b51e717430e725122892ee39e78eb,2024-12-13T09:15:08.870000 CVE-2024-12422,0,0,27a2b7b5579aea6b626e898353e29adaf77dce7f7392fa2cdcdfb4f6d55292dc,2024-12-14T06:15:19.357000 CVE-2024-12425,0,0,eea15e7971a0067182f0f87cd0809df360664c0ea5db3b792659192d954300c4,2025-01-07T12:15:24.183000 -CVE-2024-12426,1,1,b1768326240a0dd8a6e52437c59b87b6647b9ea2add19ab16c01c997897bb793,2025-01-07T13:15:07.210000 +CVE-2024-12426,0,0,b1768326240a0dd8a6e52437c59b87b6647b9ea2add19ab16c01c997897bb793,2025-01-07T13:15:07.210000 CVE-2024-12428,0,0,0dc42c82097510dcd67ba200f4a63250bd059d1ff61bcff7d39f7b5f34a5af10,2024-12-25T05:15:06.920000 CVE-2024-12432,0,0,3d67b932349f6253a91fa970f1501aba586896a462aba17731bbe90a2499433d,2024-12-18T04:15:07.947000 CVE-2024-12435,0,0,0b924907debc21d874056d540a36b4cd28d4a499f8792c113a5d9122f40bd903,2025-01-07T05:15:18.887000 @@ -245297,7 +245300,7 @@ CVE-2024-1268,0,0,8e96a69266d469b252e6c6ee082354a5ae4d9bc7d7daa2e17d8f5480121bca CVE-2024-12686,0,0,97a8ebdac182b849799b086a05a52b29fdf4a643f18b8c80f4ed8210bf61fbe4,2024-12-18T21:15:08.020000 CVE-2024-12687,0,0,db582e783ba07ea03e34c560f3ce0d9a75e73c080a0914e89215bff58a3d20a7,2024-12-16T20:15:09.777000 CVE-2024-1269,0,0,afe5fa6f2789b35a14da593df22cde42ff88e5a3e5db5d1bb0de9d1e5a1f477a,2024-11-21T08:50:12.253000 -CVE-2024-12692,0,0,1d91106e54d6f85d8fe7f405f127892c0e24f0eae3c87f0ec8b1a814419d86e2,2024-12-18T22:15:05.730000 +CVE-2024-12692,0,1,8b53a26a0cc42a23dac5c38dee635e34fe5ff00e8738afb8bd1ea85dad7db9e6,2025-01-07T16:15:32.573000 CVE-2024-12693,0,0,c4f94ffd5f7d3b684a1f1d67fedf841d735528fd88fd85faafce8d3cf44b4de0,2025-01-06T15:15:10.593000 CVE-2024-12694,0,0,9800fbc5ca389434bdda7fa0de83799fcd1088c52cf84f2bdcf95dc149b6c72f,2025-01-03T14:15:23.560000 CVE-2024-12695,0,0,c12cc3a1c005ac4ce33f9efb358fc8de53ca6da21a9008edd22e7d591fcee580,2025-01-06T15:15:10.753000 @@ -245316,7 +245319,7 @@ CVE-2024-12727,0,0,b783145694badccf248249bee0c82f1aff0f923b8a3e56851318776364e6e CVE-2024-12728,0,0,917e9cd9de621c11266a9c64ec7f57ccf5bdf0122fd22a40a0ec7d20acff7a35,2024-12-19T21:15:07.863000 CVE-2024-12729,0,0,48b3a23ce4e01eb74edff0cd115d9897f3f81428607bbc5ad97846c1af686c7b,2024-12-19T22:15:05.087000 CVE-2024-1273,0,0,e8464b176bd39036e0f45e4b49d8110f84d3d3960c826bc9710c36200b4f5e6c,2024-11-21T08:50:12.557000 -CVE-2024-12738,1,1,62b9ca699b87e6b4afa6aacb7bdfd82cc9a3781e94484aea8f243a786784d89c,2025-01-07T13:15:07.357000 +CVE-2024-12738,0,0,62b9ca699b87e6b4afa6aacb7bdfd82cc9a3781e94484aea8f243a786784d89c,2025-01-07T13:15:07.357000 CVE-2024-1274,0,0,8b1ee7c9f6e7817a23a525a715cd0c1ef18c567c26c711e49e1e872df04cda9a,2024-11-21T08:50:12.730000 CVE-2024-12741,0,0,c9f183fb88063863d511dd9a34a59e6fd50d2f3a53a8fd3b665d83eeabe6e5e3,2024-12-18T20:15:22.390000 CVE-2024-12744,0,0,db2cef6174f0f203336fd1a602951ac160bef125d0730a8230a23f49ec8a87b4,2024-12-26T15:15:06.290000 @@ -245717,7 +245720,7 @@ CVE-2024-1445,0,0,0a624acf2f93fcc7458a537b50687e8779f2e95d40ded5926d8cbd4da5fc9d CVE-2024-1446,0,0,bcbd55f0d2c90e85050905640a9752443538e2056a662d31a605b1bda37d17f2,2024-11-21T08:50:36.100000 CVE-2024-1447,0,0,6746acde1301c5825538a1aa38cac61672f524700591a0648dd48779ea53ab7d,2024-11-21T08:50:36.220000 CVE-2024-1448,0,0,907e2cf35615925862c90020c543aac7ee629ef9f57982dfeb1cd4e6b6c53a20,2024-11-21T08:50:36.353000 -CVE-2024-1449,0,0,8b8a0685dda30d6758efdb7bf3c914689cce34397ecfb5350fcaa40658c2835e,2024-11-21T08:50:36.490000 +CVE-2024-1449,0,1,900313206bc17949c546aa6ae12c1462c25b681680e8883269c8831cf2e12f01,2025-01-07T16:38:28.197000 CVE-2024-1450,0,0,2c4685806ad094ef0e67bd2000051393b62a0d6ee127f95dcc18abbea7135c6a,2024-11-21T08:50:36.610000 CVE-2024-1451,0,0,b0465625c202e8f09e409320e5302d0e1b7fca565c7881c89608e7a88e11ffcb,2024-11-21T08:50:36.730000 CVE-2024-1452,0,0,0d5ef33ed18cfe6afb9e5ddd11bf0c4f1f56bedc89751ce9b22df72c9a658963,2024-11-21T08:50:36.890000 @@ -245895,11 +245898,11 @@ CVE-2024-1645,0,0,fc2db15dc582e529d4e2d85af443e9dede47328e7ae86a8af4f691034414bd CVE-2024-1646,0,0,5059540515ce7eb8ae68b15c4eec4ff01ea4b884936486b4b6938c6175d66543,2024-11-21T08:50:59.783000 CVE-2024-1647,0,0,61673824377e23ed6345f1ce2d3e2dfdab70aa35a8f57fa1b19d6f80febcb2a6,2024-11-21T08:50:59.913000 CVE-2024-1648,0,0,2b4f9a5bdbbf930dc831a0e6d825e26f3a96b82a0b421ea9c358197a954b7d5c,2024-11-21T08:51:00.050000 -CVE-2024-1649,0,1,85bdc6d7a5da5462a5c6da7c1c9b18e4d25b5f8ad635d56d36b9dfd7273f002e,2025-01-07T14:36:30.327000 -CVE-2024-1650,0,1,d590e4bf93fd497014517abde9ec9536abc0f44adad720765f9a52bf7d70fb0a,2025-01-07T14:36:06.543000 +CVE-2024-1649,0,0,85bdc6d7a5da5462a5c6da7c1c9b18e4d25b5f8ad635d56d36b9dfd7273f002e,2025-01-07T14:36:30.327000 +CVE-2024-1650,0,0,d590e4bf93fd497014517abde9ec9536abc0f44adad720765f9a52bf7d70fb0a,2025-01-07T14:36:06.543000 CVE-2024-1651,0,0,5d867065b6520914234c08e56047b2c3524274d1d50f6d2426485c19557f2347,2024-11-21T08:51:00.427000 -CVE-2024-1652,0,1,029ca72a58e677e8ef01f7bdcf556d2c50d3ef76a92b6fe45d16d2333a4765ec,2025-01-07T14:35:51.790000 -CVE-2024-1653,0,1,878c2b8e9e42d6ecf4ac57dbce592618fd8f388d96611058b48e46e691f03d91,2025-01-07T14:35:33.360000 +CVE-2024-1652,0,0,029ca72a58e677e8ef01f7bdcf556d2c50d3ef76a92b6fe45d16d2333a4765ec,2025-01-07T14:35:51.790000 +CVE-2024-1653,0,0,878c2b8e9e42d6ecf4ac57dbce592618fd8f388d96611058b48e46e691f03d91,2025-01-07T14:35:33.360000 CVE-2024-1654,0,0,6a76ea8a8bad6c1a7f404d4ada4cd0a871784b6ff24dd8c47abe307997a51580,2024-11-21T08:51:00.810000 CVE-2024-1655,0,0,73472418806d29e6d771b815384afb3f8654a25ef96081ba479a56044724fb2f,2024-11-21T08:51:00.953000 CVE-2024-1656,0,0,e243f4b9296b3740f96ff646ddc835ed81a3996419b970e73520fbf18022e5c0,2024-09-11T16:26:11.920000 @@ -246142,12 +246145,12 @@ CVE-2024-1901,0,0,7c912c9d925cface47b3667a73bd4854a08825c4b20741b5a200d0c51e0913 CVE-2024-1902,0,0,1b9e710147e179f18bc0385422500e470b0a9675a8f44df4293a22b5b81e54b7,2024-11-21T08:51:33.840000 CVE-2024-1904,0,0,4cf346fe8c9ae0848df8fe773f1344813fcc2d51af2b435997026eba4ffc0e52,2024-11-21T08:51:33.987000 CVE-2024-1905,0,0,9438b0be2531bbc1baec0a545feda53b61cecb9096148dc315dd330c5967f3c0,2024-11-21T08:51:34.117000 -CVE-2024-1906,0,1,585b2a5ddfa9da688ccc05c3adce2c6e116818c5e5c9fa6b8b8e48d0db1d5628,2025-01-07T14:34:56.787000 -CVE-2024-1907,0,1,54b36b562379da23fdf0e9559b6c1372c4bc0a1e4af6c39ddfeaf398b35ceab8,2025-01-07T14:34:27.417000 +CVE-2024-1906,0,0,585b2a5ddfa9da688ccc05c3adce2c6e116818c5e5c9fa6b8b8e48d0db1d5628,2025-01-07T14:34:56.787000 +CVE-2024-1907,0,0,54b36b562379da23fdf0e9559b6c1372c4bc0a1e4af6c39ddfeaf398b35ceab8,2025-01-07T14:34:27.417000 CVE-2024-1908,0,0,d44020120150eb7b39feca6fbace4134ba28014106094bae340333b7c5a78161,2024-11-21T08:51:34.483000 -CVE-2024-1909,0,1,4c7f6a9d5cfc775986805e984bed78eacb1959b376728f81acec9abc700621d5,2025-01-07T14:34:08.927000 -CVE-2024-1910,0,1,8324b29785774ca3e45567ff55ccb5f9466c6bc8d68808668c8ea532d9e0baa0,2025-01-07T14:33:31.300000 -CVE-2024-1912,0,1,8df41c1b768644e67ef7901a2480dfd55065da2d96f510289802856fadb60426,2025-01-07T14:24:01.063000 +CVE-2024-1909,0,0,4c7f6a9d5cfc775986805e984bed78eacb1959b376728f81acec9abc700621d5,2025-01-07T14:34:08.927000 +CVE-2024-1910,0,0,8324b29785774ca3e45567ff55ccb5f9466c6bc8d68808668c8ea532d9e0baa0,2025-01-07T14:33:31.300000 +CVE-2024-1912,0,0,8df41c1b768644e67ef7901a2480dfd55065da2d96f510289802856fadb60426,2025-01-07T14:24:01.063000 CVE-2024-1913,0,0,92c655fcbc942022c07845de1f8120daf68a93777eb05f275ad6258038bef7bd,2024-11-21T08:51:35.010000 CVE-2024-1914,0,0,30750cee7fb9af8a8c78aeda235409e04b7b88f956515fccee3d8e6101709c05,2024-11-21T08:51:35.137000 CVE-2024-1915,0,0,9862df3021c814b182ef6710e4f9e07e6599de16c8b204aed7dbde87bb21e91d,2024-11-21T08:51:35.263000 @@ -250148,6 +250151,7 @@ CVE-2024-25030,0,0,3bf7cf36ab25986b6901ce978418ca57d6fa819b3639e450fc36c96ac4859 CVE-2024-25031,0,0,336ae1209bec97edf2f576f0dbcab4e5fecb1cf28a1e1d867216b37694f08f50,2024-11-21T09:00:09.263000 CVE-2024-25035,0,0,b7214df75690f8a2c0cde375218fa064c6af31099cab5de418b369cfbfb53d96,2024-12-11T03:36:11.700000 CVE-2024-25036,0,0,a0130984c78d987e616d5d6732535de3078a91e4d686daa4bfe8d88a169b88cd,2024-12-11T03:35:51.663000 +CVE-2024-25037,1,1,63f6c4cdef62c3fb13494c2a3686a2ddfee00836b96ea06cdbf9ada167ef68b7,2025-01-07T16:15:32.937000 CVE-2024-2504,0,0,f5ba71a497b867559bd1b6db67d9796fbd7c70d2c928d6cdcb40ce2b13ffc17e,2024-11-21T09:09:53.917000 CVE-2024-25041,0,0,c2ef0b11a47c5fcb85869011d777be135ff05637ba0b82b517f0e1a3d01142a3,2024-11-21T09:00:09.433000 CVE-2024-25042,0,0,4d891cf8354bf53aa99ac5cbf11a8eea4fec899c318094b4a81b3f89e31cf294,2024-12-18T17:15:13.057000 @@ -251554,7 +251558,7 @@ CVE-2024-26884,0,0,90485ab2ad08ce5980bd35da2176ba31c8ca763f26d4fd993f1e3d22b12d7 CVE-2024-26885,0,0,446267f933cc671c64b57ab46b84d5d9d05b3aa1cddb1f687f50fb09e97e50f3,2024-11-21T09:03:17.910000 CVE-2024-26886,0,0,8af5f83b231347feac992ebb8fd9bbe331d78a4bb3749c39f2345a13f62ebd26,2024-12-04T18:15:13.987000 CVE-2024-26887,0,0,52b6581d24189a2d81f17e465837a50d9200dc3c5c81175bc39c0e5b7aeff58b,2024-11-21T09:03:18.210000 -CVE-2024-26888,0,0,29098ea853c49d1de9d9e0e661205810ac1169f3eefa6352cb72ebbbed64d170,2024-11-21T09:03:18.330000 +CVE-2024-26888,0,1,74846900da7a6f8b09026caa9be4b4eccab844d24d851aaa854a0bea0b7158e6,2025-01-07T16:43:58.107000 CVE-2024-26889,0,0,0a87ef24881e5a1013b327bce78ea618038475fe9f273fcf03f83972360f57c1,2024-11-21T09:03:18.463000 