From d00322bde9d25fd5c827b72bc1d8526d7fe9be81 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Thu, 16 Jan 2025 17:04:16 +0000 Subject: [PATCH] Auto-Update: 2025-01-16T17:00:49.520130+00:00 --- CVE-2020/CVE-2020-367xx/CVE-2020-36714.json | 6 +- CVE-2022/CVE-2022-20xx/CVE-2022-2040.json | 6 +- CVE-2022/CVE-2022-20xx/CVE-2022-2041.json | 6 +- CVE-2023/CVE-2023-208xx/CVE-2023-20868.json | 32 ++- CVE-2023/CVE-2023-208xx/CVE-2023-20882.json | 22 +- CVE-2023/CVE-2023-208xx/CVE-2023-20883.json | 22 +- CVE-2023/CVE-2023-254xx/CVE-2023-25439.json | 32 ++- CVE-2023/CVE-2023-262xx/CVE-2023-26280.json | 42 ++- CVE-2023/CVE-2023-275xx/CVE-2023-27529.json | 32 ++- CVE-2023/CVE-2023-283xx/CVE-2023-28370.json | 32 ++- CVE-2023/CVE-2023-28xx/CVE-2023-2804.json | 22 +- CVE-2023/CVE-2023-315xx/CVE-2023-31594.json | 22 +- CVE-2023/CVE-2023-318xx/CVE-2023-31861.json | 32 ++- CVE-2023/CVE-2023-332xx/CVE-2023-33247.json | 32 ++- CVE-2023/CVE-2023-332xx/CVE-2023-33248.json | 22 +- CVE-2023/CVE-2023-332xx/CVE-2023-33263.json | 32 ++- CVE-2023/CVE-2023-332xx/CVE-2023-33278.json | 32 ++- CVE-2023/CVE-2023-332xx/CVE-2023-33279.json | 32 ++- CVE-2023/CVE-2023-332xx/CVE-2023-33280.json | 32 ++- CVE-2023/CVE-2023-333xx/CVE-2023-33355.json | 22 +- CVE-2023/CVE-2023-336xx/CVE-2023-33630.json | 32 ++- CVE-2023/CVE-2023-338xx/CVE-2023-33829.json | 32 ++- CVE-2023/CVE-2023-339xx/CVE-2023-33980.json | 22 +- CVE-2023/CVE-2023-339xx/CVE-2023-33981.json | 32 ++- CVE-2023/CVE-2023-339xx/CVE-2023-33982.json | 32 ++- CVE-2023/CVE-2023-339xx/CVE-2023-33983.json | 32 ++- CVE-2023/CVE-2023-497xx/CVE-2023-49740.json | 6 +- CVE-2023/CVE-2023-513xx/CVE-2023-51396.json | 6 +- CVE-2023/CVE-2023-525xx/CVE-2023-52532.json | 117 +++++++- CVE-2023/CVE-2023-525xx/CVE-2023-52559.json | 134 +++++++++- CVE-2023/CVE-2023-56xx/CVE-2023-5611.json | 6 +- CVE-2024/CVE-2024-11xx/CVE-2024-1161.json | 6 +- CVE-2024/CVE-2024-11xx/CVE-2024-1164.json | 6 +- CVE-2024/CVE-2024-12xx/CVE-2024-1291.json | 74 +++++- CVE-2024/CVE-2024-12xx/CVE-2024-1293.json | 74 +++++- CVE-2024/CVE-2024-12xx/CVE-2024-1296.json | 94 ++++++- CVE-2024/CVE-2024-13xx/CVE-2024-1311.json | 64 ++++- CVE-2024/CVE-2024-13xx/CVE-2024-1388.json | 74 +++++- CVE-2024/CVE-2024-14xx/CVE-2024-1453.json | 54 +++- CVE-2024/CVE-2024-15xx/CVE-2024-1568.json | 74 +++++- CVE-2024/CVE-2024-19xx/CVE-2024-1937.json | 74 +++++- CVE-2024/CVE-2024-19xx/CVE-2024-1940.json | 6 +- CVE-2024/CVE-2024-20xx/CVE-2024-2087.json | 6 +- CVE-2024/CVE-2024-24xx/CVE-2024-2403.json | 81 +++++- CVE-2024/CVE-2024-262xx/CVE-2024-26238.json | 60 ++++- CVE-2024/CVE-2024-278xx/CVE-2024-27856.json | 43 ++- CVE-2024/CVE-2024-289xx/CVE-2024-28943.json | 106 +++++++- CVE-2024/CVE-2024-290xx/CVE-2024-29043.json | 106 +++++++- CVE-2024/CVE-2024-290xx/CVE-2024-29050.json | 154 ++++++++++- CVE-2024/CVE-2024-290xx/CVE-2024-29066.json | 80 +++++- CVE-2024/CVE-2024-32xx/CVE-2024-3242.json | 6 +- CVE-2024/CVE-2024-340xx/CVE-2024-34077.json | 94 ++++++- CVE-2024/CVE-2024-340xx/CVE-2024-34080.json | 96 ++++++- CVE-2024/CVE-2024-340xx/CVE-2024-34081.json | 88 +++++- CVE-2024/CVE-2024-34xx/CVE-2024-3499.json | 54 +++- CVE-2024/CVE-2024-359xx/CVE-2024-35985.json | 122 ++++++++- CVE-2024/CVE-2024-36xx/CVE-2024-3650.json | 75 +++++- CVE-2024/CVE-2024-36xx/CVE-2024-3667.json | 6 +- CVE-2024/CVE-2024-37xx/CVE-2024-3711.json | 64 ++++- CVE-2024/CVE-2024-441xx/CVE-2024-44136.json | 31 ++- CVE-2024/CVE-2024-509xx/CVE-2024-50953.json | 43 ++- CVE-2024/CVE-2024-531xx/CVE-2024-53166.json | 94 ++++++- CVE-2024/CVE-2024-531xx/CVE-2024-53170.json | 82 +++++- CVE-2024/CVE-2024-531xx/CVE-2024-53180.json | 117 +++++++- CVE-2024/CVE-2024-531xx/CVE-2024-53187.json | 81 +++++- CVE-2024/CVE-2024-532xx/CVE-2024-53203.json | 82 +++++- CVE-2024/CVE-2024-532xx/CVE-2024-53208.json | 106 +++++++- CVE-2024/CVE-2024-532xx/CVE-2024-53228.json | 82 +++++- CVE-2024/CVE-2024-536xx/CVE-2024-53689.json | 84 +++++- CVE-2024/CVE-2024-541xx/CVE-2024-54191.json | 91 ++++++- CVE-2024/CVE-2024-544xx/CVE-2024-54460.json | 84 +++++- CVE-2024/CVE-2024-545xx/CVE-2024-54540.json | 43 ++- CVE-2024/CVE-2024-546xx/CVE-2024-54680.json | 101 ++++++- CVE-2024/CVE-2024-546xx/CVE-2024-54683.json | 96 ++++++- CVE-2024/CVE-2024-547xx/CVE-2024-54730.json | 43 ++- CVE-2024/CVE-2024-556xx/CVE-2024-55642.json | 84 +++++- CVE-2024/CVE-2024-559xx/CVE-2024-55916.json | 149 ++++++++++- CVE-2024/CVE-2024-563xx/CVE-2024-56369.json | 124 ++++++++- CVE-2024/CVE-2024-565xx/CVE-2024-56551.json | 81 +++++- CVE-2024/CVE-2024-565xx/CVE-2024-56595.json | 129 ++++++++- CVE-2024/CVE-2024-565xx/CVE-2024-56596.json | 129 ++++++++- CVE-2024/CVE-2024-565xx/CVE-2024-56598.json | 129 ++++++++- CVE-2024/CVE-2024-566xx/CVE-2024-56615.json | 135 +++++++++- CVE-2024/CVE-2024-566xx/CVE-2024-56617.json | 87 +++++- CVE-2024/CVE-2024-566xx/CVE-2024-56618.json | 75 +++++- CVE-2024/CVE-2024-566xx/CVE-2024-56626.json | 111 +++++++- CVE-2024/CVE-2024-566xx/CVE-2024-56627.json | 111 +++++++- CVE-2024/CVE-2024-566xx/CVE-2024-56692.json | 93 ++++++- CVE-2024/CVE-2024-570xx/CVE-2024-57011.json | 43 ++- CVE-2024/CVE-2024-570xx/CVE-2024-57012.json | 43 ++- CVE-2024/CVE-2024-570xx/CVE-2024-57013.json | 43 ++- CVE-2024/CVE-2024-570xx/CVE-2024-57014.json | 43 ++- CVE-2024/CVE-2024-570xx/CVE-2024-57015.json | 43 ++- CVE-2024/CVE-2024-570xx/CVE-2024-57016.json | 43 ++- CVE-2024/CVE-2024-570xx/CVE-2024-57017.json | 43 ++- CVE-2024/CVE-2024-570xx/CVE-2024-57018.json | 43 ++- CVE-2024/CVE-2024-570xx/CVE-2024-57019.json | 43 ++- CVE-2024/CVE-2024-570xx/CVE-2024-57020.json | 43 ++- CVE-2024/CVE-2024-570xx/CVE-2024-57021.json | 43 ++- CVE-2024/CVE-2024-570xx/CVE-2024-57022.json | 43 ++- CVE-2024/CVE-2024-571xx/CVE-2024-57159.json | 21 ++ CVE-2024/CVE-2024-571xx/CVE-2024-57160.json | 21 ++ CVE-2024/CVE-2024-571xx/CVE-2024-57161.json | 21 ++ CVE-2024/CVE-2024-571xx/CVE-2024-57162.json | 21 ++ CVE-2024/CVE-2024-574xx/CVE-2024-57473.json | 43 ++- CVE-2024/CVE-2024-574xx/CVE-2024-57479.json | 43 ++- CVE-2024/CVE-2024-574xx/CVE-2024-57480.json | 43 ++- CVE-2024/CVE-2024-574xx/CVE-2024-57483.json | 43 ++- CVE-2024/CVE-2024-576xx/CVE-2024-57611.json | 21 ++ CVE-2024/CVE-2024-576xx/CVE-2024-57643.json | 45 +++- CVE-2024/CVE-2024-576xx/CVE-2024-57655.json | 45 +++- CVE-2024/CVE-2024-576xx/CVE-2024-57656.json | 45 +++- CVE-2024/CVE-2024-576xx/CVE-2024-57657.json | 45 +++- CVE-2024/CVE-2024-576xx/CVE-2024-57658.json | 45 +++- CVE-2024/CVE-2024-576xx/CVE-2024-57660.json | 45 +++- CVE-2024/CVE-2024-577xx/CVE-2024-57799.json | 94 ++++++- CVE-2024/CVE-2024-578xx/CVE-2024-57807.json | 138 +++++++++- CVE-2024/CVE-2024-578xx/CVE-2024-57872.json | 79 +++++- CVE-2024/CVE-2024-578xx/CVE-2024-57881.json | 89 ++++++- CVE-2024/CVE-2024-58xx/CVE-2024-5806.json | 85 +++++- CVE-2024/CVE-2024-64xx/CVE-2024-6455.json | 52 +++- CVE-2024/CVE-2024-89xx/CVE-2024-8902.json | 64 ++++- CVE-2025/CVE-2025-04xx/CVE-2025-0488.json | 16 +- CVE-2025/CVE-2025-04xx/CVE-2025-0489.json | 16 +- CVE-2025/CVE-2025-04xx/CVE-2025-0490.json | 16 +- CVE-2025/CVE-2025-229xx/CVE-2025-22905.json | 39 ++- CVE-2025/CVE-2025-229xx/CVE-2025-22906.json | 39 ++- CVE-2025/CVE-2025-229xx/CVE-2025-22907.json | 39 ++- CVE-2025/CVE-2025-229xx/CVE-2025-22912.json | 39 ++- CVE-2025/CVE-2025-229xx/CVE-2025-22913.json | 39 ++- CVE-2025/CVE-2025-229xx/CVE-2025-22916.json | 39 ++- CVE-2025/CVE-2025-229xx/CVE-2025-22968.json | 43 ++- CVE-2025/CVE-2025-230xx/CVE-2025-23081.json | 33 ++- README.md | 49 +++- _state.csv | 279 ++++++++++---------- 135 files changed, 7184 insertions(+), 667 deletions(-) create mode 100644 CVE-2024/CVE-2024-571xx/CVE-2024-57159.json create mode 100644 CVE-2024/CVE-2024-571xx/CVE-2024-57160.json create mode 100644 CVE-2024/CVE-2024-571xx/CVE-2024-57161.json create mode 100644 CVE-2024/CVE-2024-571xx/CVE-2024-57162.json create mode 100644 CVE-2024/CVE-2024-576xx/CVE-2024-57611.json diff --git a/CVE-2020/CVE-2020-367xx/CVE-2020-36714.json b/CVE-2020/CVE-2020-367xx/CVE-2020-36714.json index 8c870a7ef4a..bc88c1bf8f5 100644 --- a/CVE-2020/CVE-2020-367xx/CVE-2020-36714.json +++ b/CVE-2020/CVE-2020-367xx/CVE-2020-36714.json @@ -2,7 +2,7 @@ "id": "CVE-2020-36714", "sourceIdentifier": "security@wordfence.com", "published": "2023-10-20T08:15:11.020", - "lastModified": "2024-11-21T05:30:08.480", + "lastModified": "2025-01-16T15:08:00.773", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -80,9 +80,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:brizy:brizy-page_builder:*:*:*:*:*:wordpress:*:*", + "criteria": "cpe:2.3:a:brizy:brizy:*:*:*:*:*:wordpress:*:*", "versionEndIncluding": "1.0.125", - "matchCriteriaId": "2711C8DC-F5A7-40F7-8517-6C5B6EF560BA" + "matchCriteriaId": "83B3A24F-0F9C-4178-B9E6-046CE15B0AE6" } ] } diff --git a/CVE-2022/CVE-2022-20xx/CVE-2022-2040.json b/CVE-2022/CVE-2022-20xx/CVE-2022-2040.json index 62d6ebb4cd2..45d51862a50 100644 --- a/CVE-2022/CVE-2022-20xx/CVE-2022-2040.json +++ b/CVE-2022/CVE-2022-20xx/CVE-2022-2040.json @@ -2,7 +2,7 @@ "id": "CVE-2022-2040", "sourceIdentifier": "contact@wpscan.com", "published": "2022-06-27T09:15:10.723", - "lastModified": "2024-11-21T07:00:13.107", + "lastModified": "2025-01-16T15:08:00.773", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -85,9 +85,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:brizy:brizy-page_builder:*:*:*:*:*:wordpress:*:*", + "criteria": "cpe:2.3:a:brizy:brizy:*:*:*:*:*:wordpress:*:*", "versionEndExcluding": "2.4.2", - "matchCriteriaId": "6D743DF5-2E71-4107-89CA-5CB25907EE2F" + "matchCriteriaId": "D07F5B64-019D-4ED7-9C82-3C8C9F1DB614" } ] } diff --git a/CVE-2022/CVE-2022-20xx/CVE-2022-2041.json b/CVE-2022/CVE-2022-20xx/CVE-2022-2041.json index 38fa4c41f1c..d7752098895 100644 --- a/CVE-2022/CVE-2022-20xx/CVE-2022-2041.json +++ b/CVE-2022/CVE-2022-20xx/CVE-2022-2041.json @@ -2,7 +2,7 @@ "id": "CVE-2022-2041", "sourceIdentifier": "contact@wpscan.com", "published": "2022-06-27T09:15:10.773", - "lastModified": "2024-11-21T07:00:13.220", + "lastModified": "2025-01-16T15:08:00.773", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -95,9 +95,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:brizy:brizy-page_builder:*:*:*:*:*:wordpress:*:*", + "criteria": "cpe:2.3:a:brizy:brizy:*:*:*:*:*:wordpress:*:*", "versionEndExcluding": "2.4.2", - "matchCriteriaId": "6D743DF5-2E71-4107-89CA-5CB25907EE2F" + "matchCriteriaId": "D07F5B64-019D-4ED7-9C82-3C8C9F1DB614" } ] } diff --git a/CVE-2023/CVE-2023-208xx/CVE-2023-20868.json b/CVE-2023/CVE-2023-208xx/CVE-2023-20868.json index 2ed12cd42e4..c09b7df8af4 100644 --- a/CVE-2023/CVE-2023-208xx/CVE-2023-20868.json +++ b/CVE-2023/CVE-2023-208xx/CVE-2023-20868.json @@ -2,7 +2,7 @@ "id": "CVE-2023-20868", "sourceIdentifier": "security@vmware.com", "published": "2023-05-26T18:15:12.723", - "lastModified": "2024-11-21T07:41:43.580", + "lastModified": "2025-01-16T15:15:09.580", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -32,6 +32,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 2.7 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 } ] }, @@ -45,6 +65,16 @@ "value": "CWE-79" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] } ], "configurations": [ diff --git a/CVE-2023/CVE-2023-208xx/CVE-2023-20882.json b/CVE-2023/CVE-2023-208xx/CVE-2023-20882.json index 973ec03566c..7d19b6bcb01 100644 --- a/CVE-2023/CVE-2023-208xx/CVE-2023-20882.json +++ b/CVE-2023/CVE-2023-208xx/CVE-2023-20882.json @@ -2,7 +2,7 @@ "id": "CVE-2023-20882", "sourceIdentifier": "security@vmware.com", "published": "2023-05-26T17:15:13.897", - "lastModified": "2024-11-21T07:41:44.820", + "lastModified": "2025-01-16T15:15:09.943", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -32,6 +32,26 @@ }, "exploitabilityScore": 2.2, "impactScore": 3.6 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.2, + "impactScore": 3.6 } ] }, diff --git a/CVE-2023/CVE-2023-208xx/CVE-2023-20883.json b/CVE-2023/CVE-2023-208xx/CVE-2023-20883.json index 7e48977f4b2..ddd090683db 100644 --- a/CVE-2023/CVE-2023-208xx/CVE-2023-20883.json +++ b/CVE-2023/CVE-2023-208xx/CVE-2023-20883.json @@ -2,7 +2,7 @@ "id": "CVE-2023-20883", "sourceIdentifier": "security@vmware.com", "published": "2023-05-26T17:15:14.047", - "lastModified": "2024-11-21T07:41:44.933", + "lastModified": "2025-01-16T15:15:10.170", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -32,6 +32,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 3.6 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 } ] }, diff --git a/CVE-2023/CVE-2023-254xx/CVE-2023-25439.json b/CVE-2023/CVE-2023-254xx/CVE-2023-25439.json index b01709fff46..5b68a15327d 100644 --- a/CVE-2023/CVE-2023-254xx/CVE-2023-25439.json +++ b/CVE-2023/CVE-2023-254xx/CVE-2023-25439.json @@ -2,7 +2,7 @@ "id": "CVE-2023-25439", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-25T20:15:09.280", - "lastModified": "2024-11-21T07:49:30.957", + "lastModified": "2025-01-16T16:15:28.260", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -32,6 +32,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 2.7 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 } ] }, @@ -45,6 +65,16 @@ "value": "CWE-79" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] } ], "configurations": [ diff --git a/CVE-2023/CVE-2023-262xx/CVE-2023-26280.json b/CVE-2023/CVE-2023-262xx/CVE-2023-26280.json index e93bc729896..84966ec7e62 100644 --- a/CVE-2023/CVE-2023-262xx/CVE-2023-26280.json +++ b/CVE-2023/CVE-2023-262xx/CVE-2023-26280.json @@ -2,8 +2,8 @@ "id": "CVE-2023-26280", "sourceIdentifier": "psirt@us.ibm.com", "published": "2024-11-25T16:15:06.243", - "lastModified": "2024-11-25T19:15:06.987", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-16T16:13:59.293", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -49,12 +49,48 @@ "value": "CWE-266" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:jazz_foundation:7.0.2:*:*:*:*:*:*:*", + "matchCriteriaId": "1A96AC18-F48B-42AA-98B8-5FCFFB5C4D3E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:jazz_foundation:7.0.3:*:*:*:*:*:*:*", + "matchCriteriaId": "8A7E20A9-9D5D-4903-96CD-6CE833D1D854" + } + ] + } + ] } ], "references": [ { "url": "https://www.ibm.com/support/pages/node/7176207", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "Not Applicable", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-275xx/CVE-2023-27529.json b/CVE-2023/CVE-2023-275xx/CVE-2023-27529.json index c9f1c77e82f..fef8aea098f 100644 --- a/CVE-2023/CVE-2023-275xx/CVE-2023-27529.json +++ b/CVE-2023/CVE-2023-275xx/CVE-2023-27529.json @@ -2,7 +2,7 @@ "id": "CVE-2023-27529", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2023-05-25T10:15:09.703", - "lastModified": "2024-11-21T07:53:06.277", + "lastModified": "2025-01-16T16:15:28.460", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -32,6 +32,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 } ] }, @@ -45,6 +65,16 @@ "value": "CWE-59" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-59" + } + ] } ], "configurations": [ diff --git a/CVE-2023/CVE-2023-283xx/CVE-2023-28370.json b/CVE-2023/CVE-2023-283xx/CVE-2023-28370.json index bd8d0c80032..f7d4215f2a3 100644 --- a/CVE-2023/CVE-2023-283xx/CVE-2023-28370.json +++ b/CVE-2023/CVE-2023-283xx/CVE-2023-28370.json @@ -2,7 +2,7 @@ "id": "CVE-2023-28370", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2023-05-25T10:15:09.750", - "lastModified": "2024-11-21T07:54:56.357", + "lastModified": "2025-01-16T16:15:28.637", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -32,6 +32,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 2.7 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 } ] }, @@ -45,6 +65,16 @@ "value": "CWE-601" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-601" + } + ] } ], "configurations": [ diff --git a/CVE-2023/CVE-2023-28xx/CVE-2023-2804.json b/CVE-2023/CVE-2023-28xx/CVE-2023-2804.json index 1fa6a31284b..d6b191a6c16 100644 --- a/CVE-2023/CVE-2023-28xx/CVE-2023-2804.json +++ b/CVE-2023/CVE-2023-28xx/CVE-2023-2804.json @@ -2,7 +2,7 @@ "id": "CVE-2023-2804", "sourceIdentifier": "secalert@redhat.com", "published": "2023-05-25T22:15:09.443", - "lastModified": "2024-11-21T07:59:19.377", + "lastModified": "2025-01-16T16:15:29.043", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -32,6 +32,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 3.6 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 } ] }, diff --git a/CVE-2023/CVE-2023-315xx/CVE-2023-31594.json b/CVE-2023/CVE-2023-315xx/CVE-2023-31594.json index d0ed12d8bf8..82e668607dd 100644 --- a/CVE-2023/CVE-2023-315xx/CVE-2023-31594.json +++ b/CVE-2023/CVE-2023-315xx/CVE-2023-31594.json @@ -2,7 +2,7 @@ "id": "CVE-2023-31594", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-25T01:15:41.833", - "lastModified": "2024-11-21T08:02:03.650", + "lastModified": "2025-01-16T15:15:10.397", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -32,6 +32,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 3.6 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 } ] }, diff --git a/CVE-2023/CVE-2023-318xx/CVE-2023-31861.json b/CVE-2023/CVE-2023-318xx/CVE-2023-31861.json index 02dfc07b971..e1bf4db9409 100644 --- a/CVE-2023/CVE-2023-318xx/CVE-2023-31861.json +++ b/CVE-2023/CVE-2023-318xx/CVE-2023-31861.json @@ -2,7 +2,7 @@ "id": "CVE-2023-31861", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-25T02:15:08.820", - "lastModified": "2024-11-21T08:02:20.690", + "lastModified": "2025-01-16T15:15:10.720", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -36,6 +36,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 3.6 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 } ] }, @@ -49,6 +69,16 @@ "value": "CWE-22" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] } ], "configurations": [ diff --git a/CVE-2023/CVE-2023-332xx/CVE-2023-33247.json b/CVE-2023/CVE-2023-332xx/CVE-2023-33247.json index f2714303f85..55c0c9a1135 100644 --- a/CVE-2023/CVE-2023-332xx/CVE-2023-33247.json +++ b/CVE-2023/CVE-2023-332xx/CVE-2023-33247.json @@ -2,7 +2,7 @@ "id": "CVE-2023-33247", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-26T20:15:49.360", - "lastModified": "2024-11-21T08:05:15.357", + "lastModified": "2025-01-16T16:15:29.437", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -32,6 +32,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 3.6 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 } ] }, @@ -45,6 +65,16 @@ "value": "NVD-CWE-noinfo" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-306" + } + ] } ], "configurations": [ diff --git a/CVE-2023/CVE-2023-332xx/CVE-2023-33248.json b/CVE-2023/CVE-2023-332xx/CVE-2023-33248.json index 9ed9d121c01..7d37eddb0af 100644 --- a/CVE-2023/CVE-2023-332xx/CVE-2023-33248.json +++ b/CVE-2023/CVE-2023-332xx/CVE-2023-33248.json @@ -2,7 +2,7 @@ "id": "CVE-2023-33248", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-24T22:15:09.207", - "lastModified": "2024-11-21T08:05:15.520", + "lastModified": "2025-01-16T16:15:29.630", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -32,6 +32,26 @@ }, "exploitabilityScore": 2.1, "impactScore": 5.5 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H", + "baseScore": 7.6, + "baseSeverity": "HIGH", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.1, + "impactScore": 5.5 } ] }, diff --git a/CVE-2023/CVE-2023-332xx/CVE-2023-33263.json b/CVE-2023/CVE-2023-332xx/CVE-2023-33263.json index 54d97135757..f6f4b356ca9 100644 --- a/CVE-2023/CVE-2023-332xx/CVE-2023-33263.json +++ b/CVE-2023/CVE-2023-332xx/CVE-2023-33263.json @@ -2,7 +2,7 @@ "id": "CVE-2023-33263", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-25T20:15:09.447", - "lastModified": "2024-11-21T08:05:16.943", + "lastModified": "2025-01-16T15:15:10.990", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -32,6 +32,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 3.6 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 } ] }, @@ -45,6 +65,16 @@ "value": "CWE-522" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-522" + } + ] } ], "configurations": [ diff --git a/CVE-2023/CVE-2023-332xx/CVE-2023-33278.json b/CVE-2023/CVE-2023-332xx/CVE-2023-33278.json index 564a28bec33..394b2a241a2 100644 --- a/CVE-2023/CVE-2023-332xx/CVE-2023-33278.json +++ b/CVE-2023/CVE-2023-332xx/CVE-2023-33278.json @@ -2,7 +2,7 @@ "id": "CVE-2023-33278", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-25T20:15:09.500", - "lastModified": "2024-11-21T08:05:18.980", + "lastModified": "2025-01-16T15:15:11.260", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -32,6 +32,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 } ] }, @@ -45,6 +65,16 @@ "value": "CWE-89" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] } ], "configurations": [ diff --git a/CVE-2023/CVE-2023-332xx/CVE-2023-33279.json b/CVE-2023/CVE-2023-332xx/CVE-2023-33279.json index d3d11ae7e5f..e61031c50ee 100644 --- a/CVE-2023/CVE-2023-332xx/CVE-2023-33279.json +++ b/CVE-2023/CVE-2023-332xx/CVE-2023-33279.json @@ -2,7 +2,7 @@ "id": "CVE-2023-33279", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-25T20:15:09.570", - "lastModified": "2024-11-21T08:05:19.140", + "lastModified": "2025-01-16T15:15:11.527", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -32,6 +32,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 } ] }, @@ -45,6 +65,16 @@ "value": "CWE-89" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] } ], "configurations": [ diff --git a/CVE-2023/CVE-2023-332xx/CVE-2023-33280.json b/CVE-2023/CVE-2023-332xx/CVE-2023-33280.json index 0804ab2841f..60c00354f7e 100644 --- a/CVE-2023/CVE-2023-332xx/CVE-2023-33280.json +++ b/CVE-2023/CVE-2023-332xx/CVE-2023-33280.json @@ -2,7 +2,7 @@ "id": "CVE-2023-33280", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-25T20:15:09.633", - "lastModified": "2024-11-21T08:05:19.307", + "lastModified": "2025-01-16T15:15:11.777", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -32,6 +32,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 } ] }, @@ -45,6 +65,16 @@ "value": "CWE-89" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] } ], "configurations": [ diff --git a/CVE-2023/CVE-2023-333xx/CVE-2023-33355.json b/CVE-2023/CVE-2023-333xx/CVE-2023-33355.json