CVE-2024-2689,0,0,efd9c698169d4dc6b507d633d5c5bca5635fd88f4fbab04c5f54592266ffc962,2024-11-21T09:10:17.947000 CVE-2024-26890,0,0,d28148780134fe9d4fd26b89472d475a8cd9fd94507e1d0beb5192c2d01a8c30,2024-11-21T09:03:18.677000 @@ -251598,7 +251602,7 @@ CVE-2024-26924,0,0,125a9c401639f41463ac2b44afaf3bb6e4d369d8163f027e1aeeb65e4fd3a CVE-2024-26925,0,0,20888a15d1cf5a1e8e5e70a7116e306e3a92356ef2a117e4a8c708c88ea6472e,2024-11-21T09:03:23.883000 CVE-2024-26926,0,0,1b156d894496658533a56f98b1f816c7f7a219acb93a64935886f571f23e2261,2024-11-21T09:03:24.013000 CVE-2024-26927,0,0,0fecf20cf7794b1af701d3a69af1d6c8a2e09c8b8b3ce436eaea422a6f78c033,2024-11-21T09:03:24.137000 -CVE-2024-26928,0,0,3f8460d638aa47336ce7a04cba35fa7b15d32984659cf179a5ab61886c52bbb3,2024-11-21T09:03:24.350000 +CVE-2024-26928,0,1,12e429c2f9b4063e83fe9375ac72719500e95092853217831d1e8baf0db3cf10,2025-01-07T16:44:17.763000 CVE-2024-26929,0,0,022a77a2924a8c7f211d44200437bd4faa4bef4be671f225beb2a6c72269b938,2025-01-06T17:15:15.537000 CVE-2024-2693,0,0,452ca8cd515c59ca1cd15ca2894e9f69af6463e79c7e90d82b67b288f52c52bd,2024-11-21T09:10:18.520000 CVE-2024-26930,0,0,09db815ac2b49390346c0187e051f7a56a9f41aacd4cd6e8d98f1c9ac24f90d0,2024-11-21T09:03:24.700000 @@ -252697,7 +252701,7 @@ CVE-2024-28193,0,0,7ef66a28dd1ff57f0c0b025e8167ec6baa56982b11f2bb9d0c45c5587f2e1 CVE-2024-28194,0,0,919f980bb3d86b49fd10405531eb8e0036001d5d3499843f594d6737b1cc5add,2024-11-21T09:06:00.183000 CVE-2024-28195,0,0,1c8cd56ede5413ee2e3fc3f8a72d5ad055ccc2245b1d55d162ea0bb57080f1c2,2024-11-21T09:06:00.303000 CVE-2024-28196,0,0,5935adc603506f91db2ad215ee3616bfe048394ec93eefd8b8d42fb8dd2992e8,2024-11-21T09:06:00.430000 -CVE-2024-28197,0,0,bc29a9a3d7a1aa136647376745cc17f64da12d082e3a214bf0e98a1728eb4b71,2024-11-21T09:06:00.547000 +CVE-2024-28197,0,1,1ae2047ecd0c4043e0bdc00ceaccfcd5a2d21148692c0ff8a3261be8b479f2bf,2025-01-07T15:54:40.987000 CVE-2024-28198,0,0,761cba225c385d498bdd6fba40bd3dda8cd3d08c2183e5b794fada4afb002ea1,2024-11-21T09:06:00.677000 CVE-2024-28199,0,0,ce7b5d92a4f57c9e2aa64edecef6ee8520d5af49c8b77489080d765a812d8d41,2024-11-21T09:06:00.800000 CVE-2024-2820,0,0,4d0e26921d742b5d6f7e0ce43a1d980380526277b25e57c51d6b025d6bf05566,2024-11-21T09:10:36.203000 @@ -252980,6 +252984,7 @@ CVE-2024-28767,0,0,3dcbbe23de561638ccf8a9738544653a62b61fe75d19cdbb00efaaf18a467 CVE-2024-2877,0,0,e8536f3b9a8db8cfb1a01dc3baa76bd8616106f111c0e4e2021b78fa36854ec8,2024-11-21T09:10:44.020000 CVE-2024-28772,0,0,78e1b65ccd01d2b2cb5151ac2638f146b229ea64b2c3771ff8b54d177679ec5a,2024-11-21T09:06:55.327000 CVE-2024-28775,0,0,6a2db0e9a4b51ca58dc1a2ce04ae9f65cde9a99b61684111bcbdf3398dd02cad,2024-11-21T09:06:55.493000 +CVE-2024-28778,1,1,895e2a4d65da3d78cd823f5e1437f8049521f3de18986a05a966b6187269bac0,2025-01-07T16:15:33.113000 CVE-2024-28781,0,0,86f3b30ca9d39b2bf52a47caeda684702c3ae5f69d11221a2c8e7af407228220,2024-11-21T09:06:55.643000 CVE-2024-28782,0,0,3827c4b953b1c26f26179fc828e8b34b71d580a39e37d458a5957d5222c3b151,2024-11-21T09:06:55.783000 CVE-2024-28784,0,0,31a16452abfdc2ff65c4b937882456f9364f61d12d2099ccb8cc285baa43f061,2024-11-21T09:06:55.913000 @@ -255068,7 +255073,7 @@ CVE-2024-31452,0,0,5cdafef5c78e09ffca3c98f889487c5ec92d0c08a681ca2ac3a4058828c15 CVE-2024-31453,0,0,b6c3a6e04c34279599464a5b1034ab954b144d546b1c7a6dd30ea6f033341e15,2024-11-21T09:13:33.070000 CVE-2024-31454,0,0,eeb3af91d04a4e06c485cdbd46bbe0f563c4f3a8310390a192ea57d6116c0739,2024-11-21T09:13:33.200000 CVE-2024-31455,0,0,edba5197d4b290cc9185f10d89d5349716bae6b04d956f46193540522ac4de65,2024-11-21T09:13:33.317000 -CVE-2024-31456,0,0,277dec8561ee4d6dba554cd0708f4f86c5da8723cd874af280b8dbfb057a29ee,2024-11-21T09:13:33.447000 +CVE-2024-31456,0,1,cc0ebc549412cae09a060830a9cb2cf999f8a86a823dbb12d2b962b4a6203e97,2025-01-07T16:49:45.263000 CVE-2024-31457,0,0,7496b235da2a8f649f51f4c05bcb0a1fc7ccf63d38289c9f137e2e2c5f70e2a3,2024-11-21T09:13:33.593000 CVE-2024-31458,0,0,f1203e2c3a46f7be642b13c51e7dd5168879adfb2fe09654c2cb338e1e72a5b8,2024-12-18T20:47:06.343000 CVE-2024-31459,0,0,1536d88df9c977acdfaeb9e560565850a2e9d806cdd7736d9c16cf9832c335ff,2024-12-18T20:49:57.357000 @@ -257976,7 +257981,7 @@ CVE-2024-3548,0,0,64d728af28809c7e405f88cc2b9445430ea7fcba331c3ebc611e9b0849f0df CVE-2024-3549,0,0,fa4e42792b87ad0d0a8c4b5d8e7f55d9a4bcf88d4b080da714fb25722a9b01a9,2024-11-21T09:29:51.313000 CVE-2024-35492,0,0,95f9a6ef68591f2158df514fa0b56c27d61acfc840f920f18bc3599e42cac680,2024-11-21T09:20:21.520000 CVE-2024-35495,0,0,390f47c2cbce25898044aeb7d1d5f69964e2bab36870c263144336aca99b03e9,2024-10-30T15:35:10.887000 -CVE-2024-35498,0,0,500ed47a774202abfcf1dad9dcaf533938f906172c66fa51b096b8bbb91cf797,2025-01-06T19:15:12.707000 +CVE-2024-35498,0,1,bb1d6dc6adc06319174305aec52a77d02e9248270cdfbb5d04470bef2b3a6d9f,2025-01-07T16:15:33.277000 CVE-2024-3550,0,0,c0d4daea2f4c6dc96445348b84c055a461e0c57276f8a5b6076f02f996d10f65,2024-11-21T09:29:51.433000 CVE-2024-35504,0,0,f66769e4b1ea57e9ac1b3b58572543a71ffffdd53e99eaa814d248b36957d3ee,2024-11-21T09:20:21.907000 CVE-2024-3551,0,0,6dfb995a287494b771bad4f867f53bea4aed5291629de60ee9f068404e24e321,2024-11-21T09:29:51.557000 @@ -259302,8 +259307,8 @@ CVE-2024-37143,0,0,8127203f90cbaf631ca5e4edcfa76ef27898cdc3404b1d360c9412b879452 CVE-2024-37144,0,0,04f6a12bfc2a722c349a8ddf0e2720a19828efd3bd8c4b40c82da7c243ea5dde,2024-12-10T03:15:05.730000 CVE-2024-37145,0,0,603e250630d8db36a65f2b32fc29bd909465783da4a4b9d605a69590653a4715,2024-11-21T09:23:17.597000 CVE-2024-37146,0,0,e821fd740200ae8a142c50ef5c7f6d74765fdc916fffef75517e92f79dcfc790,2024-11-21T09:23:17.743000 -CVE-2024-37147,0,0,c1d8f585ed39a8e799dd1db91d0314e67f67f62aebe366171cef5da726fbb84f,2024-11-21T09:23:17.880000 -CVE-2024-37148,0,0,4a84262773fd4b6b982d52eda1dd022c9b923c88b9eedf55cccb6b5207976b5c,2024-11-21T09:23:18.003000 +CVE-2024-37147,0,1,f35af8a320b964787a60a6cedf526a4d8c944aa12ade01afe6bca9d7962c0627,2025-01-07T16:55:46.580000 +CVE-2024-37148,0,1,119978faaf5ee714ed0d6a8435f9704a171008d896b47a828f4d298a193b330f,2025-01-07T16:58:37.837000 CVE-2024-37149,0,0,c274ea93c6cb368788d9ec672d58400bf62a23277c298f2107353bf430814c68,2024-11-21T09:23:18.133000 CVE-2024-3715,0,0,0450c039825a1ce2a072b18a6e99aee1905c772e46b078169d5726e5daa06deb,2024-11-21T09:30:13.797000 CVE-2024-37150,0,0,6fbd0750471510149d8d52d3af7979836a70620c53cf349ed817d29373cd6232,2024-11-21T09:23:18.263000 @@ -259963,7 +259968,7 @@ CVE-2024-37977,0,0,dee6bfe73c934bbb0e5b355698842fdf9fb96df5529c7a364cc3aa487c852 CVE-2024-37978,0,0,a35234845a6938a1abf05b052966acbc37f365d5f6c31d8ff3bc67e28719cfb1,2024-11-21T09:24:38.520000 CVE-2024-37979,0,0,c6ba0ecb1eb3eefdfedd4ce069487bce354f57d4cdf194b460bb48440d5ec7e1,2024-10-16T17:41:30.850000 CVE-2024-3798,0,0,71a9dca43378fd449ccf2e81ed896c5ddeca8817f8c50de9c1c19dc1d01bef2f,2024-11-21T09:30:25.430000 -CVE-2024-37980,0,0,780861881f8d24f5a094009cba74deedfb858387d14ff76ee9a2a4387e883f38,2024-09-10T17:43:14.410000 +CVE-2024-37980,0,1,23bddd4fdfcb08f8468751d9603ec49949acb5b7220390885beab62086789a42,2025-01-07T15:26:25.013000 CVE-2024-37981,0,0,ab863615cd356d38ac272b7b13be943976e6ab71cd6287f89ca57cee781e26f4,2024-11-21T09:24:38.803000 CVE-2024-37982,0,0,aefa2d8036944cda94dc3382341b2a96df015b5b111576af2963b53ef08c7486,2024-10-16T17:43:30.040000 CVE-2024-37983,0,0,0d39229f2985db21e2ab221fc92d1468add3c72c64bc910f5f703d961be44413,2024-10-16T13:15:20.690000 @@ -260574,7 +260579,7 @@ CVE-2024-38621,0,0,2edfcf1f82bf3dfea3755dc1e9ed3fde3ce229f91c9bd1b66b6fe77f3cc33 CVE-2024-38622,0,0,b2e62f946f859fe22fd8fbcd0aeffa1a6dfcdd01e6b66628aa784df475b04635,2024-11-21T09:26:30.653000 CVE-2024-38623,0,0,e3dc8df426a30e14470bfe0b41c8fbf74c4c010c97e3641f7a475eeab3fd19a6,2024-11-21T09:26:30.777000 CVE-2024-38624,0,0,1300e43c985eaaf350de1e71bf2ad3a3d0cbd72b56d2af9065f3dd82a76239fa,2024-11-21T09:26:31 -CVE-2024-38625,0,0,36e5a1e4b8bd2e6f06ffb57616b9614677580f60090dd2e8a8c700e43901c48a,2024-11-21T09:26:31.120000 +CVE-2024-38625,0,1,0d78c7e7a82eab79f5bd56766d425b5483e5a3ea8d81f23acbf41ece84573b73,2025-01-07T16:09:49.880000 CVE-2024-38626,0,0,9dff8e6fc4731654105396cce1c9207718ab0bedf2c7f1f623ccefb5a64f401f,2024-11-21T09:26:31.267000 CVE-2024-38627,0,0,3720cb02d28cbfc603ff9a752e3b01df4699e8e737a2585ba6134a0d17a5914d,2024-11-21T09:26:31.397000 CVE-2024-38628,0,0,d4fdcf9144ee46898dc11363f4021850813c3f0a120b750dfa71c7d8984509cf,2024-11-21T09:26:31.563000 @@ -261840,6 +261845,7 @@ CVE-2024-40691,0,0,ac3d9a2c16ecf56eb2b1909a87f2673e6fa5961b82ba378fe17aa1da2a76b CVE-2024-40695,0,0,0d717382495ca983a078932b58ed2224b4fa40332fd067474a8fe684c9650d24,2024-12-20T14:15:24.063000 CVE-2024-40697,0,0,9675ffc87015078088b6658ddad78e8bbe317856a9033b7e633b65273e34d419,2024-08-22T13:27:20.743000 CVE-2024-4070,0,0,228e3a9486746eb131dc1faba8cea69af4b69cb949a0fc5caabe789181f2b9b7,2024-11-21T09:42:07.967000 +CVE-2024-40702,1,1,5239865371844f6925e15401b29df86d20860fe463a0a8fc0dd9b286a1223e68,2025-01-07T16:15:33.463000 CVE-2024-40703,0,0,e703b61d3f8dfe06de226d6f2873ad12453588e6ae0585ecf895673088efbbbb,2024-09-27T16:49:46.177000 CVE-2024-40704,0,0,f1eefecca06d931cc6fa5c315f3cff483d4ea73258582e293da29f36971e3c43,2024-08-15T20:03:13.530000 CVE-2024-40705,0,0,498d1b36f9941cc45abf0a56c450cafece4560bbcc29015fb60565ec3b88fad7,2024-08-15T19:57:34.780000 @@ -262075,7 +262081,7 @@ CVE-2024-40959,0,0,0043be57531474631cc6de7737512d2ab0230deb9269189d29b950369a0fd CVE-2024-4096,0,0,8e6356a175cb07c3b5b0cf4903a72e6a9d5834935e926562f58c2a2a95e0bbd4,2024-11-21T09:42:11.190000 CVE-2024-40960,0,0,d1b260bce7a6f4e3918591cefa3fd644d2061253ecfc0dec1722a192d1703af2,2024-11-21T09:31:57.263000 CVE-2024-40961,0,0,c323f131dac03e8f3736a795ce92c772336b6ee895d5ed1507aa424851c01204,2024-11-21T09:31:57.413000 -CVE-2024-40962,0,0,453dc8c17abdf68fbf028d9e8136465e2a2014164adf84096fedd7f236e2f17b,2024-11-21T09:31:57.560000 +CVE-2024-40962,0,1,1b32e5be99ff36031e51ef4af62c32f3376ebee25aa8774ef70b4bd4ef137e55,2025-01-07T16:10:10.253000 CVE-2024-40963,0,0,c843adbb2e11ca70f14a76d9f2283ec92ebfc91029cb9c0ca45fa23dfccbddc3,2024-11-21T09:31:57.677000 CVE-2024-40964,0,0,c910de534f63857a534d4a6d6bc0df1c126902b754988ebd232d1222d98e8703,2024-11-21T09:31:57.803000 CVE-2024-40965,0,0,f8d0a45c787c53552589ec6b6dd6d65da2df46381e3d5301192fc08e266a5574,2024-12-09T13:10:01.363000 @@ -263942,7 +263948,7 @@ CVE-2024-43469,0,0,75247ad0690e3ea6ea0a08b9d64faf2b2e5451a936ce8666801ac78b9855e CVE-2024-4347,0,0,914a1499327477b8f0d5c50c90bea6d9fba28df27349659abefe40d9866051aa,2024-11-21T09:42:40.347000 CVE-2024-43470,0,0,9a76034ad627badcc26378fb10d49799f03d939aface9e6b118044400f64ff6e,2024-09-17T17:35:02.157000 CVE-2024-43472,0,0,f8e3c9d6561ac8ce5ee6caae48e1fe73371e9553c9d00583bd608487f652ca9e,2024-08-28T19:13:21.393000 -CVE-2024-43474,0,0,84955d9a5d7dc129a2740bab0619c4e43f2eaf00c5a1a70431d416a0cc611484,2024-09-10T17:43:14.410000 +CVE-2024-43474,0,1,34d0a8030540bbfd63b455373b872bb8de8f8337d541fdec541bcbb4c7793dfc,2025-01-07T15:19:09.057000 CVE-2024-43475,0,0,642843020638a34a7bc3bf72ec4bd21d750594153b5913cff49eb86ee294c022,2024-09-13T14:42:52.533000 CVE-2024-43476,0,0,c09b8c55c9964dc9f155766a737473ad6c5f443b790981f8712ada0463e6fd6d,2024-09-13T14:39:20.693000 CVE-2024-43477,0,0,e6cc806f74b6683e07d5bd22159ff78489c4915a4a56167b18f8893a367f7d01,2024-09-10T18:15:13.970000 @@ -264078,7 +264084,7 @@ CVE-2024-4361,0,0,43aff6787a4479f38b03751f8b309978e2b7bd8011ebcb21afe8f9fe0204fc CVE-2024-43610,0,0,f619f17cece16bd26f46489d2cc5e940ddf35f153fc3baff61d99e73d8015e6f,2024-10-10T12:51:56.987000 CVE-2024-43611,0,0,70068d68bda071c9a5571ee7abb6c83fdd9b870395a94ed7f5071cbbc659a60b,2024-10-22T16:01:19.373000 CVE-2024-43612,0,0,812c826e3c16ba289dfbb62de4b281704dbf93c4d4b0a921ae535f6bffcdffc3,2024-10-21T20:48:02.050000 -CVE-2024-43613,0,0,458fed5e83bd559dd1b4128336731750081b284a3dba62b26a613a89dab406f7,2024-11-13T17:01:16.850000 +CVE-2024-43613,0,1,cc633dda43ef8b13ce69f0ec4a9b365544125d76676b641d4b82c2346a780a25,2025-01-07T16:20:13.437000 CVE-2024-43614,0,0,c5d2c4e61e699928a9aa80596895800f4eb921603cf99ac879c7ced052428111,2024-10-21T20:50:38.370000 CVE-2024-43615,0,0,a7be6185efd769f927c83d1bcf5f6fbb2f4769f426bd0b8c50fc4d20209f00f6,2024-10-21T21:00:34.967000 CVE-2024-43616,0,0,53854d33ac39e3d7883338ceed28a977b17a47e36ed07fb5aef1617d3c509acc,2024-10-21T20:47:00.313000 @@ -264824,7 +264830,7 @@ CVE-2024-44683,0,0,4f09b1238998a5a3d9b77f763fcdfbbc3350d7daebe8a7400a76e3f1196f7 CVE-2024-44684,0,0,ca9a79e91bc9d1c7ddd6ceab423f06e6f37813c82b172366e5088549ad184571,2024-09-04T16:42:01.137000 CVE-2024-44685,0,0,138e5ccb6a247889566b2c8e876848883dccce9dffed61342cd752922384a187,2024-09-13T19:35:14.350000 CVE-2024-4469,0,0,2acfa1019c2317d8aef7e399b196bfa2e7b6264982511057658094c0bb63f495,2024-11-21T09:42:53.253000 -CVE-2024-4470,0,0,f5bc57bfbaaa62223d5e2b9bbcc5d15ab2834905257b7223c7f9f77a407885ec,2024-11-21T09:42:53.360000 +CVE-2024-4470,0,1,b60aaeda59de76277dce0e7a4074555a8b3cdd03513201bfb1663044b82b6873,2025-01-07T16:37:44.157000 CVE-2024-4471,0,0,4180714e8cfa916547c68fea005eda3c94d571b570a4287f33686157acb5dc91,2024-11-21T09:42:53.470000 CVE-2024-44711,0,0,620599d0f9bccc5f0a82e6591e0e72db06771c1ec29da729120ba22a8704288d,2024-10-10T14:15:04.777000 CVE-2024-44716,0,0,bd6eccd7545156f7db9256b8dd3aa49a2749442bd5838e30c17d76677f843c43,2024-09-03T18:32:45.427000 @@ -265071,7 +265077,7 @@ CVE-2024-4507,0,0,0cce0099e9b56e6c38adf32141097ae968c74e9462bd520a29ad2d370b497a CVE-2024-45070,0,0,22574037e49e95906a7300ab0e802f62743a4b51e77c1347912693e01e58537c,2025-01-07T08:15:25.457000 CVE-2024-45071,0,0,0ebd9328ae264441016b56fd159e414fac64c80926728a2280c837cee121e42d,2024-10-21T13:41:29.383000 CVE-2024-45072,0,0,81a2a0ec5ac444c67185500c958244112d85754bd4f0526c244291848278a803,2024-10-21T13:41:20.463000 -CVE-2024-45073,0,1,ddb4c27340658cb42df2ff98e474d882b5cca95df6d9db84fd1527d0e88d9eea,2025-01-07T14:36:34.757000 +CVE-2024-45073,0,0,ddb4c27340658cb42df2ff98e474d882b5cca95df6d9db84fd1527d0e88d9eea,2025-01-07T14:36:34.757000 CVE-2024-45074,0,0,dd8d54c9d4e8a90203500f3837f7a68f83edce575be9eeb01abe4aedec3f0b62,2024-09-06T16:45:32.767000 CVE-2024-45075,0,0,03a325d99e9aaae9ce6cdcda7dc19958a7d4699a1b3c50bb69b2322eb1c7ef52,2024-09-06T16:45:12.980000 CVE-2024-45076,0,0,eb3cee64fe130784cdfbc414736fb4f58d6d633f4eb84170ae099934a833c82b,2024-09-06T16:44:52.310000 @@ -265087,7 +265093,7 @@ CVE-2024-45097,0,0,86a5f6f58b36ff4d76801faef73b7a44c24bdd910aa639853fe61c2940eea CVE-2024-45098,0,0,beeee876795e27e2a560d9e6400141cf489497a78fea87df6979a5ea96e1eb85,2024-09-06T13:01:44.023000 CVE-2024-45099,0,0,858c41c5f15c72cacc9dd43b5c393ed0070ec0aaeb790150e951db7166ebd0e9,2024-11-16T00:11:09.470000 CVE-2024-4510,0,0,02ed18b24a084b78d31c63e9da1b95e453ef9099ebd9923c60b7e5c73b97e063,2024-11-21T09:42:59.297000 -CVE-2024-45100,1,1,16142afdb50e3e231e065a129998fec030a04def71a52fc2bded01a6eca84caf,2025-01-07T13:15:07.530000 +CVE-2024-45100,0,0,16142afdb50e3e231e065a129998fec030a04def71a52fc2bded01a6eca84caf,2025-01-07T13:15:07.530000 CVE-2024-45101,0,0,f325c1ff668b2b7378c2468672321659723e47dba843b782909feb83b24e490e,2024-09-14T11:47:14.677000 CVE-2024-45103,0,0,a8c0055551f03e695e63b0973f1e941c9fcf8c5e34f2e57e30f25b4a4f7f650a,2024-12-13T19:19:52.410000 CVE-2024-45104,0,0,3df80228db5c275f30b0ae9082e735c38b4d72283dadc8a224190c0e3a2a19ff,2024-12-13T19:19:54.233000 @@ -265496,7 +265502,7 @@ CVE-2024-45624,0,0,b55674d4570db6379ffcfb68d511bfd6e80435e71433865e310cb34f4d504 CVE-2024-45625,0,0,d20161a4995ace7748c12e338379fbc120e9cd3065297a8eb4465406af4a3f9e,2024-09-10T11:19:40.113000 CVE-2024-4563,0,0,27f2769d9984dd66bb0cfddf6faabc8c9a52db87f637959a956c1825f9c056bb,2024-11-21T09:43:06.930000 CVE-2024-4564,0,0,ee8f47044242c05a630f54d8d399a7051500b8cbd4c8fa39ec50216846d2f2cf,2024-11-21T09:43:07.050000 -CVE-2024-45640,1,1,4f7258d4a10770dd15c770b196db9f2c63abfae563acccd54bf2aa4b6de18d73,2025-01-07T13:15:07.690000 +CVE-2024-45640,0,0,4f7258d4a10770dd15c770b196db9f2c63abfae563acccd54bf2aa4b6de18d73,2025-01-07T13:15:07.690000 CVE-2024-45642,0,0,cfb188922d2de3d0a2e624109932e190c43782f5c9c1e7fb30a5b975a8a432ea,2024-11-16T00:13:06.017000 CVE-2024-4565,0,0,7eafc37f7621bbcecc9df42111f1503d84607d3815c6d13bfc741bedf44b3a75,2024-11-21T09:43:07.187000 CVE-2024-45656,0,0,bd9c2ffe8b9cbe4ee804430325ca28b90db5a453ccc34b145371cf00c3254208,2024-10-29T14:34:04.427000 @@ -265755,7 +265761,7 @@ CVE-2024-4617,0,0,591f2f27c42c02f697911ff625983cd1e4eaf8f3a464b0dba65cf73eb6c11b CVE-2024-4618,0,0,cdc22910a020e9bb9502aeb149bf184528942c32b067a8d361cbb1776e6c9212,2024-11-21T09:43:13.690000 CVE-2024-4619,0,0,e13855d30b6945557dd4659b259b86ac4d456f730a52ea3bb1b91f51d4f58536,2024-11-21T09:43:13.810000 CVE-2024-4620,0,0,ba6cb8b4b90a19279ffa16a083d9166077215ec27ed0288a47d1ce2ebcacc327,2024-11-21T09:43:13.923000 -CVE-2024-46209,0,0,bc413d865746f744d2268f2d195a895a6801cd661562cee885c7969a5e87154f,2025-01-06T19:15:12.810000 +CVE-2024-46209,0,1,d3bbc915447ec1fe735ec63d5553d0fa25a7e9df2ec6f6285302779d3f6b2f93,2025-01-07T16:15:33.800000 CVE-2024-4621,0,0,5b081f12feb85affecbce7e55cb325897bb9294ab5a34846e1b6b33436e2d24d,2024-11-21T09:43:14.093000 CVE-2024-46212,0,0,9fb6a248b9aee6c6623aaaed9592269e8faf25b72106f535b7602ba05dd43c74,2024-10-18T12:53:04.627000 CVE-2024-46213,0,0,14e6aca58c78f4091257ec1bdfcf4f32aabc7fd46f373f1f42d1b8882c20a13c,2024-10-18T12:53:04.627000 @@ -265769,6 +265775,7 @@ CVE-2024-46239,0,0,039d008e66cebe4327bee95b97b4914de6b1e6cba80f55339b9918f2122a1 CVE-2024-4624,0,0,b8449ff3b8e0ee2c88b4f6d45e1af5d82eabc4c0852145584765c0329d0b8432,2024-11-21T09:43:14.500000 CVE-2024-46240,0,0,1191cdf44b6509cbee2a8abac44a625a4ac7bf4a3622ea84bd1d88a32af8af69,2024-10-25T19:00:20.737000 CVE-2024-46241,0,0,1f0674ec17f2d56b2953e5c99a2b749bf8e4230c80e89ee3aa315644015de064,2024-09-26T13:32:55.343000 +CVE-2024-46242,1,1,d23dfffa50059d3cca3d03fe3bd881789dcf7805de796241f7d089988319ccf8,2025-01-07T16:15:33.950000 CVE-2024-46256,0,0,e8ff1292d6b21c7ae8cc6b0452346dfd4818ec086d9a14227767a4b9e342f7b1,2024-10-24T17:15:16.690000 CVE-2024-46257,0,0,2e21e52a1504a13633477840dbd557e9ad05285ae3938c3634988f0489dcfd2d,2024-10-24T18:15:08.617000 CVE-2024-46258,0,0,c52e6b996ce625372477bea80c1b4801ac61785137225fc2e692df95afee475a,2024-10-04T16:41:08.497000 @@ -265923,6 +265930,9 @@ CVE-2024-46597,0,0,c52dc232c382bb8b06d8853357df9fa3c69df01498ea057ff4e6221b106d8 CVE-2024-46598,0,0,cc14f076324de01fb0aedc665220d3a3ce311adfb4ca6be3700a7951d6f4c5a6,2024-09-24T16:37:39.833000 CVE-2024-4660,0,0,61cefac851d738e6211130f613c3c24b72cb5a59425ed2099eb13a6958c5f9b7,2024-11-21T09:43:19.410000 CVE-2024-46600,0,0,a2edf2944e549d9be47dd52eb91fd1fdfd1682be8e1c383075c7935775b4a0c4,2024-09-26T13:32:02.803000 +CVE-2024-46601,1,1,d1aa8c76af546481926d81fa58587c0b0819234b4bbf0362674827e463f9a514,2025-01-07T16:15:34.087000 +CVE-2024-46602,1,1,c8cdf0e02eb0f302fbc4f38d2d86b603365b9f6ef16468e4bc1af7349fe9b4f2,2025-01-07T16:15:34.213000 +CVE-2024-46603,1,1,836e3dc8bfaeddf29857fbecb92cd5946281a59796c24b0d8d2aec535913b1f1,2025-01-07T16:15:34.370000 CVE-2024-46605,0,0,1055d0ef26a73f5e645f2fdb8709387122d75ec2801b9b56966b3a9b26aba333,2024-10-18T12:53:04.627000 CVE-2024-46606,0,0,28b5ab017aae3b940eef21410c789c635db9a13916d1c5cd18485d534534131f,2024-10-18T12:53:04.627000 CVE-2024-46607,0,0,60627a32f7e8fcaeaabd9ac6ff6cf0f372f36d39c465be7eb007e5b08e6157e9,2024-09-26T13:32:02.803000 @@ -265932,7 +265942,7 @@ CVE-2024-46610,0,0,d9dd8e07efaf4137061a4cc329bf5a1f8a1df9d6dda6d0ee310e2fb6b1592 CVE-2024-46612,0,0,e8870a8bb445c23c7ae5bf4aade92a65f12442d4b320c6776d50cdc0fbee7ff9,2024-09-26T13:32:02.803000 CVE-2024-46613,0,0,8c2d66370d93094092ee82785e548b32b2278867ca9c8a29f2da471a13fd64e6,2024-11-19T21:35:06.937000 CVE-2024-4662,0,0,a5946fd4e271464e0c94e8fadff0689ed378ccaf6470b84420e776c96e0baead,2024-11-21T09:43:19.670000 -CVE-2024-46622,0,0,cd1c63befc786ebbb2fdea912e2275d104dbb6edea2596a78b48af36e6bd26d9,2025-01-06T18:15:19.660000 +CVE-2024-46622,0,1,a44c7bc86f1de80b27512eabf0c6ff1761728c709366003944049de21b02a3a0,2025-01-07T16:15:34.500000 CVE-2024-46624,0,0,1d781dac5c3c03f9553a33e0c8f61a0000ac641e3c43c8e2d01875530634c569,2024-12-04T15:15:11.727000 CVE-2024-46625,0,0,a71dae4f94fa8c690b0d8806dc95d669dc35df1e9bd6eee6ac14f04f1fa13c47,2024-12-11T15:15:10.417000 CVE-2024-46626,0,0,5f2da2d194da31d583545399c8aa7d58649fa22471fe456c45183b18d5dd3c81,2024-10-04T13:50:43.727000 @@ -266473,7 +266483,7 @@ CVE-2024-47293,0,0,6bb6f0254e8d8b34bafb7637859966b7678f57cf41bcf870e5e43b2410a53 CVE-2024-47294,0,0,e42c74cd69b13bdda0bb2d4057d0ce1b9b77ff017e54433cc7bcb129e223b6f0,2024-10-01T14:27:54.577000 CVE-2024-47295,0,0,402f32e42be5201cb0754ad2c50d74985f68db8ccdbaec0762d5cc953b77c69a,2024-11-11T08:15:09.423000 CVE-2024-47297,0,0,399b5aae27edff7d069724145a7e32a973b6ea53decff06d590c7d8449297f70,2024-10-07T17:47:48.410000 -CVE-2024-47298,0,1,88025a15af12b157a5b8927ed0e404759a3e8d46e19b08d7c50f9bc9044eaf69,2025-01-07T13:07:48.557000 +CVE-2024-47298,0,0,88025a15af12b157a5b8927ed0e404759a3e8d46e19b08d7c50f9bc9044eaf69,2025-01-07T13:07:48.557000 CVE-2024-47299,0,0,7745013884319fae23428982b007b36e18c7b6298f640fe41750e2f4f6377e95,2024-10-07T17:47:48.410000 CVE-2024-4730,0,0,0ef4136377605a903fa5ebd3d458310654770feed2d5cfe3bbf370d84e1b4e2d,2024-11-21T09:43:28.357000 CVE-2024-47300,0,0,a6e09176c16a6dd3daa13ec86d49dfd3a0d5da8ea5e2d077b228a8b9f4d6e01b,2024-10-07T17:47:48.410000 @@ -266538,7 +266548,7 @@ CVE-2024-47353,0,0,694352a570bceb3ad9bde3a11b7dcb205a5f5b8bb314faf95c62f226faf34 CVE-2024-47354,0,0,ed1b0a07d44aa984f50fbe9f60fee94e2887ec20e62ecc1f65c28b4d86d96841,2024-10-15T12:58:51.050000 CVE-2024-47355,0,0,9aa352dfb3149fa170e524c2ce4549d0b7511773ff7e6ea96bd9a44f3463b903,2024-10-07T17:47:48.410000 CVE-2024-47356,0,0,4d9ec6479b0bd110a2089be0f68eca6b04b642b868f871756195f7d4c1248802,2024-10-07T17:47:48.410000 -CVE-2024-47357,0,1,bcd17f1037f2b965d59f9928c8b1377b83a336d1f7691b570626703f28e9b6b8,2025-01-07T13:29:50.210000 +CVE-2024-47357,0,0,bcd17f1037f2b965d59f9928c8b1377b83a336d1f7691b570626703f28e9b6b8,2025-01-07T13:29:50.210000 CVE-2024-47358,0,0,6206dcd7cd32e5068162740e84c015df825368f32d7ae5c35db89fbd4f60f1e9,2024-11-12T20:28:55.623000 CVE-2024-47359,0,0,dd485d883d252b317a6423f6bc4be8c18f4053351ea27130083e457233a34f93,2024-11-12T20:26:27.230000 CVE-2024-4736,0,0,83c99b5fafdf3c3f5e6ade4ecc995983b3db62cc82b7f54e22db35b7b5f14d4e,2024-11-21T09:43:29.190000 @@ -266576,7 +266586,7 @@ CVE-2024-47388,0,0,758c51fdaec18732cfb900475a403560931bd32506c62fbb2207642d3eb56 CVE-2024-47389,0,0,eabda1865aa20b5bc50afcdfc3971a8275494d92b1cb9b6597fae9e3bd09426d,2024-10-07T17:47:48.410000 CVE-2024-4739,0,0,7b14c0aa87931fd19f500e5986f0b9cf9b632066d66dcbd2ac4307c74e99fb69,2024-10-22T14:07:02.023000 CVE-2024-47390,0,0,d738f0c3283a40a8f6c8244c45a08e8f9645d076c423589db94d9379aff3c640,2024-10-07T17:47:48.410000 -CVE-2024-47391,0,1,500eb0e23f5ae3d06f662233d5d40aa77710641ba95c8d575dc20b70f2347927,2025-01-07T13:57:47.850000 +CVE-2024-47391,0,0,500eb0e23f5ae3d06f662233d5d40aa77710641ba95c8d575dc20b70f2347927,2025-01-07T13:57:47.850000 CVE-2024-47392,0,0,7d93a3635e28232dc25322d9d02a74dbdc0712d524ee3084f036fccefe253476,2024-10-07T17:47:48.410000 CVE-2024-47393,0,0,228410e0daf6874cb668c644bc1c416844376ff82bc2ee46443d12bb91864fc8,2024-10-07T17:47:48.410000 CVE-2024-47394,0,0,a0040493a4339256d0c055721ffe7da5d10466a1db94b9e0e71b6b8311834a32,2024-10-07T17:47:48.410000 @@ -267229,6 +267239,7 @@ CVE-2024-48238,0,0,3f2ffc614fa15d916232399b967037f846ea28604374a981ad0466971cf3e CVE-2024-48239,0,0,0c07796f9941e77d31ea455c930d1849f400f89336e89d408653eccdc74bdbd1,2024-10-29T19:35:22.840000 CVE-2024-4824,0,0,99e5c25e3efbae2d6155cb78a769b081c4e63979dfca195378dce1a55688edc2,2024-11-21T09:43:41.940000 CVE-2024-48241,0,0,942b4afc357baeaceadf6e602d4d8e3bfa0474bc4cebfcbfe23fbed098a739b4,2024-11-01T12:57:03.417000 +CVE-2024-48245,1,1,03e7c6a259252abfb450758b12e8246b166207af136fa7df3cec4b63433f47b3,2025-01-07T16:15:34.730000 CVE-2024-48249,0,0,2b7bc564c0f7feefef01fa93cd50d56ca2a93e73b5f3eb01b90321a2b54ebe80,2024-10-15T18:35:15.607000 CVE-2024-4825,0,0,5c1d8ba2e7dfb16ca18af9c563e1590f25a3d396f69347243d31cae6dbf069a9,2024-11-21T09:43:42.050000 CVE-2024-48251,0,0,c80def3e238ed0fab4e8dad7bc06f5b33b90fcccea2cf3bdaafbfe1c7c4fb67e,2024-10-17T18:35:12.280000 @@ -267300,8 +267311,8 @@ CVE-2024-48450,0,0,2ad4bca80a954b5a64850267d64cde36a0cc73a58476afe8de69f997e4304 CVE-2024-48453,0,0,3e4df1eeae274bbab92d66627c425462f4715efda5653276293edf2b80192e38,2024-12-12T02:04:03.420000 CVE-2024-48454,0,0,9e0f8e82bd55ca3c8b98e816c5edf51ab830449d458f68194479be7d35927289,2024-10-25T12:56:07.750000 CVE-2024-48455,0,0,6e133e8ee57b44bba6c49d6e60aaa60c9d55d5d8bd2e95486d0bc2e58c6233d2,2025-01-06T22:15:09.510000 -CVE-2024-48456,0,0,1aab32b14ccddfd27719530f2e142cbad5677e886180851db96555fc78276957,2025-01-06T22:15:09.620000 -CVE-2024-48457,0,0,3005633abd3b3f370b9cad2d314deeece686fc0e9bbeb102b1b21a332e40edc2,2025-01-06T22:15:09.727000 +CVE-2024-48456,0,1,fbb569fb57e72aec0b2b4128e6a8adfd90b8bb9238365e9a09eddcb2d6533a26,2025-01-07T16:15:34.867000 +CVE-2024-48457,0,1,99b77ae7cdd1ef223e036610bca59359991ba4db95d35fe9aa786febce4524d5,2025-01-07T16:15:35.057000 CVE-2024-48459,0,0,f2ab7e7f3244c10dbfc979fa6bc201608cff2894282b5a96f254cb41fcce18b6,2024-10-29T20:35:32.737000 CVE-2024-4846,0,0,74d9cb500e6ec3c3eeaefc6b52bb41cb76c1e47820ff2b958b0158c620b5f565,2024-11-21T09:43:43.533000 CVE-2024-48461,0,0,18aa4511ff3360b386c9bf1fdfd51c3ed737ebfb483f16f5fc9298b5d999091e,2024-11-01T12:57:35.843000 @@ -267551,7 +267562,7 @@ CVE-2024-48983,0,0,3f60809c606c2488b989897e12c459d2aeb7ed4f2dadf99e233ef785ffd15 CVE-2024-48984,0,0,1ffae666f1e42473bd707894036881e108cae353da85d0eae9c25770d53a785a,2024-11-25T22:15:14.253000 CVE-2024-48985,0,0,8bb53bbc96b650088379aee793c8f02be947eccaa5841fe0f7cf1ff00c0bae42,2024-11-25T22:15:14.790000 CVE-2024-48986,0,0,cf9484fda56052e686c7c5f0c8f108e09e57cac0d3001558017ed0e9f5d2880b,2024-11-26T16:15:16.217000 -CVE-2024-48987,0,0,4e52950f3a90d0d79c6e46390eeeae6f0c7dbe03c3be85cc192fdec99db1942c,2024-10-15T12:58:51.050000 +CVE-2024-48987,0,1,a203e6b54ef42e4731ad652ce9f7229eecdbed2197839b80d366764cbe3de8c6,2025-01-07T16:15:35.237000 CVE-2024-48989,0,0,66d2a88dd40e61ad72a4274898e13f4d867c8914eed9220af9f32ce117d951d8,2024-11-13T17:01:16.850000 CVE-2024-4899,0,0,4215cce8da622bc2d5c7da1a06d33c6b523a0182697459650c35738bc8a5a87b,2024-11-21T09:43:49.323000 CVE-2024-48990,0,0,8ae314221da60f3f28b2dc061e7fd91a0c68d57bf2594502511d6f645886ec7c,2024-12-03T14:15:20.627000 @@ -267589,7 +267600,7 @@ CVE-2024-49019,0,0,843647f8f90ac786c0a7f52167d5ad1708680de16d471d21015ae93f5cacb CVE-2024-4902,0,0,911ddf9902c4a6fad164d9b35cb427e99b0367ddb6da36eb88769e39c7047b11,2024-11-21T09:43:49.733000 CVE-2024-49021,0,0,6307ace2b764fb3bcaadf5b8f349375e7b79a2e73d5feba8d2f974b7854838d0,2024-11-15T16:04:55.487000 CVE-2024-49023,0,0,27afda74dc87c5b87ec57696c77daeb47321854c2cad0318414c8543eb0f695d,2024-10-18T17:01:32.803000 -CVE-2024-49025,0,0,f8ba5cd0c16126eade1f94294ceb500f3d36e6b0d779b5314915ef1be7a1878d,2024-11-15T13:58:08.913000 +CVE-2024-49025,0,1,dd38bc2daa238896569bf2ff9659a286e630c2d74cfbe39695757215fc91e02f,2025-01-07T15:42:37.300000 CVE-2024-49026,0,0,b64588563c951fbd06562cd405e03d7e6e984ef3f419c2627b7c0c356617197f,2024-11-16T00:08:54.853000 CVE-2024-49027,0,0,8cd22fedb07cd9edd7f325517308cd7e0e055917852e77b172ccdd20cdda3162,2024-11-16T00:09:09.700000 CVE-2024-49028,0,0,e4c1cddf086926fa4c1f28e00e67df32d5f06d4e1bf706d0231c2a2e4db2c364,2024-11-18T20:34:16.910000 @@ -267605,7 +267616,7 @@ CVE-2024-49039,0,0,1b38f44a621b2ec6c9245d6149c0d2e4243dd86623a9535e85cd3047ada03 CVE-2024-4904,0,0,8f1d8ea4c71693b63388d0102ac60b48cb8ea1f86873e76d3239d3cadf4cec58,2024-11-21T09:43:50.007000 CVE-2024-49040,0,0,5d0b4fb7954b8696818411a1e9fccbcaf7848a4d687b1b89ca1a2a3a7950420c,2024-11-16T00:05:03.997000 CVE-2024-49041,0,0,8ae253c5553f6c4eb4df71d9a127c4d885da429468adc6a3d64965239642896d,2024-12-06T02:15:18.263000 -CVE-2024-49042,0,0,d70f21c00ddd3eecdc7bd94ceced7abb9c0a63a9a7732afcc975864a8e8e4bc2,2024-11-13T17:01:16.850000 +CVE-2024-49042,0,1,8743867024ab3e89f3af6361330279cbb35cfe9cd54baf2d468c03c6c484face,2025-01-07T16:18:47.907000 CVE-2024-49043,0,0,37989fd57d6d886902b1161cbc445ed9dc49420e49ee7bdbcd84bf837df93d50,2024-11-15T16:05:30.773000 CVE-2024-49044,0,0,61fc818fe767bc9cc29166454a6588c5d1d52bf58babfe90898a89e53c1bd092,2024-11-16T00:03:54.977000 CVE-2024-49046,0,0,b0aad407293d17e8d984623741bd55ea04b6e04629c13046891467cb593f4a52,2024-11-18T22:10:12.960000 @@ -267617,7 +267628,7 @@ CVE-2024-49051,0,0,1a4c11022b4ef8ffb4e676126a8467f49f4fbe220c913e43f0c88e07a91fb CVE-2024-49052,0,0,562a3afb9529893213b3c3a54ea9afa75634dd6a87e1e537d239e6b014ada48e,2024-11-26T20:15:32.723000 CVE-2024-49053,0,0,d6f7a021684f24601e3900d69b66e2b12a673af230694f44e43638dac949a195,2024-11-26T20:15:32.890000 CVE-2024-49054,0,0,1cfc6e1b9daff4eccbd3f4eb039d3f29a00c732f02dfff3006c8c1d6493fc090,2024-11-22T16:15:32.150000 -CVE-2024-49056,0,0,246940536161aef066c3ed9e1c6a6d452a14f6a8dd3f6677a8f979cc15d37c9e,2024-11-13T17:01:58.603000 +CVE-2024-49056,0,1,2bd2b2266d7b792cf7f1f9d1b8f0dc5da233dfb03d127cfa27eda6bdd0ad0933,2025-01-07T16:33:01.547000 CVE-2024-49057,0,0,5cc31537350c6786b0720ca4d729a2efcf9b727dd55fdc496e17ba6d856dd65c,2024-12-12T02:04:29.907000 CVE-2024-49059,0,0,0cfa33e7e3df27c4f8c8c88e205cb7aa04bc3101421e54c43b006e79b82fa7d3,2024-12-12T02:04:30.040000 CVE-2024-4906,0,0,867b56b92bfe21b322ca43ff902131a5c10ad7122b44578e5002b985071da5a0,2024-11-21T09:43:50.303000 @@ -268629,8 +268640,8 @@ CVE-2024-50289,0,0,cbe890f5c9d4c6f76920eb8ce53083b1779519960db0d61cf86dba6e73892 CVE-2024-5029,0,0,88e2c5662d4330e534abb2433fb00aba3c37b519f000b76661416999479d4a12,2024-11-21T22:15:09.660000 CVE-2024-50290,0,0,472e5b89bdd80749e630d2d7cfdfbfa1f003a07e281a56444507df0faaba7cc5,2024-11-19T21:57:32.967000 CVE-2024-50291,0,0,2bfa2e93499428357803d9d1742bd1017215506f4ce049e714c1056a205a95ca,2024-11-27T15:16:30.260000 -CVE-2024-50292,0,0,8fe0b31aa0581014bf51bccd97a346eac51865a375b53c7b1409e69616d6347e,2024-11-19T21:57:32.967000 -CVE-2024-50293,0,0,fec609a1717df17eb34cc0120ed2eee8f093679a47b3265a3b22bc40f28561dc,2024-11-19T21:57:32.967000 +CVE-2024-50292,0,1,95d21dc38032b448123cfcbc6b215509e2ac23d9178dd1641ccfa234e827b99e,2025-01-07T16:10:33.080000 +CVE-2024-50293,0,1,ba7302d95d830c357b7ec4b916e45204ce4fc52b68cfdce311e4f38bff6cd4d5,2025-01-07T16:11:07.423000 CVE-2024-50294,0,0,a56287c7c6c44b3839623aee8786a853478aac87c1c8f4037bacdb635fa62108,2024-11-19T21:57:32.967000 CVE-2024-50295,0,0,b5793fe9e5e200c708da8e3fd2d3817806f8597db59622027c2d0bf299d5097d,2024-11-19T21:57:32.967000 CVE-2024-50296,0,0,a0ab00a3d94c15ca5a168953900e499984de52c4d2f3ef150ea36247cfc34755,2024-11-27T15:24:16.020000 @@ -269137,7 +269148,7 @@ CVE-2024-51094,0,0,9c0a3563e2cbfb0f7e4111937c25ede7da4801ccd5cc0469207158910b8a9 CVE-2024-5110,0,0,fb15a6e8ac3918d54232e697045ba8a0a4f2778f988710aceb135278db14c8a7,2024-11-21T09:46:59.470000 CVE-2024-5111,0,0,16553f7e015987eac3af34fccd670274f33dec3aabde04972879226d81661f96,2024-11-21T09:46:59.603000 CVE-2024-51111,0,0,06fdca48d9f713ba11aa0605dc978b93849ded746b605b0da33a035e037b1411,2025-01-06T18:15:20.060000 -CVE-2024-51112,0,0,5449968c3996b12a0dcccd266ac2d98e12653e9da5f2deef7664bebceda791d6,2025-01-06T16:15:28.943000 +CVE-2024-51112,0,1,fb9ec1f188e1020f6eea6a788766268b99f0b03f66304006a370bc6367d7b8dc,2025-01-07T15:15:10.270000 CVE-2024-51114,0,0,bb120dee5f82301bedd52f6a870fc78612d9b471bba9079cbb07365933b729b3,2024-12-05T20:15:22.340000 CVE-2024-51115,0,0,97924e30f339bc462ccaad1ee3c55c378e15485436cb0bc88676f0cde030376a,2024-11-06T18:17:17.287000 CVE-2024-51116,0,0,163c0d7988ca5329a27514b03075ee6d2fff2ef84e9d3dc466528f493b745f84,2024-11-06T18:17:17.287000 @@ -269750,9 +269761,9 @@ CVE-2024-51995,0,0,e5cad8da2bad6fce5771e874e2b1a0884993be035c680bc3742b5680b4815 CVE-2024-51996,0,0,ff85801f2278caabbb88a673f5522aa23a97c2f9d7260bda4506e22cbaf33529,2024-11-15T14:00:09.720000 CVE-2024-51997,0,0,acce3d20366994a4b626635e9d1a5180796478ce8a1652c0c783857ab39acd0f,2024-11-12T13:56:54.483000 CVE-2024-51998,0,0,9839aa62f76a80c9973f2fb8d41eecba253f6b3142e87cdc34afb99ddaff8394,2024-11-08T19:01:03.880000 -CVE-2024-52000,0,0,23fe85c6c5ac77bcb0bce3c98a13193ea500f95dca2ffe3f29809432771d3e1a,2024-11-12T13:56:54.483000 -CVE-2024-52001,0,0,5538d08f49e9dbd4fd21326674b4ff4abb7d6566286f8dfdc638f0f6bd0a414b,2024-11-12T13:56:54.483000 -CVE-2024-52002,0,0,2f9a607a7142e14de5241d6e0f0d67beed5f6e042b94174330871adccdb20b4f,2024-11-12T13:56:54.483000 +CVE-2024-52000,0,1,164c382f8c88982eb63ce07c2be596e0b502f12f5ca998748920dbcc2ce078fc,2025-01-07T16:52:48.723000 +CVE-2024-52001,0,1,78f4b3f4ac098d84e7755b87917d54c89f68966e660cd2cf99fbfaea2ecc818e,2025-01-07T16:48:41.057000 +CVE-2024-52002,0,1,5dd71186c04d642ab39d61b570b48d9b6609d3cf4aeef18bda9bfec319cb6014,2025-01-07T16:43:28.527000 CVE-2024-52003,0,0,c4d0137679bf24bf7e427991f4a35c6e340cb6ae5935b9bf8c2c02879996db01,2024-11-29T19:15:08.170000 CVE-2024-52004,0,0,af81d9a04f1ca0a30dd0ecd4bf4087812462bfda43adfb75471e3a85c7fac816,2024-11-12T13:56:54.483000 CVE-2024-52007,0,0,6f0263bf421a0f49599286dd93cf09426c13c6e425c7e139103d5ade39ba57aa,2024-11-12T13:56:54.483000 @@ -270220,6 +270231,7 @@ CVE-2024-52809,0,0,652f885846d676120f14dabdd6ac521fed85152402f72016697d2b26d1715 CVE-2024-5281,0,0,fc0976db5d10ac7222d6d7be38c22f60caf8b70ddc146c5f21bffad51467d30a,2024-11-21T09:47:20.760000 CVE-2024-52810,0,0,bc519c3395fca90f2847180bace5d2bd61f10ead143c379d0438b1982cdf8ded,2024-11-29T19:15:09.163000 CVE-2024-52811,0,0,8b4a122817488a51be41eacb5a5ec9e0b5886ee8b97dd1908dd9d3513b97f482,2024-11-25T19:15:11.567000 +CVE-2024-52813,1,1,a7a093d4b10add49402e1ec74d19b9e8b011e357dece838f290e240f092e2e83,2025-01-07T16:15:35.610000 CVE-2024-52814,0,0,27542fdf4d1e39899f04e440482727ae79215851a144e892e913b9bf3a0be02c,2024-11-22T16:15:34.553000 CVE-2024-52815,0,0,c1e8fde97970f9249cef290754120e31a2a9f9b91031232cee085d5724ae3d3e,2024-12-03T17:15:12.267000 CVE-2024-52816,0,0,65718f19cb2a012b57ef8da79137eacc99e273905d4b5a57cf388720343e4d20,2024-12-17T16:15:18.873000 @@ -270280,7 +270292,7 @@ CVE-2024-52876,0,0,6fd21241a1a4f5f736d93e368fdcf08c204bdebd19eb249ace2fceb507212 CVE-2024-5288,0,0,35888db4a5e323e6a29faa7e47d2416858cbeb598a42c21aa0c323691cd3d86c,2024-08-28T12:57:39.090000 CVE-2024-5289,0,0,45ad6e1c3a8134226122bea6b70bcd4aeb55721ddc7a695e24fb24c5dc173e1b,2024-11-21T09:47:21.990000 CVE-2024-52891,0,0,c0501cc1266a2bd619aecd0020292b22c7b56165101d569b54e2d4a5e5ed8b8c,2025-01-07T12:15:25.010000 -CVE-2024-52893,0,1,f8b9ccd71f76c6032a0fbd3777baf20a8d55e394e2ad7bc980c3b4247958cbfb,2025-01-07T12:15:25.153000 +CVE-2024-52893,0,0,f8b9ccd71f76c6032a0fbd3777baf20a8d55e394e2ad7bc980c3b4247958cbfb,2025-01-07T12:15:25.153000 CVE-2024-52896,0,0,e4fbb864f7848e639fc1924ff6e3f9dbd32543077984aeb4db567e289d87688a,2024-12-19T17:15:09.797000 CVE-2024-52897,0,0,a95c21b621375142334fe37fe01c64626d608c334ccb17049cec65f4899cb6db,2024-12-19T18:15:23.357000 CVE-2024-52899,0,0,fd381e4ffbd82c5c3ae3119791a451a008b2780104bd8e38b6962694cf0bd562,2024-11-26T01:15:07.153000 @@ -270409,7 +270421,7 @@ CVE-2024-53092,0,0,7648140eeea3dbcba07b87610f5bab990445287d13346f351e0a3179515b1 CVE-2024-53093,0,0,7a2189a6767397ac9a9524b82ec1cfcf95c13b9556edae05a0802a66edbd2129,2024-12-24T15:02:22.377000 CVE-2024-53094,0,0,6cdea08f81d52ec066a95bb50c1589dc812eaf5d31206bb51acb4c07058ecd73,2024-12-24T15:07:35.193000 CVE-2024-53095,0,0,4e724c82098942c519f58d8d0672f065c3504379b32765b65ae8d7e7c202ab88,2024-12-11T15:15:17.940000 -CVE-2024-53096,0,0,f8c044b16533b0e973c2feac2faf8b82cbb3515bbeb6f4a2c6538817b1f4844e,2024-12-24T15:23:55.943000 +CVE-2024-53096,0,1,dcefc8c8d5e883d6b19cbf59b746dea2614648687427eb8d2bd5cd72eef79062,2025-01-07T15:42:04.183000 CVE-2024-53097,0,0,c8b4e0e4b2cea4326a95fc9929fae4823328f4bcb85dc78d93b5c59fcdd291d7,2024-12-24T15:44:19.850000 CVE-2024-53098,0,0,e841aa1c52390814ec8cb3f228cfb4a113b5a3d775d80a08f6be6b8c677914fc,2024-12-24T15:48:21.330000 CVE-2024-53099,0,0,547974d5607c74bc75023012dee1183f239fa1b3db6bb0628f2ee2193d1004f6,2025-01-02T14:15:08.300000 @@ -270417,7 +270429,7 @@ CVE-2024-5310,0,0,2f7fe56905fa71b6c5244c78a7d9d6396f207d8efd7d5fc87cedf378b01f95 CVE-2024-53100,0,0,c9b76774e7fbb3d37345443f9fcb41fcc27f64217f335d86b9b5ba659a640559,2024-12-24T15:52:44.583000 CVE-2024-53101,0,0,c425bb46b3515da57dc87974bd0976857d07567982d62109b13f805737e7ca08,2024-12-19T18:08:23.857000 CVE-2024-53102,0,0,d1c3ad92d75c37363246642f8e4ba479d5a4bde44aee221d715666c203805e79,2024-12-12T16:15:54.967000 -CVE-2024-53103,0,0,a7df07915df506de9f52139cef74db8c581558f1964a408e318a6596f1884cf0,2024-12-02T08:15:08.537000 +CVE-2024-53103,0,1,77cafd307914e1a24f1ee1d35ab96ff6e827044224f7940ed86d3699c313884e,2025-01-07T16:25:33.233000 CVE-2024-53104,0,0,063549a8c93277f1603e55e543da35e55c8ff1c1baaef95c67cc0358a7fba5da,2024-12-11T15:15:18.110000 CVE-2024-53105,0,0,20675f3b2d3d99600460dea0e4abb4193907124cdadd66352ebc6b7d7d157a85,2024-12-14T21:15:35.210000 CVE-2024-53106,0,0,30e3702644fc7a35784d9f94136dad383572937546c2f59633334350f5453e80,2024-12-02T14:15:11.420000 @@ -270463,20 +270475,20 @@ CVE-2024-53141,0,0,c4eea5c2fe51a3898acccfa414620e41964aab3e73f12af77b5d7bb35ff9f CVE-2024-53142,0,0,fc23c3e378fb46ab5615da6a919ab3136de551312d5d21e741724005200e92a7,2024-12-14T21:15:38.707000 CVE-2024-53143,0,0,4f295a131c4b62067b8322b7a004cec43cd0b859ae5d1b6a73813cfd9519c39f,2024-12-13T14:15:22.443000 