index 5f2b88105e1..7ba2b831de5 100644 --- a/CVE-2023/CVE-2023-333xx/CVE-2023-33355.json +++ b/CVE-2023/CVE-2023-333xx/CVE-2023-33355.json @@ -2,7 +2,7 @@ "id": "CVE-2023-33355", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-25T14:15:10.850", - "lastModified": "2024-11-21T08:05:27.323", + "lastModified": "2025-01-16T15:15:12.030", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -32,6 +32,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 3.6 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 } ] }, diff --git a/CVE-2023/CVE-2023-336xx/CVE-2023-33630.json b/CVE-2023/CVE-2023-336xx/CVE-2023-33630.json index f2e0d50698d..77cc32b98e5 100644 --- a/CVE-2023/CVE-2023-336xx/CVE-2023-33630.json +++ b/CVE-2023/CVE-2023-336xx/CVE-2023-33630.json @@ -2,7 +2,7 @@ "id": "CVE-2023-33630", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-31T21:15:09.563", - "lastModified": "2024-11-21T08:05:47.090", + "lastModified": "2025-01-16T16:15:29.847", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -32,6 +32,26 @@ }, "exploitabilityScore": 1.2, "impactScore": 5.9 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.2, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 } ] }, @@ -45,6 +65,16 @@ "value": "CWE-787" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] } ], "configurations": [ diff --git a/CVE-2023/CVE-2023-338xx/CVE-2023-33829.json b/CVE-2023/CVE-2023-338xx/CVE-2023-33829.json index 991ac734ed0..036610d23f5 100644 --- a/CVE-2023/CVE-2023-338xx/CVE-2023-33829.json +++ b/CVE-2023/CVE-2023-338xx/CVE-2023-33829.json @@ -2,7 +2,7 @@ "id": "CVE-2023-33829", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-24T21:15:11.567", - "lastModified": "2024-11-21T08:06:02.473", + "lastModified": "2025-01-16T16:15:30.050", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -32,6 +32,26 @@ }, "exploitabilityScore": 2.3, "impactScore": 2.7 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 } ] }, @@ -45,6 +65,16 @@ "value": "CWE-79" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] } ], "configurations": [ diff --git a/CVE-2023/CVE-2023-339xx/CVE-2023-33980.json b/CVE-2023/CVE-2023-339xx/CVE-2023-33980.json index 836632008c5..504cc3f6134 100644 --- a/CVE-2023/CVE-2023-339xx/CVE-2023-33980.json +++ b/CVE-2023/CVE-2023-339xx/CVE-2023-33980.json @@ -2,7 +2,7 @@ "id": "CVE-2023-33980", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-24T18:15:10.827", - "lastModified": "2024-11-21T08:06:20.393", + "lastModified": "2025-01-16T16:15:30.280", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -32,6 +32,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 3.6 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 } ] }, diff --git a/CVE-2023/CVE-2023-339xx/CVE-2023-33981.json b/CVE-2023/CVE-2023-339xx/CVE-2023-33981.json index c843f4fcd9c..c8d5e1c1ace 100644 --- a/CVE-2023/CVE-2023-339xx/CVE-2023-33981.json +++ b/CVE-2023/CVE-2023-339xx/CVE-2023-33981.json @@ -2,7 +2,7 @@ "id": "CVE-2023-33981", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-24T18:15:10.877", - "lastModified": "2024-11-21T08:06:20.537", + "lastModified": "2025-01-16T16:15:30.487", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -32,6 +32,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 3.6 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 } ] }, @@ -45,6 +65,16 @@ "value": "CWE-354" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-354" + } + ] } ], "configurations": [ diff --git a/CVE-2023/CVE-2023-339xx/CVE-2023-33982.json b/CVE-2023/CVE-2023-339xx/CVE-2023-33982.json index f58d9ed19e1..f4416bc6a4f 100644 --- a/CVE-2023/CVE-2023-339xx/CVE-2023-33982.json +++ b/CVE-2023/CVE-2023-339xx/CVE-2023-33982.json @@ -2,7 +2,7 @@ "id": "CVE-2023-33982", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-24T18:15:10.927", - "lastModified": "2024-11-21T08:06:20.683", + "lastModified": "2025-01-16T16:15:30.683", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -32,6 +32,26 @@ }, "exploitabilityScore": 2.2, "impactScore": 3.6 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 5.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.2, + "impactScore": 3.6 } ] }, @@ -45,6 +65,16 @@ "value": "CWE-326" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-326" + } + ] } ], "configurations": [ diff --git a/CVE-2023/CVE-2023-339xx/CVE-2023-33983.json b/CVE-2023/CVE-2023-339xx/CVE-2023-33983.json index 06047c27f1a..e2b8b0d838e 100644 --- a/CVE-2023/CVE-2023-339xx/CVE-2023-33983.json +++ b/CVE-2023/CVE-2023-339xx/CVE-2023-33983.json @@ -2,7 +2,7 @@ "id": "CVE-2023-33983", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-24T18:15:10.983", - "lastModified": "2024-11-21T08:06:20.833", + "lastModified": "2025-01-16T16:15:30.897", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -32,6 +32,26 @@ }, "exploitabilityScore": 2.2, "impactScore": 5.2 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", + "baseScore": 7.4, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.2, + "impactScore": 5.2 } ] }, @@ -45,6 +65,16 @@ "value": "CWE-862" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] } ], "configurations": [ diff --git a/CVE-2023/CVE-2023-497xx/CVE-2023-49740.json b/CVE-2023/CVE-2023-497xx/CVE-2023-49740.json index 101ec60a0ab..282704409c1 100644 --- a/CVE-2023/CVE-2023-497xx/CVE-2023-49740.json +++ b/CVE-2023/CVE-2023-497xx/CVE-2023-49740.json @@ -2,7 +2,7 @@ "id": "CVE-2023-49740", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-14T15:15:08.817", - "lastModified": "2024-11-21T08:33:45.510", + "lastModified": "2025-01-16T15:44:50.793", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -80,9 +80,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:seraphinitesolutions:seraphinite_accelerator:*:*:*:*:*:wordpress:*:*", + "criteria": "cpe:2.3:a:s-sols:seraphinite_accelerator:*:*:*:*:*:wordpress:*:*", "versionEndExcluding": "2.20.29", - "matchCriteriaId": "192EDEBE-9F34-426E-BB4A-E102B4B8111D" + "matchCriteriaId": "D2550F38-8EDD-4F10-9A43-D3935323E138" } ] } diff --git a/CVE-2023/CVE-2023-513xx/CVE-2023-51396.json b/CVE-2023/CVE-2023-513xx/CVE-2023-51396.json index 39ac87c4c6b..e57b85f527c 100644 --- a/CVE-2023/CVE-2023-513xx/CVE-2023-51396.json +++ b/CVE-2023/CVE-2023-513xx/CVE-2023-51396.json @@ -2,7 +2,7 @@ "id": "CVE-2023-51396", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-29T11:15:10.357", - "lastModified": "2024-11-21T08:38:01.510", + "lastModified": "2025-01-16T15:08:00.773", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -80,9 +80,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:brizy:brizy-page_builder:*:*:*:*:*:wordpress:*:*", + "criteria": "cpe:2.3:a:brizy:brizy:*:*:*:*:*:wordpress:*:*", "versionEndIncluding": "2.4.29", - "matchCriteriaId": "1F7BDA5C-8611-410F-9B2D-1947A7D3F30E" + "matchCriteriaId": "803BBE54-DBC5-4A37-9AE2-7B118BA1FC1E" } ] } diff --git a/CVE-2023/CVE-2023-525xx/CVE-2023-52532.json b/CVE-2023/CVE-2023-525xx/CVE-2023-52532.json index 2030d9871a6..afdb3dfe658 100644 --- a/CVE-2023/CVE-2023-525xx/CVE-2023-52532.json +++ b/CVE-2023/CVE-2023-525xx/CVE-2023-52532.json @@ -2,8 +2,8 @@ "id": "CVE-2023-52532", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-03-02T22:15:48.660", - "lastModified": "2024-11-21T08:39:58.847", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-16T16:48:47.483", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,31 +15,130 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: mana: corrige el manejo de errores de TX CQE Para un tipo de error de TX CQE desconocido (probablemente de un hardware m\u00e1s nuevo), a\u00fan libere el SKB, actualice la cola de cola, etc.; de lo contrario, la contabilidad estar\u00e1 equivocada. Adem\u00e1s, los errores de TX pueden desencadenarse al inyectar paquetes corruptos, as\u00ed que reemplace WARN_ONCE para registrar errores con velocidad limitada." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.13", + "versionEndExcluding": "6.1.59", + "matchCriteriaId": "56DFEAAF-B938-46AB-9C90-219A4FFA60EF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.5.7", + "matchCriteriaId": "830A824C-F212-4FDC-ADEF-0EBEC6B2365B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.6:rc1:*:*:*:*:*:*", + "matchCriteriaId": "84267A4F-DBC2-444F-B41D-69E15E1BEC97" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.6:rc2:*:*:*:*:*:*", + "matchCriteriaId": "FB440208-241C-4246-9A83-C1715C0DAA6C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.6:rc3:*:*:*:*:*:*", + "matchCriteriaId": "0DC421F1-3D5A-4BEF-BF76-4E468985D20B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.6:rc4:*:*:*:*:*:*", + "matchCriteriaId": "00AB783B-BE05-40E8-9A55-6AA457D95031" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/a910e0f6304726da30a212feecec65cb97ff7a80", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b2b000069a4c307b09548dc2243f31f3ca0eac9c", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b67d7b1bfc46d05c1a58b172516454698e8d5004", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a910e0f6304726da30a212feecec65cb97ff7a80", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b2b000069a4c307b09548dc2243f31f3ca0eac9c", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b67d7b1bfc46d05c1a58b172516454698e8d5004", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-525xx/CVE-2023-52559.json b/CVE-2023/CVE-2023-525xx/CVE-2023-52559.json index 5f5da84f657..2ec7d71b1c8 100644 --- a/CVE-2023/CVE-2023-525xx/CVE-2023-52559.json +++ b/CVE-2023/CVE-2023-525xx/CVE-2023-52559.json @@ -2,8 +2,8 @@ "id": "CVE-2023-52559", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-03-02T22:15:48.700", - "lastModified": "2024-11-21T08:40:03.650", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-16T16:59:39.197", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,39 +15,151 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: iommu/vt-d: evitar la asignaci\u00f3n de memoria en iommu_suspend() La devoluci\u00f3n de llamada de suspensi\u00f3n de syscore iommu_suspend() se invoca con IRQ deshabilitado. La asignaci\u00f3n de memoria con el indicador GFP_KERNEL puede volver a habilitar las IRQ durante la devoluci\u00f3n de llamada de suspensi\u00f3n, lo que puede causar problemas intermitentes de suspensi\u00f3n/hibernaci\u00f3n con los siguientes seguimientos del kernel: Llamando a iommu_suspend+0x0/0x1d0 ------------[ cut aqu\u00ed ]------------ ADVERTENCIA: CPU: 0 PID: 15 en kernel/time/timekeeping.c:868 ktime_get+0x9b/0xb0 ... CPU: 0 PID: 15 Comm: rcu_preempt Contaminado : GUE 6.3-intel #r1 RIP: 0010:ktime_get+0x9b/0xb0 ... Seguimiento de llamadas: tick_sched_timer+0x22/0x90 ? __pfx_tick_sched_timer+0x10/0x10 __hrtimer_run_queues+0x111/0x2b0 hrtimer_interrupt+0xfa/0x230 __sysvec_apic_timer_interrupt+0x63/0x140 sysvec_apic_timer_interrupt+0x7b/0xa0 asm _sysvec_apic_timer_interrupt+0x1f/0x30 ... ---------- --[ cortar aqu\u00ed ]------------ Interrupciones habilitadas despu\u00e9s de iommu_suspend+0x0/0x1d0 ADVERTENCIA: CPU: 0 PID: 27420 en drivers/base/syscore.c:68 syscore_suspend+0x147/0x270 CPU : 0 PID: 27420 Comunicaciones: rtcwake Contaminado: GUWE 6.3-intel #r1 RIP: 0010:syscore_suspend+0x147/0x270 ... Seguimiento de llamadas: hibernation_snapshot+0x25b/0x670 hibernate+0xcd/0x390 state_store+0xcf/0xe0 kobj_attr _tienda +0x13/0x30 sysfs_kf_write+0x3f/0x50 kernfs_fop_write_iter+0x128/0x200 vfs_write+0x1fd/0x3c0 ksys_write+0x6f/0xf0 __x64_sys_write+0x1d/0x30 do_syscall_64+0x3b/0 x90 Entry_SYSCALL_64_after_hwframe+0x72/0xdc Dado que s\u00f3lo se necesitan 4 palabras de memoria, evite el asignaci\u00f3n de memoria en iommu_suspend()." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.136", + "matchCriteriaId": "B1FA5161-3AC0-44DF-B1F7-93A070F2B1E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.57", + "matchCriteriaId": "8629E5D1-351D-4D4B-8D05-E10BD4A1CFD0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.5.7", + "matchCriteriaId": "830A824C-F212-4FDC-ADEF-0EBEC6B2365B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.6:rc1:*:*:*:*:*:*", + "matchCriteriaId": "84267A4F-DBC2-444F-B41D-69E15E1BEC97" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.6:rc2:*:*:*:*:*:*", + "matchCriteriaId": "FB440208-241C-4246-9A83-C1715C0DAA6C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.6:rc3:*:*:*:*:*:*", + "matchCriteriaId": "0DC421F1-3D5A-4BEF-BF76-4E468985D20B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.6:rc4:*:*:*:*:*:*", + "matchCriteriaId": "00AB783B-BE05-40E8-9A55-6AA457D95031" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/29298c85a81abdc512e87537515ed4b1a9601d0e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/496c591f0b389eb782f36d9d4c2564b9a865eed0", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/59df44bfb0ca4c3ee1f1c3c5d0ee8e314844799e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c12ef025add77ca3a0902e8719d552b6d47b4282", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/29298c85a81abdc512e87537515ed4b1a9601d0e", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/496c591f0b389eb782f36d9d4c2564b9a865eed0", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/59df44bfb0ca4c3ee1f1c3c5d0ee8e314844799e", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c12ef025add77ca3a0902e8719d552b6d47b4282", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-56xx/CVE-2023-5611.json b/CVE-2023/CVE-2023-56xx/CVE-2023-5611.json index a775e3a4f64..5df76c28f8d 100644 --- a/CVE-2023/CVE-2023-56xx/CVE-2023-5611.json +++ b/CVE-2023/CVE-2023-56xx/CVE-2023-5611.json @@ -2,7 +2,7 @@ "id": "CVE-2023-5611", "sourceIdentifier": "contact@wpscan.com", "published": "2023-11-27T17:15:09.083", - "lastModified": "2024-11-21T08:42:07.153", + "lastModified": "2025-01-16T15:44:50.793", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -60,9 +60,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:seraphinitesolutions:seraphinite_accelerator:*:*:*:*:*:wordpress:*:*", + "criteria": "cpe:2.3:a:s-sols:seraphinite_accelerator:*:*:*:*:*:wordpress:*:*", "versionEndExcluding": "2.20.32", - "matchCriteriaId": "4F7D8116-522C-4A41-990D-9162E88CCF55" + "matchCriteriaId": "33F14D30-3BF2-4468-8365-508D1BE75023" } ] } diff --git a/CVE-2024/CVE-2024-11xx/CVE-2024-1161.json b/CVE-2024/CVE-2024-11xx/CVE-2024-1161.json index c8e931f4d17..5759d553c15 100644 --- a/CVE-2024/CVE-2024-11xx/CVE-2024-1161.json +++ b/CVE-2024/CVE-2024-11xx/CVE-2024-1161.json @@ -2,7 +2,7 @@ "id": "CVE-2024-1161", "sourceIdentifier": "security@wordfence.com", "published": "2024-06-05T06:15:09.010", - "lastModified": "2024-11-21T08:49:56.127", + "lastModified": "2025-01-16T15:08:00.773", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -80,9 +80,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:brizy:brizy-page_builder:*:*:*:*:*:wordpress:*:*", + "criteria": "cpe:2.3:a:brizy:brizy:*:*:*:*:*:wordpress:*:*", "versionEndExcluding": "2.4.44", - "matchCriteriaId": "0E89EC06-A340-4DE2-B625-4AC05E3C42F6" + "matchCriteriaId": "3DFE61FF-9127-418B-A828-F51B7273CFEF" } ] } diff --git a/CVE-2024/CVE-2024-11xx/CVE-2024-1164.json b/CVE-2024/CVE-2024-11xx/CVE-2024-1164.json index a1077517b94..e1033454135 100644 --- a/CVE-2024/CVE-2024-11xx/CVE-2024-1164.json +++ b/CVE-2024/CVE-2024-11xx/CVE-2024-1164.json @@ -2,7 +2,7 @@ "id": "CVE-2024-1164", "sourceIdentifier": "security@wordfence.com", "published": "2024-06-05T07:15:45.310", - "lastModified": "2024-11-21T08:49:56.530", + "lastModified": "2025-01-16T15:08:00.773", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -80,9 +80,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:brizy:brizy-page_builder:*:*:*:*:*:wordpress:*:*", + "criteria": "cpe:2.3:a:brizy:brizy:*:*:*:*:*:wordpress:*:*", "versionEndExcluding": "2.4.44", - "matchCriteriaId": "0E89EC06-A340-4DE2-B625-4AC05E3C42F6" + "matchCriteriaId": "3DFE61FF-9127-418B-A828-F51B7273CFEF" } ] } diff --git a/CVE-2024/CVE-2024-12xx/CVE-2024-1291.json b/CVE-2024/CVE-2024-12xx/CVE-2024-1291.json index 460fd4bd43d..cd14e5332f7 100644 --- a/CVE-2024/CVE-2024-12xx/CVE-2024-1291.json +++ b/CVE-2024/CVE-2024-12xx/CVE-2024-1291.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1291", "sourceIdentifier": "security@wordfence.com", "published": "2024-03-13T16:15:18.807", - "lastModified": "2024-11-21T08:50:14.863", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-01-16T15:28:37.230", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,25 +36,87 @@ }, "exploitabilityScore": 3.1, "impactScore": 2.7 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:brizy:brizy:*:*:*:*:free:wordpress:*:*", + "versionEndExcluding": "2.4.41", + "matchCriteriaId": "CC1C870B-AF77-4DE2-9ED7-512B172092CB" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3034945%40brizy%2Ftrunk&old=3032616%40brizy%2Ftrunk&sfp_email=&sfph_mail=", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/fb4b5165-35a6-47e9-922e-b244b0d006e4?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3034945%40brizy%2Ftrunk&old=3032616%40brizy%2Ftrunk&sfp_email=&sfph_mail=", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Product" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/fb4b5165-35a6-47e9-922e-b244b0d006e4?source=cve", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-12xx/CVE-2024-1293.json b/CVE-2024/CVE-2024-12xx/CVE-2024-1293.json index 48b65b7ae49..de84ff8fa64 100644 --- a/CVE-2024/CVE-2024-12xx/CVE-2024-1293.json +++ b/CVE-2024/CVE-2024-12xx/CVE-2024-1293.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1293", "sourceIdentifier": "security@wordfence.com", "published": "2024-03-13T16:15:19.043", - "lastModified": "2024-11-21T08:50:15.167", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-01-16T15:28:17.073", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,25 +36,87 @@ }, "exploitabilityScore": 3.1, "impactScore": 2.7 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:brizy:brizy:*:*:*:*:free:wordpress:*:*", + "versionEndExcluding": "2.4.41", + "matchCriteriaId": "CC1C870B-AF77-4DE2-9ED7-512B172092CB" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3034945%40brizy%2Ftrunk&old=3032616%40brizy%2Ftrunk&sfp_email=&sfph_mail=", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/57dac6de-545f-49e5-9f45-d90a48d6b05f?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3034945%40brizy%2Ftrunk&old=3032616%40brizy%2Ftrunk&sfp_email=&sfph_mail=", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Product" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/57dac6de-545f-49e5-9f45-d90a48d6b05f?source=cve", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-12xx/CVE-2024-1296.json b/CVE-2024/CVE-2024-12xx/CVE-2024-1296.json index ce6cbe59a52..abe175f0f61 100644 --- a/CVE-2024/CVE-2024-12xx/CVE-2024-1296.json +++ b/CVE-2024/CVE-2024-12xx/CVE-2024-1296.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1296", "sourceIdentifier": "security@wordfence.com", "published": "2024-03-13T16:15:19.257", - "lastModified": "2024-11-21T08:50:15.633", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-01-16T15:27:56.237", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,41 +36,115 @@ }, "exploitabilityScore": 3.1, "impactScore": 2.7 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:brizy:brizy:*:*:*:*:free:wordpress:*:*", + "versionEndExcluding": "2.4.41", + "matchCriteriaId": "CC1C870B-AF77-4DE2-9ED7-512B172092CB" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/brizy/trunk/editor/post.php#L529", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://plugins.trac.wordpress.org/browser/brizy/trunk/editor/zip/archiver.php#L196", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3034945%40brizy%2Ftrunk&old=3032616%40brizy%2Ftrunk&sfp_email=&sfph_mail=#file4", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3e1008ad-daa9-4785-9dd5-4cdeb10d7e59?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://plugins.trac.wordpress.org/browser/brizy/trunk/editor/post.php#L529", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Product" + ] }, { "url": "https://plugins.trac.wordpress.org/browser/brizy/trunk/editor/zip/archiver.php#L196", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Product" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3034945%40brizy%2Ftrunk&old=3032616%40brizy%2Ftrunk&sfp_email=&sfph_mail=#file4", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Product" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3e1008ad-daa9-4785-9dd5-4cdeb10d7e59?source=cve", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-13xx/CVE-2024-1311.json b/CVE-2024/CVE-2024-13xx/CVE-2024-1311.json index 3073ca31e77..6f13828cc4e 100644 --- a/CVE-2024/CVE-2024-13xx/CVE-2024-1311.json +++ b/CVE-2024/CVE-2024-13xx/CVE-2024-1311.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1311", "sourceIdentifier": "security@wordfence.com", "published": "2024-03-13T16:15:19.450", - "lastModified": "2024-11-21T08:50:17.897", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-01-16T15:27:31.173", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -39,30 +39,78 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:brizy:brizy:*:*:*:*:free:wordpress:*:*", + "versionEndExcluding": "2.4.41", + "matchCriteriaId": "CC1C870B-AF77-4DE2-9ED7-512B172092CB" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/brizy/trunk/editor/zip/archiver.php#L254", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/3034945/brizy/tags/2.4.41/editor/zip/archiver.php", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/dc023c1b-7ec6-45b6-b50a-f0d823065843?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://plugins.trac.wordpress.org/browser/brizy/trunk/editor/zip/archiver.php#L254", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Product" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/3034945/brizy/tags/2.4.41/editor/zip/archiver.php", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/dc023c1b-7ec6-45b6-b50a-f0d823065843?source=cve", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-13xx/CVE-2024-1388.json b/CVE-2024/CVE-2024-13xx/CVE-2024-1388.json index bf5c945f53b..61887dc7cc3 100644 --- a/CVE-2024/CVE-2024-13xx/CVE-2024-1388.json +++ b/CVE-2024/CVE-2024-13xx/CVE-2024-1388.