CVE-2024-53144,0,0,9d107c35ff0dca61e5b14e7d0131ac8dad4f8c1aeabd45b2baa64b7fc7411808,2024-12-18T08:15:05.687000 -CVE-2024-53145,0,0,f3b6c324d197f301d874f50204cb07f5ea67ddb5ae4138d4d49ad89525c764de,2024-12-24T12:15:22.507000 +CVE-2024-53145,0,1,845c82eecd5000228acfbd771e22e0fcec976590e482e5c078720e730bd428d5,2025-01-07T16:14:57.543000 CVE-2024-53146,0,0,e18a949ec16b9359bad3761dca63094ce301a4b4599e723769333e1c14f227b5,2024-12-24T12:15:22.653000 CVE-2024-53147,0,0,a5545dbb75e1ea0355592ea9c5cbed6b78973df74296885178a65e66e3108898,2024-12-24T12:15:22.777000 CVE-2024-53148,0,0,4b9d4dc07b7bfc2792b42b5f67199b390604698146ea12cfd91f1c4f238361d1,2024-12-24T12:15:22.887000 -CVE-2024-53149,0,0,6470e15e1bfe1a669b2b43dc38c9bea11e552dc0de2d7b1b51de052b051a7aef,2024-12-24T12:15:23.007000 +CVE-2024-53149,0,1,05bc68379e7ec92e2772d13505c846df279c54454448dcbefdd2801c1300b616,2025-01-07T16:36:45.343000 CVE-2024-5315,0,0,cfc4383f1c53119936ccfb248038372daec91d7a497e742b345000be072ec700,2024-11-21T09:47:24.927000 -CVE-2024-53150,0,0,47da414225cf0e47b98b12a5566d6c790b3e2230f9cac701ea88b00e90efa448,2024-12-24T12:15:23.117000 -CVE-2024-53151,0,0,f673fc9a95f6329dfd97e885fa9901e12a0a1231dec0c66864c20b02f6dbff35,2024-12-24T12:15:23.240000 +CVE-2024-53150,0,1,42062accc76561f05b3a37cb4c8683d4a5bafa996981cf7fbbd661e8aa552bdd,2025-01-07T16:38:32.010000 +CVE-2024-53151,0,1,9bcf302f86c516b6c3a19dba6dc2acf65ba01a50be814d57fdb94bd0b36b3601,2025-01-07T16:41:42.637000 CVE-2024-53152,0,0,8c8f4f476264eba0a73ea6d3f2f2e87f1734a052b6ac9dc8cfbd62726a584cb9,2024-12-24T12:15:23.353000 CVE-2024-53153,0,0,9da752cadb1a825f791ff9d8397e2b649ec7c58eaee650a673532728edacefc9,2024-12-24T12:15:23.467000 -CVE-2024-53154,0,0,cb799af6240eebdf5931b9024c3d8886bc904f93c29423ffad5eea9969d9f1f2,2024-12-24T12:15:23.580000 -CVE-2024-53155,0,0,6e7f8c41cd116d0a07faa9a84a652fb32c6957efcf3713d3a03bcd5fb1d3e62b,2024-12-24T12:15:23.700000 -CVE-2024-53156,0,0,0a3277c30b78d93489769a97af080a5fe0469dd6e6f4ebedd0227adfbed2ba9e,2024-12-24T12:15:23.833000 -CVE-2024-53157,0,0,eefc1fe5fbb8c840f8122d59dc467a65526a897136c79f78d7283cd691566bfe,2024-12-24T12:15:23.970000 +CVE-2024-53154,0,1,36f3939d10c8a8472ba6281a2b3ca9ed689ebe2a63b16786b383b929bcb0f38c,2025-01-07T15:58:21.587000 +CVE-2024-53155,0,1,337c9592c2cd07cacfbc5cc85e02055aa42cacc6a208444c3dff71eb8a386e45,2025-01-07T16:00:13.753000 +CVE-2024-53156,0,1,aac424b44518844505e5ed4113e6ba71250434f5c6b683b2c4a41bab7ca199a1,2025-01-07T16:02:00.303000 +CVE-2024-53157,0,1,740c4e38854260229fa4eb1ce5949dd5a376a90942ced861f2cd242a3bcc0508,2025-01-07T16:02:21.087000 CVE-2024-53158,0,0,e531f3eba6de342b83e364b8771c46bf2c1c9fd8d80363877d69a71c57f42b0f,2024-12-24T12:15:24.097000 CVE-2024-53159,0,0,176d1d08b67cfe19ad35318eb47af120be22501b0d6c2bb160c8999095d700f1,2024-12-24T12:15:24.217000 CVE-2024-53160,0,0,4057796bb00f7bfb6f732886520cc805fa7c46e82813820ad292c8bad3293b53,2024-12-24T12:15:24.340000 @@ -270558,7 +270570,7 @@ CVE-2024-53231,0,0,d17e3bda80b5a7cf1c8301cfd137a4225331a6dbdf23858cf1d31e5b8b86f CVE-2024-53232,0,0,b2490c67d61762567c2a4758a059dd7afff0e8ed42e292b47c4a7cf1089d2169,2024-12-27T14:15:31.510000 CVE-2024-53233,0,0,3c38f13d75de4a76f794a84b10f00e056fd02bc1f845028887460515d557b226,2024-12-27T14:15:31.630000 CVE-2024-53234,0,0,74235b9bba8c6fa335f832d794b846a6cdfc4adf175080c7f64bc2837d1b0788,2024-12-27T14:15:31.783000 -CVE-2024-53235,0,0,ea809517fde992a3f267a771d2c2b3117a0be718016d222af5e2550049032dc9,2024-12-27T14:15:31.900000 +CVE-2024-53235,0,1,0c72a9d02c4c1323ac68c14078ff2fdc579770d6094d03c12233e24c514bf29f,2025-01-07T16:02:48.350000 CVE-2024-53236,0,0,7fb60b41991b24fab1f4d66c148092639a1f6c1a16382de6518a0eb474a5c377,2024-12-27T14:15:32.013000 CVE-2024-53237,0,0,23d171fbd4bb56e8eac2319610adf1e1fd3e1e2401f72a4cefcfacfc9e5a2a90,2024-12-27T14:15:32.130000 CVE-2024-53238,0,0,6610e7d3aafebef8985c1159594be7c64b8219149820bb4d4db18a3c87d26a9e,2024-12-27T14:15:32.253000 @@ -270618,6 +270630,7 @@ CVE-2024-53333,0,0,fec584e947b0ef91060e7974c2bc2800b0a5e22197ac40e517d4bb4ecce04 CVE-2024-53334,0,0,16279143f552729b554e869e900fcdb0e710a67308c49b11d3ac0e3ed52e676d,2024-11-21T21:15:24.810000 CVE-2024-53335,0,0,c7b5a8f73d12d44b7820d29b4dc55e553a7dba1e50218bfd0cdeaf78dc12e004,2024-11-26T18:15:19.850000 CVE-2024-5334,0,0,cb79190d7e117b2165ef511634fe8d33c9e23cab24dd6ad00dc4efad8b756c7c,2024-11-21T09:47:26.523000 +CVE-2024-53345,1,1,b29b6abaf7fe0fe01a35e24d3254dc989494daf29457426767f85c2b65eb5a54,2025-01-07T16:15:35.777000 CVE-2024-5335,0,0,227008637fcf0f08540aa31f6f2f1e0a27300047ea0b90140042ff30c0f0094f,2024-08-21T12:30:33.697000 CVE-2024-5336,0,0,3be15ca705f47dea3ffc9a0dd73cdf82724f581c9671519a64e222f9d7a209cc,2024-11-21T09:47:26.713000 CVE-2024-53364,0,0,924e143b4294f3ffb491904ae2396d08e4637aeb46539cceee83f2ecfb2d4d99,2024-12-02T20:15:07.487000 @@ -270817,6 +270830,7 @@ CVE-2024-53797,0,0,0f15663ed81f303c311eda4c1e4733f8c9b6c22597eba45aad68c515136db CVE-2024-53798,0,0,dd15d9db7be990295567f0511fa2c3e51a57e6a70e8f9db78d34a77a51f00ebd,2024-12-09T13:15:40.930000 CVE-2024-53799,0,0,783da60a33ccbce78617be33a3c476d287119720767ee98d4405ce9d100a841c,2024-12-06T14:15:22.170000 CVE-2024-5380,0,0,226318c98a74a19f1dd2a14061de91ef6b8613a700730137544bc16df39ee24e,2024-11-21T09:47:32.550000 +CVE-2024-53800,1,1,60f2b1b418aa5af9bf8eb7e264f0747ee70d94d6038011b54f5154fa38aa6730,2025-01-07T16:15:35.883000 CVE-2024-53801,0,0,94bde297cc2eef951bc9e8d66d3d26a93b5e79f18c7ae9de872b0a80bde93680,2024-12-06T14:15:22.303000 CVE-2024-53802,0,0,d38c12f04c4095c1a6ac4f4dc30d15b9305c85ea7eb04aa1ddfb5bdeec10087f,2024-12-06T14:15:22.430000 CVE-2024-53803,0,0,3ee8313ec2c5826e6c44093bf2e19288a4ab5e01b17ba7838c8e2683c5a34992,2024-12-06T14:15:22.567000 @@ -271409,7 +271423,7 @@ CVE-2024-54750,0,0,a2b9bd793ac60105835f796550f4eca54ad7139b40ad2fdf283a28d5ab764 CVE-2024-54751,0,0,1362ae63d46fa3e6e13ddf6e48994d99d3189782d67a09cf0bde552f8a9a1b0f,2024-12-11T16:15:14.910000 CVE-2024-54763,0,0,569e1b003ff4063f8b2d3c6abf3b92c3cfcf659be7b3e8d47a113001dd609ca8,2025-01-06T22:15:10.737000 CVE-2024-54764,0,0,209c75bf142c690be0633df50e11eea12bb8b77d1b813f37310e8ad2ef7f5122,2025-01-06T23:15:06.510000 -CVE-2024-54767,0,0,1fe654f5aabb424e5a5c102fd0191494403a5180e32bb24b312196b061e8555f,2025-01-06T23:15:07.513000 +CVE-2024-54767,0,1,7c02cf0b0d6cbdcad4d274fa0bc8d056590e80886a47139f828b2d63cc3bf859,2025-01-07T16:15:36.157000 CVE-2024-54774,0,0,4ed84230e45b966235391401edd82584405ef683a3e2fc4ff18ea7ccdbfb6480,2024-12-28T18:15:10.397000 CVE-2024-54775,0,0,3fdaf8fe1f78335459cdc17721da7bdc51023f16b45ae3c005b68536d3244569,2024-12-28T17:15:07.733000 CVE-2024-5478,0,0,db0e3beae9848430f36a4effd5045d24657a32915031caa2ccdcaa2667957312,2024-11-21T09:47:45.637000 @@ -271463,9 +271477,10 @@ CVE-2024-5497,0,0,3a56eddb971efbd0b60114afefb35325ddcc2425bb5133ac9d5e88b22eba20 CVE-2024-5498,0,0,9ecbba4511623233a33c3c81181005b0976c38a133da4d6811e96531fd97f158,2024-12-26T16:43:44.433000 CVE-2024-54982,0,0,cfd88a096d00b833d6272b1bd199993ae32049d7bc6efe9c3a455db48be861e0,2024-12-31T20:16:07.193000 CVE-2024-54983,0,0,149f3772b456c1ff99a44fd44b0ae178f010b2926690711624e998da7ad367e4,2024-12-31T20:16:07.363000 -CVE-2024-54984,0,0,aeab52988334c72603822503139e9742b6f94e69c8f917b38a6d618652de5af7,2024-12-31T20:16:07.547000 +CVE-2024-54984,0,1,3c6b13090909d3934507dc7f38f4e66c664045495e844f3883a0db8064e98820,2025-01-07T15:15:10.720000 CVE-2024-5499,0,0,bbe4dd69894f0f98fba609f59dfd6e7af7f9cec1f980c4939ff30b774a53a4b5,2024-12-26T16:07:06.693000 CVE-2024-5500,0,0,280f34db2c8783872a68d6daa217e3e1e4614074bb8e8b0a741315b28d98613a,2024-11-21T09:47:49.373000 +CVE-2024-55008,1,1,45f19479e0e8c65fbf11eff6cbb408ee7d465fc2df91642006d13b8678e33436,2025-01-07T16:15:36.337000 CVE-2024-5501,0,0,c16d3f86bb6f5e02795073b49cb84dc8c7e7a5718a6fed025ea914c4721b4cad,2024-11-21T09:47:49.573000 CVE-2024-5502,0,0,5a18d45bd85121e2ecc06d05133613fd7aff163eb02902343f6ea41930ef607b,2024-09-12T21:05:37.880000 CVE-2024-5503,0,0,9845e42fb1624974feec370d0d7a831f8d27d3205ac47bd2622c9c03ded76cc7,2024-11-21T09:47:49.763000 @@ -271528,7 +271543,7 @@ CVE-2024-5535,0,0,b70b433a28b7d7ab0e1d2beceba590e517cc88af55d524db84cbd7ff3afa5e CVE-2024-5536,0,0,1f54d5f4d84e17ea150621a726d470a096ebe102b1b2c9727888baf5a5215c0e,2024-11-21T09:47:53.307000 CVE-2024-5537,0,0,dc964262ed4087ff313c4be3be100753a858d893c6319a531383572e591004b1,2024-05-30T17:15:34.583000 CVE-2024-5538,0,0,349018b8a831720930f224f86428ace57b32dfb3177832784fb8b5e53a9e5993,2024-05-31T11:15:09.923000 -CVE-2024-55407,0,0,2149e34871a69f2d40c6eecb3091bd8766c51c33f99974636b2a543b9b572424,2025-01-06T19:15:12.910000 +CVE-2024-55407,0,1,556b85e1087b7070a9c561b1629c1e863de59c432206201377d38b83402acd89,2025-01-07T16:15:36.480000 CVE-2024-55408,0,0,ab1bcbfb27fd1483d3ffbbb7fd6604f52d3a36813a1b039bd2c2b2c31076a008,2025-01-06T19:15:13.010000 CVE-2024-5541,0,0,f9b4d455e6b62fc87b5177b190c5e5d55cffd60f56e01c7f957c7d36f3e08c46,2024-11-21T09:47:53.453000 CVE-2024-5542,0,0,6f204123d7eb6582297f3ed2f1f9284859b42e6e6e67e32f4ec293ca8971e5c4,2024-11-21T09:47:53.577000 @@ -271573,9 +271588,10 @@ CVE-2024-55546,0,0,942b232afb25307bd1bbb9171d407a64efb6124e7535155a6616308769a30 CVE-2024-55547,0,0,9d23528e3e5c1a7b1f76563e1d474f90d9913c0e87c6f8fd8a14829ed85aff3d,2024-12-10T20:15:21.527000 CVE-2024-55548,0,0,b89e0a622aeff00dfd6cdc1dc1884c1956fa3e7da287ae36b11ba4d60647d05d,2024-12-10T20:15:21.643000 CVE-2024-5555,0,0,742073dac4de00aad4cb6df58c8d366b01298901468c1f8f2b3d987b01395142,2024-11-21T09:47:55.300000 -CVE-2024-55550,0,0,083b12aa55fd376f21b90ec42869839cac3f2d3ae5f0c3d1ccf8b929f82d5435,2024-12-11T15:15:19.653000 -CVE-2024-55553,0,0,9fdb0c43bc4ef57af0f5d4f95d0af9f114be3998fba03fb0808090c0a3750a59,2025-01-06T23:15:07.637000 +CVE-2024-55550,0,1,f14b09989fc33e9668bd77f32e52a61daf63a823657985b5bd0cda5251e19e1b,2025-01-07T16:15:36.660000 +CVE-2024-55553,0,1,3bc316f0af4b80bc58ae910e6172da9ff5010fe0b778c5270df43d1041706470,2025-01-07T16:15:36.840000 CVE-2024-55554,0,0,09e3cdaa4a820daeb6598bb5a8faaf533e66285f3e6a4797b593c193d2a0933a,2024-12-17T17:15:09.843000 +CVE-2024-55556,1,1,f6240e3c75d02dffd25d8327c36b48f04ddfbf6dc1d3897c46320c15b6f0b8d9,2025-01-07T16:15:37.017000 CVE-2024-55557,0,0,1c44f970be9c9162e2fd5fa3f9e1778bc69c31c3d5707dcbd0caa2e430754ba4,2024-12-17T16:15:25.900000 CVE-2024-5556,0,0,f573f07f74091c9ef49ab63e55c790d8f661c071a22a95c82ecfdf6c6886287c,2024-08-27T14:36:53.273000 CVE-2024-55560,0,0,34631484c4ac18e7385d5b08b3c8f4829d4f28112bef5e467e27e8892a961b13,2024-12-09T16:15:22.750000 @@ -271767,6 +271783,7 @@ CVE-2024-56052,0,0,9a44770d39da7be425571a9350723d3d9e09d773bb8c96e5f144a39458c2f CVE-2024-56053,0,0,026aacd8a5b9ca9d06f79c80ecce4ffac76991d6422ee09c875a778f742e2ca8,2024-12-18T19:15:13.003000 CVE-2024-56054,0,0,4ecf044ccaa288170eea4018528a257091f569e9668667ecf092c6eee1833a59,2024-12-18T19:15:13.137000 CVE-2024-56055,0,0,1e85ee23c3361383079345b69160198a31bbded4d1fcb235bf4bc7a0356b4c45,2024-12-18T19:15:13.263000 +CVE-2024-56056,1,1,8d14785eb528e82368e3b3c93b1f879b67915ddd42adea1eee4b741c53e85318,2025-01-07T16:15:37.140000 CVE-2024-56057,0,0,52ab628951e1d719b316ba7abe1325c61108c1e1b94190c530d208ac2916ed0a,2024-12-18T19:15:13.417000 CVE-2024-56058,0,0,acc256b72c6ddf178feafe627688e78f25a5d2961313a94b4eed1089cb116425,2024-12-18T12:15:12.087000 CVE-2024-56059,0,0,54cd8436a78994ce8bff57ca5e507720ff26093eb1124abb1e7cdd3e2c39fdfb,2024-12-18T12:15:12.237000 @@ -275030,9 +275047,9 @@ CVE-2024-8849,0,0,0734151af4af8138bcdc00f593bbe5da7ce0eb57042fd20edab1406815b87a CVE-2024-8850,0,0,6a79107655be2c071c14b8c23b6123b1889673d27ef57475d913bb60daea2138,2024-09-25T18:49:53.397000 CVE-2024-8852,0,0,30058a9af3dd7a32997e52bc92060be7a6e41d470611028e31f3fcdaf7d3bfbb,2024-10-25T21:20:11.410000 CVE-2024-8853,0,0,8a2f5d1c05cc9b3a3da315856bc11b5532339e2e37b2d0099ab6a7be83232255,2024-09-25T17:49:25.653000 -CVE-2024-8855,0,0,1956de983d46a6371dc4df62437b92a6dda5a74fa8a190c1f8e671dfd2de38f5,2025-01-07T06:15:17.977000 +CVE-2024-8855,0,1,802999a70966b0b71e612ef66e31228db9820bd8dfec7895b3f8da0854e74b69,2025-01-07T16:15:37.873000 CVE-2024-8856,0,0,9673197f029df18178a4a1f715fc7a70f5066ac5587142a3b689de66b2851e04,2024-11-21T16:15:27.633000 -CVE-2024-8857,0,0,c66b32372d1b3863f228a54c316a3ef7200e64698f2924a997c32bd7dfd3d8b0,2025-01-07T06:15:18.100000 +CVE-2024-8857,0,1,16278ff34750ee56afd95e32985c0c6a98ffcbe3092c1e921c57f4b64e713d3d,2025-01-07T16:15:38.023000 CVE-2024-8858,0,0,ad81041fe495a196e9577347167ecfba5a083a17b0628925776a883bde8de8f7,2024-10-02T18:41:29.067000 CVE-2024-8861,0,0,b142f8cdfb1b389115184b8221537238e047c24179b6739e896f736e2c2081f9,2024-10-01T13:41:27.213000 CVE-2024-8862,0,0,1a8961f8693547b26bd383d0fe2e24176b66436d4aff5322938219edf5b87168,2024-09-20T15:47:10.697000 @@ -275426,7 +275443,7 @@ CVE-2024-9354,0,0,dee827dc13292a20bd90e43c0143ee53f0df1f362bf93860946aa622f3a875 CVE-2024-9355,0,0,b0ec2555edb2be21aba884cb9f09977310be30a82039454ba7e0acd9a6463ce0,2024-11-21T20:15:45.247000 CVE-2024-9356,0,0,0e5b063e7a821f841b1ce9f2b8a4731ca3268644887ec3fcecffe9693970f3c1,2024-11-20T15:01:41.627000 CVE-2024-9357,0,0,640186f8f72cd78a5751991fcededaac14402a8a19b5c35e7bc40afd0be046a2,2024-11-12T13:55:21.227000 -CVE-2024-9358,0,1,d139fa599a975780ffdea835e22ab4291155e7dbe2218595808cc49197023a4b,2025-01-07T14:23:31.477000 +CVE-2024-9358,0,0,d139fa599a975780ffdea835e22ab4291155e7dbe2218595808cc49197023a4b,2025-01-07T14:23:31.477000 CVE-2024-9359,0,0,c75f222918092aaaca4a2062cd199c4bbc4ce5e18c18392437e93e13001faf6e,2024-10-04T18:54:12.417000 CVE-2024-9360,0,0,9e7f98e3d809b8c96b9d73cc0b5d35292511289aedca7f27c34f93544c8c9f3b,2024-10-04T18:53:58.020000 CVE-2024-9361,0,0,5bc3da93845b38589382163c5da3beae4068773a42f5aefb96e280c13a317d80,2024-11-01T18:46:32.783000 @@ -275647,7 +275664,7 @@ CVE-2024-9633,0,0,464719aabf82d4c51da737aba0ef58dd3d7e243c61253713abe30460682816 CVE-2024-9634,0,0,7b5dabf15ae54de4daab48b64d2e27f430eb55d7ab2217a5e19376e8531d6f32,2024-10-16T16:38:14.557000 CVE-2024-9635,0,0,9f77fd7ccc96fa6d4c00f44465f9f4a309bfc7a2ae1c26c3627ef0449f3c9e02,2024-11-23T07:15:05.027000 CVE-2024-9637,0,0,0f4d16db68000f66da50bae84c41a0f228004e7436fcad95d0969905f72e932a,2024-10-28T13:58:09.230000 -CVE-2024-9638,0,0,ce33c4b600ed06e2e65e1d9a56a164be7402004966f3e2fcb3141277ce238c60,2025-01-07T06:15:18.217000 +CVE-2024-9638,0,1,07713ca86d99b56fc460dcddc9f1d60133310c7d0c8406d6771a8f56af4a079c,2025-01-07T16:15:38.170000 CVE-2024-9641,0,0,1af3f797b9845e72a30c1ec84ed9cc9350f350e1f0f00ee15b2f0dce5766f023,2024-12-12T18:15:28.297000 CVE-2024-9642,0,0,e785c942bfa480a7574dc49561aef989c60cf4146a0b8eb964f23c4e5169b91d,2024-10-28T13:58:09.230000 CVE-2024-9647,0,0,fcdcaf92364c0d2df50a52f6773b32a5c3346fda1bdd5380b00168c49162a8b6,2024-10-16T16:38:14.557000 @@ -275996,7 +276013,22 @@ CVE-2025-0230,0,0,da56c380fbd78e0c1f33c2e3a59c91c27f8ad01a46dc235a12db28093892ee CVE-2025-0231,0,0,73ba5b334ad5db7bd7f18e0277fa8cbe48a99916bc557dd1170e5fb52d78d868,2025-01-05T22:15:05.540000 CVE-2025-0232,0,0,bbb1f8dd03cca1cfde501a9cda5da15f541da213c05bfee0e291ed634d921d4c,2025-01-05T22:15:05.767000 CVE-2025-0233,0,0,5ed4a33582b9d256ec10fa7176aad6ab5c25b941c467fc43ba8899ab1d384b8a,2025-01-05T23:15:07.320000 -CVE-2025-0294,1,1,67658706f81ffa72b9208c99f691e96cb6885069989008a61de21726d5536133,2025-01-07T14:15:24.277000 +CVE-2025-0237,1,1,2c3434970a16bec4392c3f4bed6767e2925d87ab842525d3b26b205dc283cf1f,2025-01-07T16:15:38.323000 +CVE-2025-0238,1,1,e82327f2f3ebe1b24a464a1a04ae8d05e90f55b42a3f025ea84dc43f52b25878,2025-01-07T16:15:38.470000 +CVE-2025-0239,1,1,afe9eebfe4b4296706d9ce7f0682dd4ed3f5045335b08cc44d37cc5438c37472,2025-01-07T16:15:38.563000 +CVE-2025-0240,1,1,e96fcd5423b4d2b2ff7a765d0bfae31256c7b6e21ad279b2a7a9221a4d70de9d,2025-01-07T16:15:38.663000 +CVE-2025-0241,1,1,de4460d398e9a978698b951541d871507b0033d391ba8312f623449de07c64a9,2025-01-07T16:15:38.767000 +CVE-2025-0242,1,1,9b431442a04718d3c03b715641e5690877e9163ddca776bb88f8cd458d487a6a,2025-01-07T16:15:38.860000 +CVE-2025-0243,1,1,444567568d81e3ebf7b0ef1744bbe79078a7f79e5d87b28594b3b341799213d8,2025-01-07T16:15:38.973000 +CVE-2025-0244,1,1,da7a2b514c4830f709716da93c7d0ce9571dbe62ad6b385d46d804ff7e516618,2025-01-07T16:15:39.073000 +CVE-2025-0245,1,1,7d1c15830a35f014af9d006a8c36ef0ada0ae949c06344e8358c104b93e5a2b3,2025-01-07T16:15:39.167000 +CVE-2025-0246,1,1,74b6776ab53ef7efb7befa6d5e4e3be744a879e5642872b470060da8ae784144,2025-01-07T16:15:39.260000 +CVE-2025-0247,1,1,397c23031a5d2c57816f34c6269a1946e0c796fab05b8f5ddab685e73b49be75,2025-01-07T16:15:39.357000 +CVE-2025-0294,0,1,e5d86f9b17bdfc744e2441f17af376b91232f83a0091836e1403d549321b0bdf,2025-01-07T15:15:12.113000 +CVE-2025-0295,1,1,52a16028421d06d344a294c38baeb65e7eade91eddca5850ff08cb460a814ef0,2025-01-07T16:15:39.460000 +CVE-2025-0296,1,1,ef99994aa0e927283601f299ff2a2a7b6828140dc06395bd45961df4e93495db,2025-01-07T16:15:39.673000 +CVE-2025-0297,1,1,e6df0dbc25b69f65f6585e2723e6f83d60a4cc3da33516aa4da5024622d55482,2025-01-07T16:15:39.887000 +CVE-2025-0298,1,1,035368a53219841b97c48e0c494f4c144d1c514f2f8ac3997e14062ac72f07c8,2025-01-07T16:15:40.167000 CVE-2025-21604,0,0,ec728601eba6bd539d6daf316c2c18ea930a896bd5f0099ef67fb1e9d57f3d64,2025-01-06T16:15:30.927000 CVE-2025-21609,0,0,46e3af17bfffe98fbaec33d01272d23877fbd06c6cc0e4a79625fd3beabb7e1e,2025-01-03T17:15:09.147000 CVE-2025-21610,0,0,803b1c12bbaab2c87bcfc5865cced8b68fa26746eb8c056e6bba01e1200224ac,2025-01-03T17:15:09.290000 @@ -276005,14 +276037,18 @@ CVE-2025-21612,0,0,9fd30e827023ec934479d337fa9a8b1d25e05479de4a6b330575dbf744f4b CVE-2025-21613,0,0,450c2846ee71577b9830e8e719c31e155c37244e65ba9e77e5a01008786d8ec2,2025-01-06T17:15:47.043000 CVE-2025-21614,0,0,aabe0db280dc9dc10bd490c84810b1f616f5219669182912c62b49c623ecf63b,2025-01-06T17:15:47.310000 CVE-2025-21615,0,0,fb1d1b59e0795bd682134b6fa4b1fdae854aaf92d872a6fbaa412cd39ddeff25,2025-01-06T17:15:47.510000 -CVE-2025-21616,0,0,427a588ff5c6e653dd8192f34f66e844819f0925a8e35d6c7a187fcff4345e80,2025-01-06T22:15:11.023000 +CVE-2025-21616,0,1,574f280ca4e262b9cdf785b3704051d4db7363eefe89b70ebf0256101acb2498,2025-01-07T16:15:40.390000 CVE-2025-21617,0,0,1b5674c17538c133c12a05d0a22a69c96dc39356013d3a7f6803ed67351947a8,2025-01-06T20:15:39.453000 CVE-2025-21618,0,0,4c20ae4fc5c8b4aacd9f26687daa5f4af9af83a3837718673c9fc7ecd24be6c6,2025-01-06T17:15:47.660000 CVE-2025-21620,0,0,66289b3b3f28df54a495a49470b309f007a7b7fd72e39a3c6fd58a9e688ab03c,2025-01-06T23:15:07.770000 +CVE-2025-21622,1,1,1e85a305aaeb3d751c0f8dd8b35ba1c3ec71888a5305a62fa31520e33aebe572,2025-01-07T16:15:40.510000 +CVE-2025-21623,1,1,fb9e2454631eeced07f7e09182714cb11ec08c587b53d0458a2a22f56e6a9f58,2025-01-07T16:15:40.690000 +CVE-2025-21624,1,1,1f3abe6867e68bce9b05dea4977e41838d9ee0307f6b472f6d587e372663f92d,2025-01-07T16:15:40.853000 CVE-2025-22214,0,0,9f9cbba758088c6fe54f3b7aba457fa8b68f7e0bf397744585451dc526c7cea3,2025-01-02T04:15:06.277000 CVE-2025-22261,0,0,b64f32ab7c14edb8b70371073baa276f94f41977fffad6128d5b8c7f32ae4fb7,2025-01-07T11:15:13.290000 CVE-2025-22275,0,0,dc0905974c721b278910237158fbbf2db7a66a5bd4b529c9d9744ba0c53260f3,2025-01-03T07:15:25.297000 CVE-2025-22293,0,0,bd03641f797a3639dbea19e70261d5f3ef47716330e1253c8622562a786a5f2c,2025-01-07T11:15:13.473000 +CVE-2025-22294,1,1,a0564480f329fcd7c0e66762a6817c8b66e311ef88bcaa9ea4b0a25b2b9b8c80,2025-01-07T16:15:41.137000 CVE-2025-22297,0,0,9977305a0d6e75d824a101b4298426a66f5e4c76cfe0c4871bbf38350398707d,2025-01-07T11:15:13.630000 CVE-2025-22298,0,0,8bc5151a6942224b93d58d09b54219f124b26cf650100c5c624298b6e94661bd,2025-01-07T11:15:13.783000 CVE-2025-22299,0,0,c413e7372a98636798485d615adbccdf818206e57405b9ae93b2ac23848684e5,2025-01-07T11:15:13.943000 @@ -276037,7 +276073,9 @@ CVE-2025-22326,0,0,55fcc2ec90ca2a48f1ecf2e7ef15d685d0e234288e1450bdf5945ada1cab9 CVE-2025-22327,0,0,94ae0a0af4015641e039cb88bbf4a5342f924e137904074a584ea13bae54ad53,2025-01-07T11:15:16.870000 CVE-2025-22328,0,0,85e6710d10db6ae0f5bd4808efdfb16540414aacd5b21f737702fea8c3f3f3b6,2025-01-07T11:15:17.020000 CVE-2025-22333,0,0,9076c8d41b6efd0e0fd9421ac7e36825af266ebb1d92a228e7e9cdde0a09d000,2025-01-07T11:15:17.160000 +CVE-2025-22335,1,1,7b6c88c7f724973f8b5d10f9481d7ef4194a9913c64a19757342a49b449698c6,2025-01-07T16:15:42.703000 CVE-2025-22336,0,0,d1d30c72fb6e01dc20afc043a552806c00e06e487af20ad9dfbaf9607a442c8a,2025-01-07T11:15:17.313000 +CVE-2025-22338,1,1,7386260298494eb42e950f1f880bf8ae70e10350f68ba2f5b8af057495330fac,2025-01-07T16:15:44.117000 CVE-2025-22339,0,0,771cfd61a8b5d752aa38f63f03d13ecf4a4d9126ac8095ef4007c48756aefabd,2025-01-07T11:15:17.463000 CVE-2025-22342,0,0,063a12927989c01da7ad06ed778a17254bdc2f246dbbcfb9d1a331dab7385b47,2025-01-07T11:15:17.610000 CVE-2025-22343,0,0,a01cb6c83acf422bb85038c7e3d12905550105cbaa3bde139d47adcc60f7e94e,2025-01-07T11:15:17.743000 @@ -276063,3 +276101,63 @@ CVE-2025-22388,0,0,7b76724cf59a9c67f325da6bd673f3f15746ba083c4bc35be8117d11c0a0d CVE-2025-22389,0,0,50d6eaab20c8259cde700c821ce2570def076c6cb2eb277d3379fa3f59f6550e,2025-01-04T03:15:07.580000 CVE-2025-22390,0,0,36805a833480d9f50dee34ab32e5ed9b2707017fd5287eb5a8abd68b1059bfbf,2025-01-06T17:15:48.170000 CVE-2025-22395,0,0,ac5db0ebc696fbb0c57e43b4ad48f0832ef7eb798546a738d8afe72cc61eda1e,2025-01-07T03:15:06.047000 +CVE-2025-22502,1,1,e47e75d81258d25ae0eee9a569a8a8d8f361d17aa85c464ced2971eda4004a93,2025-01-07T16:15:45.717000 +CVE-2025-22503,1,1,402bf3ce290423b600660d8b85d86d2013a2c04e54ea441b78372503a408f2f7,2025-01-07T16:15:45.877000 +CVE-2025-22507,1,1,2cff9b71c5a8e1294ee0ea1c856dbc50719946a9ec91412f79300cad5de53356,2025-01-07T16:15:46.040000 +CVE-2025-22511,1,1,28a656f74d0a00f1dcd5f2d1fb8e8415e8bf825a558b6f9a2f3991d9b3896e4c,2025-01-07T16:15:46.180000 +CVE-2025-22512,1,1,d0e0480ae125953d948bdeebc4960963d65049146d2d6560308d96f549fba6a9,2025-01-07T16:15:46.320000 +CVE-2025-22515,1,1,dc88383ea73e68ad51939744f6cae290bf90cb256d13103188ae9c7665a86c51,2025-01-07T16:15:46.497000 +CVE-2025-22516,1,1,611fd84a0c349163e43f1ea89c3240b45cba2292ed25e25c8d08cb8836f2cf54,2025-01-07T16:15:46.653000 +CVE-2025-22517,1,1,9fc983ded78103459897537381d1a380b232ba76124ae4a3d3794ebc5a224301,2025-01-07T16:15:46.820000 +CVE-2025-22518,1,1,a864a2676a4bdff938f1d9f28be32f463fce1aeb40c710954302551237bb9be6,2025-01-07T16:15:46.990000 +CVE-2025-22519,1,1,b03dc852be0c8215b11d4c8de5b1d47c9bad810d10f80dfb0ef73517ae023738,2025-01-07T16:15:47.140000 +CVE-2025-22520,1,1,edfead18f9eeda03c8cc00cb5e0cacef67069ec050ab27b8d11f83a53b1efbea,2025-01-07T16:15:47.310000 +CVE-2025-22522,1,1,024f0bd031ecc70bb9629fcbe159baf4796426c2b85db8fc05b2bf93b91b9c2b,2025-01-07T16:15:47.513000 +CVE-2025-22524,1,1,84de273bb5783bbeb6318c5154a0cd9ff47d207b84705cc5b1c22760470cbf7f,2025-01-07T16:15:47.680000 +CVE-2025-22525,1,1,c96a8d63c38ef7bfc31d30f88b9939fae4e7eb77a1967169714468d86712f834,2025-01-07T16:15:47.830000 +CVE-2025-22528,1,1,3e1473c212cdf502c2941e4cf89839c1aa0ab52527e07c4b7914a485feb0efdf,2025-01-07T16:15:47.987000 +CVE-2025-22529,1,1,872768ac8fbd7b67a82b204961d3b56dea5a0864471f1d1cdb5936b86e5a73fd,2025-01-07T16:15:48.180000 +CVE-2025-22530,1,1,31f07343a8cb5d2166ec46b0ca399cb71cd94cb7ab1ef67d619b834824c1b425,2025-01-07T16:15:48.350000 +CVE-2025-22531,1,1,9c8dd36d7210e53ba214e8f3cc09f5da41541d942c153faebf89f5d129cdcd86,2025-01-07T16:15:48.520000 +CVE-2025-22532,1,1,b809c5252350cda430ceffeda6049dcb96cccaa25d66b8277bb5a0735d1322f9,2025-01-07T16:15:48.747000 +CVE-2025-22533,1,1,25b61589f30ce3deeecfd9c254fce95888fe59e98c0f7f43787108cd88655b60,2025-01-07T16:15:48.980000 +CVE-2025-22534,1,1,2b1b89b97d9c480a79a27ab2e9768d7914cb2fe9f00d99eb04c1e686e9999643,2025-01-07T16:15:49.130000 +CVE-2025-22536,1,1,d7d3b86b0fd1337cd788f34b766b814fcb4ee3ac1850fff21c34eb096ed2c876,2025-01-07T16:15:49.293000 +CVE-2025-22538,1,1,12a6fca46dfb6875c8a21107d2505a7d5354a155e2258b9de3a7a1adb40ca128,2025-01-07T16:15:49.460000 +CVE-2025-22541,1,1,b6c1d2a08ee9cabe1f5ee57bf104d9edc96473b54fda84b7fdacf8ea8bb547e8,2025-01-07T16:15:49.670000 +CVE-2025-22543,1,1,bb92465369b746da5e3aad33249c8aa0381b90e534dfbb0263a00bbb5c76fd92,2025-01-07T16:15:49.830000 +CVE-2025-22544,1,1,b86adfc3c97a7b5d0d3070401eb2342efddf9d1d837dd854681a3c6a418665ab,2025-01-07T16:15:50.003000 +CVE-2025-22545,1,1,93ce509499b8aeceaabee7fe6f1d969e7f54041fc7dce1a116d7d372e009170a,2025-01-07T16:15:50.140000 +CVE-2025-22546,1,1,79cc26a75b344b9ec118869ae66493493c7eb2b57dcae63bb853bc19ab4946e2,2025-01-07T16:15:50.300000 +CVE-2025-22547,1,1,448662935ffb6e18a8e1163dd127035d11795af899fe916e5975ed1890e96a0c,2025-01-07T16:15:50.463000 +CVE-2025-22548,1,1,a2db0dc193c4bf9919788b967c39e79b3c40d299b83bf580eaf891c7ba01f8f7,2025-01-07T16:15:50.623000 +CVE-2025-22549,1,1,37651db6a80599d6a9d497dbafceef4e36e97fa49984798305794401d5aab828,2025-01-07T16:15:50.790000 +CVE-2025-22550,1,1,6f6d866b2625259c5090072b3a79f45d7499a06cc915b8ccdbfd564c98f9d1cf,2025-01-07T16:15:50.960000 +CVE-2025-22551,1,1,1c18b6a68d2faff9ea94214e5f20e5d2d17b48b1ae31ff8ccdbf60543e9bb4ce,2025-01-07T16:15:51.127000 +CVE-2025-22552,1,1,2dfde245749df3b6fbe40234d508891ad03a012dcf4f3026e6523a9622ec19ed,2025-01-07T16:15:51.277000 +CVE-2025-22554,1,1,169aa2b604547b25659f115978b58d0f1bd7f01eddb66dd86a7268532d44c0d9,2025-01-07T16:15:51.443000 +CVE-2025-22555,1,1,d1e6d57508dcad2a7bd8a9f8b3df05e46a8cd4445ec31cc6bf7d6924761d0bd1,2025-01-07T16:15:51.627000 +CVE-2025-22556,1,1,80282a8b7a3877b8271925b73b265c9263e83dc11ca55c1f26f5815967b33d22,2025-01-07T16:15:51.780000 +CVE-2025-22557,1,1,554688a370f3db327fa06284ca2f5bc0989345f9c179b0129147bfc3c998df56,2025-01-07T16:15:51.920000 +CVE-2025-22558,1,1,02538728dcbe28f9141d88cc5f37cf5e77cdba128b736b8999068fb514290b69,2025-01-07T16:15:52.080000 +CVE-2025-22559,1,1,f5edeba6ab7d923752b407ae8aab3700703d56d33a7f7999527accd4fd6d59de,2025-01-07T16:15:52.243000 +CVE-2025-22560,1,1,b722a48c52ac2270e574d7f5e02e3277d49a8fd1223636c766a0dea93a013371,2025-01-07T16:15:52.380000 +CVE-2025-22562,1,1,7160616e3f1e58346b09b1df777bd943bb4feb68c941a8f3be9d3e61e578fef3,2025-01-07T16:15:52.540000 +CVE-2025-22563,1,1,8f83fd6b5a5ec2381366f243f66907385b1669b6fef4670423d5257df7197ee1,2025-01-07T16:15:52.940000 +CVE-2025-22571,1,1,1b4f24da1a6f1bb7f346661376dfe49926d420862ecc376c082a8f78051bb43a,2025-01-07T16:15:53.187000 +CVE-2025-22572,1,1,32ab9eedcf4e42497aa29295e4986051818a49862bb5bf5d6d005d7558592521,2025-01-07T16:15:53.357000 +CVE-2025-22573,1,1,d2119173e267406cc8c9fcd20059a69bef2e08f7671866825bd18cb7cdb0d91d,2025-01-07T16:15:53.520000 +CVE-2025-22574,1,1,c37802a3f5d46dae3a4ce727391565c816599e4812b3e203a764a730d9724f8b,2025-01-07T16:15:53.667000 +CVE-2025-22577,1,1,832542f3ba4935e52a354806ac4c5d20d6ab091f340f611b5ababf5d00adcf75,2025-01-07T16:15:53.823000 +CVE-2025-22578,1,1,95fa1fcefb1a422e599db02a6781a35ca29ce1bc289d8fd08c5f19c13e53b5b4,2025-01-07T16:15:53.970000 +CVE-2025-22579,1,1,3cd63585cff10d775a15cd489268bb3f4f3859adb48a219faa18d77152c22936,2025-01-07T16:15:54.130000 +CVE-2025-22580,1,1,b35ffa4af0fb66dbc86a0bdb9fdf61c75ae3e7d1a1b77120fa8c043d429ae245,2025-01-07T16:15:54.303000 +CVE-2025-22581,1,1,53e1424ec6641d678bf117bb3c262da47ec66270c5ac57f65419efe21500073f,2025-01-07T16:15:54.467000 +CVE-2025-22582,1,1,0e04785e89c9d4acbccb3710e27d086b1e71be3155e4f5c0e225a467988b1226,2025-01-07T16:15:54.640000 +CVE-2025-22584,1,1,92ae95688057a343a3c112aba90a91e888f006a83dffd4231d4c896dd9b0eff6,2025-01-07T16:15:54.780000 +CVE-2025-22585,1,1,ef5b5a89cfb8baed252c15be492e73d626a65d7d4898a799d60ec5b5176f289f,2025-01-07T16:15:54.923000 +CVE-2025-22589,1,1,bb529e158c7e1933304f26efc5f066f63e5c287ae81ac09f059d86eaefe4703b,2025-01-07T16:15:55.053000 +CVE-2025-22590,1,1,b614c7d50ccfeb50c3e47048ce19c3611ad36ac118669e3c81ea441e322bcf11,2025-01-07T16:15:55.200000 +CVE-2025-22591,1,1,357b853ebe55eb932f399d326d5cfd3cf40fa62ab1a4f95d6fbcdc2774241b5d,2025-01-07T16:15:55.337000 +CVE-2025-22592,1,1,ff5fac2b9bc94ed835e8f9addacdb39fda9bbbe54c2e47c1826c43b63204eab4,2025-01-07T16:15:55.470000 +CVE-2025-22593,1,1,2e2b9b257210673d1959179ba19f9ddffb24fc86c8f15dcc25f3759c772c6b90,2025-01-07T16:15:55.627000