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1388", "sourceIdentifier": "security@wordfence.com", "published": "2024-02-28T07:15:07.737", - "lastModified": "2024-11-21T08:50:28.327", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-16T15:18:18.140", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,25 +36,87 @@ }, "exploitabilityScore": 2.8, "impactScore": 1.4 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wpmoose:yuki:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "1.3.14", + "matchCriteriaId": "32648B03-6CD6-4253-B333-B442B277D412" + } + ] + } + ] + } + ], "references": [ { "url": "https://themes.trac.wordpress.org/changeset/217428/yuki/1.3.14/inc/extensions/class-reset-extension.php", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d964e0ef-f14e-463b-bf4e-3f25788df03c?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://themes.trac.wordpress.org/changeset/217428/yuki/1.3.14/inc/extensions/class-reset-extension.php", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d964e0ef-f14e-463b-bf4e-3f25788df03c?source=cve", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-14xx/CVE-2024-1453.json b/CVE-2024/CVE-2024-14xx/CVE-2024-1453.json index 947f275c4c5..81c3bad3f73 100644 --- a/CVE-2024/CVE-2024-14xx/CVE-2024-1453.json +++ b/CVE-2024/CVE-2024-14xx/CVE-2024-1453.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1453", "sourceIdentifier": "ics-cert@hq.dhs.gov", "published": "2024-03-01T19:15:07.037", - "lastModified": "2024-11-21T08:50:37.020", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-16T16:03:19.477", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 } ] }, @@ -51,14 +71,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:santesoft:dicom_viewer_pro:*:*:*:*:*:*:*:*", + "versionEndExcluding": "14.0.4", + "matchCriteriaId": "0E360E05-7D6B-44A0-B2CB-E025654F1DD4" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-24-058-01", - "source": "ics-cert@hq.dhs.gov" + "source": "ics-cert@hq.dhs.gov", + "tags": [ + "Third Party Advisory", + "US Government Resource" + ] }, { "url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-24-058-01", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory", + "US Government Resource" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-15xx/CVE-2024-1568.json b/CVE-2024/CVE-2024-15xx/CVE-2024-1568.json index f65c4bfffa5..90281657e6f 100644 --- a/CVE-2024/CVE-2024-15xx/CVE-2024-1568.json +++ b/CVE-2024/CVE-2024-15xx/CVE-2024-1568.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1568", "sourceIdentifier": "security@wordfence.com", "published": "2024-02-28T07:15:08.713", - "lastModified": "2024-11-21T08:50:51.240", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-16T15:34:31.447", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,25 +36,87 @@ }, "exploitabilityScore": 3.1, "impactScore": 2.7 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 6.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-918" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:s-sols:seraphinite_accelerator:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "2.20.52", + "matchCriteriaId": "63B4CC7A-F0AE-4E82-A6DE-83781EEFC2AC" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/changeset/3040707/seraphinite-accelerator", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/07287a85-df00-408a-8b02-978fd3116155?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/3040707/seraphinite-accelerator", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/07287a85-df00-408a-8b02-978fd3116155?source=cve", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-19xx/CVE-2024-1937.json b/CVE-2024/CVE-2024-19xx/CVE-2024-1937.json index 3fa10fab334..772c298f761 100644 --- a/CVE-2024/CVE-2024-19xx/CVE-2024-1937.json +++ b/CVE-2024/CVE-2024-19xx/CVE-2024-1937.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1937", "sourceIdentifier": "security@wordfence.com", "published": "2024-07-16T09:15:02.257", - "lastModified": "2024-11-21T08:51:38.427", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-01-16T15:26:27.540", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,25 +36,87 @@ }, "exploitabilityScore": 2.8, "impactScore": 4.2 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:brizy:brizy:*:*:*:*:free:wordpress:*:*", + "versionEndExcluding": "2.4.45", + "matchCriteriaId": "6B36647B-0EFD-472F-9AF6-C559B7F41CAE" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/changeset/3112878/brizy/trunk/editor/api.php", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bb5f73c3-f40b-45d5-9947-c1a514d230f7?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/3112878/brizy/trunk/editor/api.php", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bb5f73c3-f40b-45d5-9947-c1a514d230f7?source=cve", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-19xx/CVE-2024-1940.json b/CVE-2024/CVE-2024-19xx/CVE-2024-1940.json index d236332fe84..7818a8a06cd 100644 --- a/CVE-2024/CVE-2024-19xx/CVE-2024-1940.json +++ b/CVE-2024/CVE-2024-19xx/CVE-2024-1940.json @@ -2,7 +2,7 @@ "id": "CVE-2024-1940", "sourceIdentifier": "security@wordfence.com", "published": "2024-06-05T06:15:09.780", - "lastModified": "2024-11-21T08:51:38.897", + "lastModified": "2025-01-16T15:08:00.773", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -80,9 +80,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:brizy:brizy-page_builder:*:*:*:*:*:wordpress:*:*", + "criteria": "cpe:2.3:a:brizy:brizy:*:*:*:*:*:wordpress:*:*", "versionEndExcluding": "2.4.42", - "matchCriteriaId": "37C4579C-3DD0-4896-A6BF-DB256575899C" + "matchCriteriaId": "EE210ABE-1160-42A7-BED8-A66F8BED38E3" } ] } diff --git a/CVE-2024/CVE-2024-20xx/CVE-2024-2087.json b/CVE-2024/CVE-2024-20xx/CVE-2024-2087.json index 8a11f558c5d..c29f4d39492 100644 --- a/CVE-2024/CVE-2024-20xx/CVE-2024-2087.json +++ b/CVE-2024/CVE-2024-20xx/CVE-2024-2087.json @@ -2,7 +2,7 @@ "id": "CVE-2024-2087", "sourceIdentifier": "security@wordfence.com", "published": "2024-06-05T06:15:10.833", - "lastModified": "2024-11-21T09:09:00.990", + "lastModified": "2025-01-16T15:08:00.773", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -80,9 +80,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:brizy:brizy-page_builder:*:*:*:*:*:wordpress:*:*", + "criteria": "cpe:2.3:a:brizy:brizy:*:*:*:*:*:wordpress:*:*", "versionEndExcluding": "2.4.44", - "matchCriteriaId": "0E89EC06-A340-4DE2-B625-4AC05E3C42F6" + "matchCriteriaId": "3DFE61FF-9127-418B-A828-F51B7273CFEF" } ] } diff --git a/CVE-2024/CVE-2024-24xx/CVE-2024-2403.json b/CVE-2024/CVE-2024-24xx/CVE-2024-2403.json index a4eae73be1c..26794913be1 100644 --- a/CVE-2024/CVE-2024-24xx/CVE-2024-2403.json +++ b/CVE-2024/CVE-2024-24xx/CVE-2024-2403.json @@ -2,8 +2,8 @@ "id": "CVE-2024-2403", "sourceIdentifier": "security@devolutions.net", "published": "2024-03-13T18:15:07.917", - "lastModified": "2024-11-21T09:09:40.817", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-16T15:59:23.390", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,15 +15,86 @@ "value": "La limpieza inadecuada en el componente de manejo de archivos temporales en Devolutions Remote Desktop Manager 2024.1.12 y versiones anteriores en Windows permite que un atacante que comprometi\u00f3 el endpoint de un usuario, bajo circunstancias espec\u00edficas, acceda a informaci\u00f3n confidencial a trav\u00e9s de archivos residuales en el directorio temporal." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 5.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.2, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-459" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:devolutions:remote_desktop_manager:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2024.1.15.0", + "matchCriteriaId": "37F1896F-035F-40E2-A136-F2C28095A8CD" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://devolutions.net/security/advisories/DEVO-2024-0004", - "source": "security@devolutions.net" + "source": "security@devolutions.net", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://devolutions.net/security/advisories/DEVO-2024-0004", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-262xx/CVE-2024-26238.json b/CVE-2024/CVE-2024-262xx/CVE-2024-26238.json index 7d914810cef..4e08cb07ed6 100644 --- a/CVE-2024/CVE-2024-262xx/CVE-2024-26238.json +++ b/CVE-2024/CVE-2024-262xx/CVE-2024-26238.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26238", "sourceIdentifier": "secure@microsoft.com", "published": "2024-05-14T17:15:50.627", - "lastModified": "2024-11-21T09:02:12.737", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-16T16:46:01.327", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -49,16 +49,68 @@ "value": "CWE-59" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.19044.4412", + "matchCriteriaId": "D5BD3224-D38E-4985-B911-8CD7E62A400C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.19044.4412", + "matchCriteriaId": "EA14B731-C53D-474F-A10E-B585BD19F94E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.19045.4412", + "matchCriteriaId": "F3D1DCCB-EB8B-4DC9-A9AE-10244DBD9F30" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.19045.4412", + "matchCriteriaId": "B5AB9DEF-2D26-4874-A28B-B9EC96971795" + } + ] + } + ] } ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26238", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26238", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-278xx/CVE-2024-27856.json b/CVE-2024/CVE-2024-278xx/CVE-2024-27856.json index 6f728eab46a..b9fb0256c74 100644 --- a/CVE-2024/CVE-2024-278xx/CVE-2024-27856.json +++ b/CVE-2024/CVE-2024-278xx/CVE-2024-27856.json @@ -2,16 +2,55 @@ "id": "CVE-2024-27856", "sourceIdentifier": "product-security@apple.com", "published": "2025-01-15T20:15:27.483", - "lastModified": "2025-01-15T20:15:27.483", + "lastModified": "2025-01-16T15:15:13.100", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.5, iOS 16.7.8 and iPadOS 16.7.8, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, tvOS 17.5, visionOS 1.2. Processing a file may lead to unexpected app termination or arbitrary code execution." + }, + { + "lang": "es", + "value": "" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://support.apple.com/en-us/120896", diff --git a/CVE-2024/CVE-2024-289xx/CVE-2024-28943.json b/CVE-2024/CVE-2024-289xx/CVE-2024-28943.json index 93f474a925b..690d1be15fe 100644 --- a/CVE-2024/CVE-2024-289xx/CVE-2024-28943.json +++ b/CVE-2024/CVE-2024-289xx/CVE-2024-28943.json @@ -2,8 +2,8 @@ "id": "CVE-2024-28943", "sourceIdentifier": "secure@microsoft.com", "published": "2024-04-09T17:15:56.630", - "lastModified": "2024-11-21T09:07:14.757", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-16T16:01:01.603", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -49,16 +49,114 @@ "value": "CWE-122" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:linux:*:*", + "versionStartIncluding": "17.0.1.1", + "versionEndExcluding": "17.10.6.1", + "matchCriteriaId": "453652D6-37A7-49BC-8660-330EADA8CCDD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:macos:*:*", + "versionStartIncluding": "17.0.1.1", + "versionEndExcluding": "17.10.6.1", + "matchCriteriaId": "422283AD-E25A-4779-BB9A-0E496BFAC524" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:windows:*:*", + "versionStartIncluding": "17.0.1.1", + "versionEndExcluding": "17.10.6.1", + "matchCriteriaId": "9BDD3D5D-70D5-4767-95DC-25873774B536" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:linux:*:*", + "versionStartIncluding": "18.0.1.1", + "versionEndExcluding": "18.3.3.1", + "matchCriteriaId": "C8B405E1-CC25-4883-A26D-4A4237E43FB0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:macos:*:*", + "versionStartIncluding": "18.0.1.1", + "versionEndExcluding": "18.3.3.1", + "matchCriteriaId": "7236DD21-703E-4359-88AD-E68C3B1D33FE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:windows:*:*", + "versionStartIncluding": "18.0.1.1", + "versionEndExcluding": "18.3.3.1", + "matchCriteriaId": "948FC47B-E7FE-404A-A747-18DA61D35A3F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*", + "versionStartIncluding": "15.0.2000.5", + "versionEndExcluding": "15.0.2110.4", + "matchCriteriaId": "DD9CBEE2-6BF0-45E5-8DAA-2749344ECCFE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*", + "versionStartIncluding": "15.0.4003.23", + "versionEndExcluding": "15.0.4360.2", + "matchCriteriaId": "C9C35D21-EE02-4562-8196-7A4781DECF06" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*", + "versionStartIncluding": "16.0.1000.6", + "versionEndExcluding": "16.0.1115.1", + "matchCriteriaId": "6A943249-37AA-4E3B-A074-7E87EC4CD040" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*", + "versionStartIncluding": "16.0.4003.1", + "versionEndExcluding": "16.0.4120.1", + "matchCriteriaId": "2ADF9550-5FAA-4696-9F59-8D235B989541" + } + ] + } + ] } ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28943", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28943", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-290xx/CVE-2024-29043.json b/CVE-2024/CVE-2024-290xx/CVE-2024-29043.json index 05f482138ed..8c14a729269 100644 --- a/CVE-2024/CVE-2024-290xx/CVE-2024-29043.json +++ b/CVE-2024/CVE-2024-290xx/CVE-2024-29043.json @@ -2,8 +2,8 @@ "id": "CVE-2024-29043", "sourceIdentifier": "secure@microsoft.com", "published": "2024-04-09T17:15:57.257", - "lastModified": "2024-11-21T09:07:26.317", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-16T16:01:35.767", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -49,16 +49,114 @@ "value": "CWE-416" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:linux:*:*", + "versionStartIncluding": "17.0.1.1", + "versionEndExcluding": "17.10.6.1", + "matchCriteriaId": "453652D6-37A7-49BC-8660-330EADA8CCDD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:macos:*:*", + "versionStartIncluding": "17.0.1.1", + "versionEndExcluding": "17.10.6.1", + "matchCriteriaId": "422283AD-E25A-4779-BB9A-0E496BFAC524" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:windows:*:*", + "versionStartIncluding": "17.0.1.1", + "versionEndExcluding": "17.10.6.1", + "matchCriteriaId": "9BDD3D5D-70D5-4767-95DC-25873774B536" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:linux:*:*", + "versionStartIncluding": "18.0.1.1", + "versionEndExcluding": "18.3.3.1", + "matchCriteriaId": "C8B405E1-CC25-4883-A26D-4A4237E43FB0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:macos:*:*", + "versionStartIncluding": "18.0.1.1", + "versionEndExcluding": "18.3.3.1", + "matchCriteriaId": "7236DD21-703E-4359-88AD-E68C3B1D33FE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:windows:*:*", + "versionStartIncluding": "18.0.1.1", + "versionEndExcluding": "18.3.3.1", + "matchCriteriaId": "948FC47B-E7FE-404A-A747-18DA61D35A3F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*", + "versionStartIncluding": "15.0.2000.5", + "versionEndExcluding": "15.0.2110.4", + "matchCriteriaId": "DD9CBEE2-6BF0-45E5-8DAA-2749344ECCFE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*", + "versionStartIncluding": "15.0.4003.23", + "versionEndExcluding": "15.0.4360.2", + "matchCriteriaId": "C9C35D21-EE02-4562-8196-7A4781DECF06" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*", + "versionStartIncluding": "16.0.1000.6", + "versionEndExcluding": "16.0.1115.1", + "matchCriteriaId": "6A943249-37AA-4E3B-A074-7E87EC4CD040" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*", + "versionStartIncluding": "16.0.4003.1", + "versionEndExcluding": "16.0.4120.1", + "matchCriteriaId": "2ADF9550-5FAA-4696-9F59-8D235B989541" + } + ] + } + ] } ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29043", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29043", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-290xx/CVE-2024-29050.json b/CVE-2024/CVE-2024-290xx/CVE-2024-29050.json index efd35940492..80cb5bbcb40 100644 --- a/CVE-2024/CVE-2024-290xx/CVE-2024-29050.json +++ b/CVE-2024/CVE-2024-290xx/CVE-2024-29050.json @@ -2,8 +2,8 @@ "id": "CVE-2024-29050", "sourceIdentifier": "secure@microsoft.com", "published": "2024-04-09T17:15:58.540", - "lastModified": "2024-11-21T09:07:27.143", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-16T16:17:54.357", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 2.5, "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 } ] }, @@ -49,16 +69,142 @@ "value": "CWE-197" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-295" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.10240.20596", + "matchCriteriaId": "E7BDA51E-51E0-487D-A25F-2477213B563E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.10240.20596", + "matchCriteriaId": "A607FDAE-53FE-49DA-806F-0533F5ECC108" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.14393.6897", + "matchCriteriaId": "6CA18E04-75AD-4BC1-BCF7-B7C3DD33D9D3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.14393.6897", + "matchCriteriaId": "8E68CF86-FB36-4E0E-A919-D7010E1D9CEE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.5696", + "matchCriteriaId": "7C50F3D5-1329-4563-BB59-9C50E2EEC237" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19044.4291", + "matchCriteriaId": "1BE5B3C6-9F18-44A0-95CC-B4CD358794BF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19045.4291", + "matchCriteriaId": "23C51F9B-0BF1-414C-BFA5-4F5B81413E9E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22000.2899", + "matchCriteriaId": "39B18FD8-656D-46D2-8BDE-AF030C278E02" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22621.3447", + "matchCriteriaId": "54B49649-55CB-4BFF-BB50-592662435694" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", + "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.14393.6897", + "matchCriteriaId": "412F0026-BBE6-4F7D-ABC2-56E9F1791122" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.5696", + "matchCriteriaId": "4EAAB276-D0E4-41CA-8A25-4DE9FC90543E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.20348.2402", + "matchCriteriaId": "7103C832-A4FB-4373-8A93-291E7A89B4AA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.25398.830", + "matchCriteriaId": "F2B61B79-FEE5-4041-918D-6FE2C92771DC" + } + ] + } + ] } ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29050", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29050", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-290xx/CVE-2024-29066.json b/CVE-2024/CVE-2024-290xx/CVE-2024-29066.json index e2cce4e7197..4f6fc97bb86 100644 --- a/CVE-2024/CVE-2024-290xx/CVE-2024-29066.json +++ b/CVE-2024/CVE-2024-290xx/CVE-2024-29066.json @@ -2,8 +2,8 @@ "id": "CVE-2024-29066", "sourceIdentifier": "secure@microsoft.com", "published": "2024-04-09T17:16:00.537", - "lastModified": "2024-11-21T09:07:29.083", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-16T16:19:25.863", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -49,16 +49,88 @@ "value": "CWE-367" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", + "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.14393.6897", + "matchCriteriaId": "412F0026-BBE6-4F7D-ABC2-56E9F1791122" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.5696", + "matchCriteriaId": "4EAAB276-D0E4-41CA-8A25-4DE9FC90543E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.20348.2402", + "matchCriteriaId": "7103C832-A4FB-4373-8A93-291E7A89B4AA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.25398.830", + "matchCriteriaId": "F2B61B79-FEE5-4041-918D-6FE2C92771DC" + } + ] + } + ] } ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29066", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29066", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-32xx/CVE-2024-3242.json b/CVE-2024/CVE-2024-32xx/CVE-2024-3242.json index a541667a642..b3fd24287e5 100644 --- a/CVE-2024/CVE-2024-32xx/CVE-2024-3242.json +++ b/CVE-2024/CVE-2024-32xx/CVE-2024-3242.json @@ -2,7 +2,7 @@ "id": "CVE-2024-3242", "sourceIdentifier": "security@wordfence.com", "published": "2024-07-18T09:15:02.337", - "lastModified": "2024-11-21T09:29:13.687", + "lastModified": "2025-01-16T15:08:00.773", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -60,9 +60,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:brizy:brizy-page_builder:*:*:*:*:*:wordpress:*:*", + "criteria": "cpe:2.3:a:brizy:brizy:*:*:*:*:*:wordpress:*:*", "versionEndExcluding": "2.4.45", - "matchCriteriaId": "7E4F81C6-9678-4B04-9595-5AED34A9EF52" + "matchCriteriaId": "70A1A7C3-CB00-43BF-8770-C0554CE0E70F" } ] } diff --git a/CVE-2024/CVE-2024-340xx/CVE-2024-34077.json b/CVE-2024/CVE-2024-340xx/CVE-2024-34077.json index ceed7920ae6..86e4216de5f 100644 --- a/CVE-2024/CVE-2024-340xx/CVE-2024-34077.json +++ b/CVE-2024/CVE-2024-340xx/CVE-2024-34077.json @@ -2,8 +2,8 @@ "id": "CVE-2024-34077", "sourceIdentifier": "security-advisories@github.com", "published": "2024-05-14T15:38:28.583", - "lastModified": "2024-11-21T09:18:02.530", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-16T16:40:04.230", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 3.4 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 7.3, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 } ] }, @@ -53,32 +73,90 @@ "value": "CWE-620" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mantisbt:mantisbt:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.26.2", + "matchCriteriaId": "3EEBB443-A324-42A1-9D56-638BBE9702A4" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/mantisbt/mantisbt/commit/92d11a01b195a1b6717a2f205218089158ea6d00", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/mantisbt/mantisbt/security/advisories/GHSA-93x3-m7pw-ppqm", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Exploit", + "Issue Tracking", + "Mitigation", + "Patch", + "Vendor Advisory" + ] }, { "url": "https://mantisbt.org/bugs/view.php?id=34433", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Exploit", + "Issue Tracking", + "Vendor Advisory" + ] }, { "url": "https://github.com/mantisbt/mantisbt/commit/92d11a01b195a1b6717a2f205218089158ea6d00", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/mantisbt/mantisbt/security/advisories/GHSA-93x3-m7pw-ppqm", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Issue Tracking", + "Mitigation", + "Patch", + "Vendor Advisory" + ] }, { "url": "https://mantisbt.org/bugs/view.php?id=34433", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Issue Tracking", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-340xx/CVE-2024-34080.json b/CVE-2024/CVE-2024-340xx/CVE-2024-34080.json index bb2e267f677..7d4d362796b 100644 --- a/CVE-2024/CVE-2024-340xx/CVE-2024-34080.json +++ b/CVE-2024/CVE-2024-340xx/CVE-2024-34080.json @@ -2,8 +2,8 @@ "id": "CVE-2024-34080", "sourceIdentifier": "security-advisories@github.com", "published": "2024-05-14T15:38:29.703", - "lastModified": "2024-11-21T09:18:02.957", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-16T16:44:40.283", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 1.4 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 } ] }, @@ -49,40 +69,96 @@ "value": "CWE-200" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mantisbt:mantisbt:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.26.2", + "matchCriteriaId": "3EEBB443-A324-42A1-9D56-638BBE9702A4" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/mantisbt/mantisbt/commit/0a50562369d823689c9b946066d1e49d3c2df226", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/mantisbt/mantisbt/pull/2000", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/mantisbt/mantisbt/security/advisories/GHSA-99jc-wqmr-ff2q", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://mantisbt.org/bugs/view.php?id=34434", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Issue Tracking", + "Patch", + "Vendor Advisory" + ] }, { "url": "https://github.com/mantisbt/mantisbt/commit/0a50562369d823689c9b946066d1e49d3c2df226", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/mantisbt/mantisbt/pull/2000", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/mantisbt/mantisbt/security/advisories/GHSA-99jc-wqmr-ff2q", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://mantisbt.org/bugs/view.php?id=34434", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Issue Tracking", + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-340xx/CVE-2024-34081.json b/CVE-2024/CVE-2024-340xx/CVE-2024-34081.json index 9d8ba1110db..3ee5fffb2ea 100644 --- a/CVE-2024/CVE-2024-340xx/CVE-2024-34081.json +++ b/CVE-2024/CVE-2024-340xx/CVE-2024-34081.json @@ -2,8 +2,8 @@ "id": "CVE-2024-34081", "sourceIdentifier": "security-advisories@github.com", "published": "2024-05-14T15:38:30.257", - "lastModified": "2024-11-21T09:18:03.090", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-16T16:42:57.800", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 2.3, "impactScore": 3.7 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 4.8, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 } ] }, @@ -49,32 +69,84 @@ "value": "CWE-79" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mantisbt:mantisbt:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.26.2", + "matchCriteriaId": "3EEBB443-A324-42A1-9D56-638BBE9702A4" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/mantisbt/mantisbt/commit/447a521aae0f82f791b8116a14a20e276df739be", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/mantisbt/mantisbt/security/advisories/GHSA-wgx7-jp56-65mq", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] }, { "url": "https://mantisbt.org/bugs/view.php?id=34432", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Issue Tracking", + "Mitigation", + "Vendor Advisory" + ] }, { "url": "https://github.com/mantisbt/mantisbt/commit/447a521aae0f82f791b8116a14a20e276df739be", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/mantisbt/mantisbt/security/advisories/GHSA-wgx7-jp56-65mq", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch", + "Vendor Advisory" + ] }, { "url": "https://mantisbt.org/bugs/view.php?id=34432", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Issue Tracking", + "Mitigation", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-34xx/CVE-2024-3499.json b/CVE-2024/CVE-2024-34xx/CVE-2024-3499.json index 36b8d744f66..4020086ab5b 100644 --- a/CVE-2024/CVE-2024-34xx/CVE-2024-3499.json +++ b/CVE-2024/CVE-2024-34xx/CVE-2024-3499.json @@ -2,8 +2,8 @@ "id": "CVE-2024-3499", "sourceIdentifier": "security@wordfence.com", "published": "2024-05-02T17:15:25.940", - "lastModified": "2024-11-21T09:29:44.187", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-01-16T15:04:25.197", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -39,22 +39,64 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wpmet:elements_kit_elementor_addons:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "3.1.1", + "matchCriteriaId": "D402A7DF-8853-447A-AAFF-F99CE7BB6723" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/changeset/3070789/elementskit-lite", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6158ec37-a6fb-42f9-bab6-bf547ea28ea0?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/3070789/elementskit-lite", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6158ec37-a6fb-42f9-bab6-bf547ea28ea0?source=cve", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-359xx/CVE-2024-35985.json b/CVE-2024/CVE-2024-359xx/CVE-2024-35985.json index 27bb95fd1c4..45a46a8f8a2 100644 --- a/CVE-2024/CVE-2024-359xx/CVE-2024-35985.json +++ b/CVE-2024/CVE-2024-359xx/CVE-2024-35985.json @@ -2,8 +2,8 @@ "id": "CVE-2024-35985", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-20T10:15:12.920", - "lastModified": "2024-11-21T09:21:21.843", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-01-16T16:43:59.487", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,31 +15,135 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: sched/eevdf: evita que vlag se salga de los l\u00edmites en reweight_eevdf(). Era posible que pick_eevdf() devolviera NULL, lo que luego causa un NULL-deref. Esto result\u00f3 ser debido a que entidad_eligible() devolvi\u00f3 un resultado falso negativo debido a un desbordamiento de multiplicaci\u00f3n s64. Espec\u00edficamente, reweight_eevdf() calcula el vlag sin considerar el l\u00edmite impuesto a vlag como lo hace update_entity_lag(), y luego la multiplicaci\u00f3n de escala (recuerde que el peso es un punto fijo de 20 bits) puede desbordarse. Esto luego lleva a que el nuevo vruntime sea extra\u00f1o, lo que luego hace que la entidad_eligible() anterior se desv\u00ede y afirme que nada es elegible. Por lo tanto, limite el rango de vlag en consecuencia. Todo esto fue bastante raro, pero fatal cuando sucede." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.6.4", + "versionEndExcluding": "6.6.30", + "matchCriteriaId": "DFFE891E-8131-42AA-87DF-875DEFF1AFEA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.8.9", + "matchCriteriaId": "5F9041E5-8358-4EF7-8F98-B812EDE49612" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*", + "matchCriteriaId": "22BEDD49-2C6D-402D-9DBF-6646F6ECD10B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:*", + "matchCriteriaId": "DF73CB2A-DFFD-46FB-9BFE-AA394F27EA37" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc3:*:*:*:*:*:*", + "matchCriteriaId": "52048DDA-FC5A-4363-95A0-A6357B4D7F8C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc4:*:*:*:*:*:*", + "matchCriteriaId": "A06B2CCF-3F43-4FA9-8773-C83C3F5764B2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc5:*:*:*:*:*:*", + "matchCriteriaId": "F850DCEC-E08B-4317-A33B-D2DCF39F601B" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/06f27e6d7bf0abf54488259ef36bbf0e1fccb35c", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/1560d1f6eb6b398bddd80c16676776c0325fe5fe", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/470d347b14b0ecffa9b39cf8f644fa2351db3efb", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/06f27e6d7bf0abf54488259ef36bbf0e1fccb35c", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/1560d1f6eb6b398bddd80c16676776c0325fe5fe", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/470d347b14b0ecffa9b39cf8f644fa2351db3efb", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-36xx/CVE-2024-3650.json b/CVE-2024/CVE-2024-36xx/CVE-2024-3650.json index 5f9f42fc2ee..2df3f0a84ab 100644 --- a/CVE-2024/CVE-2024-36xx/CVE-2024-3650.json +++ b/CVE-2024/CVE-2024-36xx/CVE-2024-3650.json @@ -2,8 +2,8 @@ "id": "CVE-2024-3650", "sourceIdentifier": "security@wordfence.com", "published": "2024-05-02T17:15:28.750", - "lastModified": "2024-11-21T09:30:05.030", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-01-16T15:04:37.470", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,25 +36,88 @@ }, "exploitabilityScore": 3.1, "impactScore": 2.7 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wpmet:elements_kit_elementor_addons:*:*:*:*:*:wordpress:*:*", + "versionStartIncluding": "3.0.7", + "versionEndExcluding": "3.1.3", + "matchCriteriaId": "C5ECEA87-AA7B-4456-818B-42E9D04F41DE" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/changeset/3078160/elementskit-lite", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/93dcbab7-fdf5-4631-8605-77f8f190512d?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/3078160/elementskit-lite", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/93dcbab7-fdf5-4631-8605-77f8f190512d?source=cve", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-36xx/CVE-2024-3667.json b/CVE-2024/CVE-2024-36xx/CVE-2024-3667.json index e4fb9933ac4..b11d9a5a14a 100644 --- a/CVE-2024/CVE-2024-36xx/CVE-2024-3667.json +++ b/CVE-2024/CVE-2024-36xx/CVE-2024-3667.json @@ -2,7 +2,7 @@ "id": "CVE-2024-3667", "sourceIdentifier": "security@wordfence.com", "published": "2024-06-05T06:15:11.590", - "lastModified": "2024-11-21T09:30:08.427", + "lastModified": "2025-01-16T15:08:00.773", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -80,9 +80,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:brizy:brizy-page_builder:*:*:*:*:*:wordpress:*:*", + "criteria": "cpe:2.3:a:brizy:brizy:*:*:*:*:*:wordpress:*:*", "versionEndExcluding": "2.4.44", - "matchCriteriaId": "0E89EC06-A340-4DE2-B625-4AC05E3C42F6" + "matchCriteriaId": "3DFE61FF-9127-418B-A828-F51B7273CFEF" } ] } diff --git a/CVE-2024/CVE-2024-37xx/CVE-2024-3711.json b/CVE-2024/CVE-2024-37xx/CVE-2024-3711.json index 0a9635e1ed1..ac08839d774 100644 --- a/CVE-2024/CVE-2024-37xx/CVE-2024-3711.json +++ b/CVE-2024/CVE-2024-37xx/CVE-2024-3711.json @@ -2,8 +2,8 @@ "id": "CVE-2024-3711", "sourceIdentifier": "security@wordfence.com", "published": "2024-05-23T06:15:10.630", - "lastModified": "2024-11-21T09:30:13.527", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-01-16T15:27:04.483", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -39,30 +39,78 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:brizy:brizy:*:*:*:*:free:wordpress:*:*", + "versionEndExcluding": "2.4.44", + "matchCriteriaId": "C4048190-6158-4366-9192-31A16EDD2A64" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/brizy/trunk/admin/main.php", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3086506%40brizy%2Ftrunk&old=3058896%40brizy%2Ftrunk&sfp_email=&sfph_mail=", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7092ce4a-bad9-4426-b94e-d9d688344272?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://plugins.trac.wordpress.org/browser/brizy/trunk/admin/main.php", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Product" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3086506%40brizy%2Ftrunk&old=3058896%40brizy%2Ftrunk&sfp_email=&sfph_mail=", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Product" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7092ce4a-bad9-4426-b94e-d9d688344272?source=cve", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-441xx/CVE-2024-44136.json b/CVE-2024/CVE-2024-441xx/CVE-2024-44136.json index de087c1fa5e..09a2820e432 100644 --- a/CVE-2024/CVE-2024-441xx/CVE-2024-44136.json +++ b/CVE-2024/CVE-2024-441xx/CVE-2024-44136.json @@ -2,16 +2,43 @@ "id": "CVE-2024-44136", "sourceIdentifier": "product-security@apple.com", "published": "2025-01-15T20:15:27.923", - "lastModified": "2025-01-15T20:15:27.923", + "lastModified": "2025-01-16T15:15:13.300", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "This issue was addressed through improved state management. This issue is fixed in iOS 17.5 and iPadOS 17.5. An attacker with physical access to a device may be able to disable Stolen Device Protection." + }, + { + "lang": "es", + "value": " Este problema se solucion\u00f3 mediante una mejor gesti\u00f3n de estados. Este problema se solucion\u00f3 en iOS 17.5 y iPadOS 17.5. Un atacante con acceso f\u00edsico a un dispositivo podr\u00eda desactivar la protecci\u00f3n contra dispositivos robados." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", + "baseScore": 9.1, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.2 + } + ] + }, "references": [ { "url": "https://support.apple.com/en-us/120905", diff --git a/CVE-2024/CVE-2024-509xx/CVE-2024-50953.json b/CVE-2024/CVE-2024-509xx/CVE-2024-50953.json index 5346ef2f14e..e26efecd7cc 100644 --- a/CVE-2024/CVE-2024-509xx/CVE-2024-50953.json +++ b/CVE-2024/CVE-2024-509xx/CVE-2024-50953.json @@ -2,16 +2,55 @@ "id": "CVE-2024-50953", "sourceIdentifier": "cve@mitre.org", "published": "2025-01-15T17:15:16.413", - "lastModified": "2025-01-15T17:15:16.413", + "lastModified": "2025-01-16T16:15:31.227", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in XINJE XL5E-16T V3.7.2a allows attackers to cause a Denial of Service (DoS) via a crafted Modbus message." + }, + { + "lang": "es", + "value": "Un problema en XINJE XL5E-16T V3.7.2a permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) a trav\u00e9s de un mensaje Modbus manipulado." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/Curator-Kim/Vulnerability-mining/blob/master/XINJE%20XL5E-16T%20Modbus/XINJE%20XL5E-16T%20Modbus%20DoS.md", diff --git a/CVE-2024/CVE-2024-531xx/CVE-2024-53166.json b/CVE-2024/CVE-2024-531xx/CVE-2024-53166.json index a0e588b0bd7..0d31ac52408 100644 --- a/CVE-2024/CVE-2024-531xx/CVE-2024-53166.json +++ b/CVE-2024/CVE-2024-531xx/CVE-2024-53166.json @@ -2,8 +2,8 @@ "id": "CVE-2024-53166", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-12-27T14:15:23.703", - "lastModified": "2024-12-27T14:15:23.703", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-01-16T16:44:19.953", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,23 +15,103 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: block, bfq: reparar bfqq uaf en bfq_limit_depth() Establecer un nuevo bfqq asignado a bic o eliminar un bfqq liberado de bic est\u00e1n ambos protegidos por bfqd->lock, sin embargo bfq_limit_depth() est\u00e1 diferenciando bfqq de bic sin el bloqueo, esto puede llevar a UAF si el io_context es compartido por m\u00faltiples tareas. Por ejemplo, la prueba bfq con io_uring puede activar el siguiente UAF en v6.6: ====================================================================== ERROR: KASAN: slab-use-after-free en bfqq_group+0x15/0x50 Seguimiento de llamadas: dump_stack_lvl+0x47/0x80 print_address_description.constprop.0+0x66/0x300 print_report+0x3e/0x70 kasan_report+0xb4/0xf0 bfqq_group+0x15/0x50 bfqq_request_over_limit+0x130/0x9a0 bfq_limit_depth+0x1b5/0x480 __blk_mq_alloc_requests+0x2b5/0xa00 blk_mq_get_new_requests+0x11d/0x1d0 blk_mq_submit_bio+0x286/0xb00 send_bio_noacct_nocheck+0x331/0x400 __block_write_full_folio+0x3d0/0x640 writepage_cb+0x3b/0xc0 write_cache_pages+0x254/0x6c0 write_cache_pages+0x254/0x6c0 do_writepages+0x192/0x310 filemap_fdatawrite_wbc+0x95/0xc0 __filemap_fdatawrite_range+0x99/0xd0 Asignado por la tarea 808602: kasan_save_stack+0x1e/0x40 kasan_set_track+0x21/0x30 __kasan_slab_alloc+0x83/0x90 kmem_cache_alloc_node+0x1b1/0x6d0 bfq_get_queue+0x138/0xfa0 bfq_get_bfqq_handle_split+0xe3/0x2c0 bfq_init_rq+0x196/0xbb0 bfq_insert_request.isra.0+0xb5/0x480 bfq_insert_requests+0x156/0x180 blk_mq_insert_request+0x15d/0x440 blk_mq_submit_bio+0x8a4/0xb00 send_bio_noacct_nocheck+0x331/0x400 __blkdev_direct_IO_async+0x2dd/0x330 blkdev_write_iter+0x39a/0x450 io_write+0x22a/0x840 io_issue_sqe+0x87/0x300 io_wq_submit_work+0xeb/0x390 io_worker_handle_work+0x24d/0x550 io_wq_worker+0x27f/0x6c0 ret_from_fork+0x2d/0x50 ret_from_fork_asm+0x1b/0x30 Liberado por la tarea 808589: kasan_save_stack+0x1e/0x40 kasan_set_track+0x21/0x30 kasan_save_free_info+0x27/0x40 __kasan_slab_free+0x126/0x1b0 kmem_cache_free+0x10c/0x750 bfq_put_queue+0x2dd/0x770 __bfq_insert_request.isra.0+0x155/0x7a0 bfq_insert_request.isra.0+0x122/0x480 bfq_insert_requests+0x156/0x180 blk_mq_dispatch_plug_list+0x528/0x7e0 blk_mq_flush_plug_list.part.0+0xe5/0x590 __blk_flush_plug+0x3b/0x90 blk_finish_plug+0x40/0x60 do_writepages+0x19d/0x310 filemap_fdatawrite_wbc+0x95/0xc0 Solucione el problema protegiendo bic_to_bfqq() con bfqd->lock." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.17", + "versionEndExcluding": "6.6.64", + "matchCriteriaId": "B2BD0622-6C80-4736-83B4-451E62DA8EB0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.11.11", + "matchCriteriaId": "21434379-192D-472F-9B54-D45E3650E893" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.12", + "versionEndExcluding": "6.12.2", + "matchCriteriaId": "D8882B1B-2ABC-4838-AC1D-DBDBB5764776" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/01a853faaeaf3379ccf358ade582b1d28752126e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/906cdbdd3b018ff69cc830173bce277a847d4fdc", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/dcaa738afde55085ac6056252e319479cf23cde2", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e8b8344de3980709080d86c157d24e7de07d70ad", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-531xx/CVE-2024-53170.json b/CVE-2024/CVE-2024-531xx/CVE-2024-53170.json index 510bb5d03e6..28cb5319b15 100644 --- a/CVE-2024/CVE-2024-531xx/CVE-2024-53170.json +++ b/CVE-2024/CVE-2024-531xx/CVE-2024-53170.json @@ -2,8 +2,8 @@ "id": "CVE-2024-53170", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-12-27T14:15:24.183", - "lastModified": "2024-12-27T14:15:24.183", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-01-16T16:44:43.607", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,19 +15,89 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: bloque: corregir uaf para flush rq mientras se itera etiquetas blk_mq_clear_flush_rq_mapping() no se llama durante la sonda scsi, al verificar blk_queue_init_done(). Sin embargo, QUEUE_FLAG_INIT_DONE se borra en del_gendisk por el commit aec89dc5d421 (\"bloque: mantener q_usage_counter en modo at\u00f3mico despu\u00e9s de del_gendisk\"), por lo tanto, para discos como scsi, seguir blk_mq_destroy_queue() tampoco borrar\u00e1 el flush rq de tags->rqs[], debido al siguiente uaf que nuestro syzkaller encuentra para v6.6: ===================================================================== ERROR: KASAN: slab-use-after-free en blk_mq_find_and_get_req+0x16e/0x1a0 block/blk-mq-tag.c:261 Lectura de tama\u00f1o 4 en la direcci\u00f3n ffff88811c969c20 por la tarea kworker/1:2H/224909 CPU: 1 PID: 224909 Comm: kworker/1:2H No contaminado 6.6.0-ga836a5060850 #32 Cola de trabajo: kblockd blk_mq_timeout_work Seguimiento de llamadas: __dump_stack lib/dump_stack.c:88 [en l\u00ednea] dump_stack_lvl+0x91/0xf0 lib/dump_stack.c:106 print_address_description.constprop.0+0x66/0x300 mm/kasan/report.c:364 print_report+0x3e/0x70 mm/kasan/report.c:475 kasan_report+0xb8/0xf0 mm/kasan/report.c:588 blk_mq_find_and_get_req+0x16e/0x1a0 bloque/blk-mq-tag.c:261 bt_iter bloque/blk-mq-tag.c:288 [en l\u00ednea] __sbitmap_for_each_set include/linux/sbitmap.h:295 [en l\u00ednea] sbitmap_for_each_set include/linux/sbitmap.h:316 [en l\u00ednea] bt_for_each+0x455/0x790 bloque/blk-mq-tag.c:325 blk_mq_queue_tag_busy_iter+0x320/0x740 bloque/blk-mq-tag.c:534 blk_mq_timeout_work+0x1a3/0x7b0 bloque/blk-mq.c:1673 proceso_uno_trabajo+0x7c4/0x1450 kernel/workqueue.c:2631 proceso_trabajos_programados kernel/workqueue.c:2704 [en l\u00ednea] subproceso_trabajador+0x804/0xe40 kernel/workqueue.c:2785 subproceso_k+0x346/0x450 kernel/kthread.c:388 ret_de_bifurcaci\u00f3n+0x4d/0x80 arch/x86/kernel/process.c:147 ret_de_bifurcaci\u00f3n_asm+0x1b/0x30 arch/x86/entry/entry_64.S:293 Asignado por la tarea 942: pila_guardada_kasan+0x22/0x50 mm/kasan/common.c:45 kasan_set_track+0x25/0x30 mm/kasan/common.c:52 ____kasan_kmalloc mm/kasan/common.c:374 [en l\u00ednea] __kasan_kmalloc mm/kasan/common.c:383 [en l\u00ednea] __kasan_kmalloc+0xaa/0xb0 mm/kasan/common.c:380 kasan_kmalloc include/linux/kasan.h:198 [en l\u00ednea] __do_kmalloc_node mm/slab_common.c:1007 [en l\u00ednea] __kmalloc_node+0x69/0x170 mm/slab_common.c:1014 kmalloc_node include/linux/slab.h:620 [en l\u00ednea] kzalloc_node include/linux/slab.h:732 [en l\u00ednea] blk_alloc_flush_queue+0x144/0x2f0 bloque/blk-flush.c:499 blk_mq_alloc_hctx+0x601/0x940 bloque/blk-mq.c:3788 blk_mq_alloc_and_init_hctx+0x27f/0x330 bloque/blk-mq.c:4261 blk_mq_realloc_hw_ctxs+0x488/0x5e0 bloque/blk-mq.c:4294 blk_mq_init_allocated_queue+0x188/0x860 bloque/blk-mq.c:4350 blk_mq_init_queue_data bloque/blk-mq.c:4166 [en l\u00ednea] blk_mq_init_queue+0x8d/0x100 block/blk-mq.c:4176 scsi_alloc_sdev+0x843/0xd50 drivers/scsi/scsi_scan.c:335 scsi_probe_and_add_lun+0x77c/0xde0 drivers/scsi/scsi_scan.c:1189 __scsi_scan_target+0x1fc/0x5a0 drivers/scsi/scsi_scan.c:1727 scsi_scan_channel drivers/scsi/scsi_scan.c:1815 [en l\u00ednea] scsi_scan_channel+0x14b/0x1e0 drivers/scsi/scsi_scan.c:1791 scsi_scan_host_selected+0x2fe/0x400 drivers/scsi/scsi_scan.c:1844 scsi_scan+0x3a0/0x3f0 drivers/scsi/scsi_sysfs.c:151 store_scan+0x2a/0x60 drivers/scsi/scsi_sysfs.c:191 dev_attr_store+0x5c/0x90 drivers/base/core.c:2388 sysfs_kf_write+0x11c/0x170 fs/sysfs/file.c:136 kernfs_fop_write_iter+0x3fc/0x610 fs/kernfs/file.c:338 call_write_iter include/linux/fs.h:2083 [en l\u00ednea] new_sync_write+0x1b4/0x2d0 fs/read_write.c:493 vfs_write+0x76c/0xb00 fs/read_write.c:586 ksys_write+0x127/0x250 fs/read_write.c:639 do_syscall_x64 arch/x86/entry/common.c:51 [en l\u00ednea] do_syscall_64+0x70/0x120 arch/x86/entry/common.c:81 entry_SYSCALL_64_after_hwframe+0x78/0xe2 Liberado por la tarea 244687: kasan_save_stack+0x22/0x50 mm/kasan/common.c:45 kasan_set_track+0x25/0x30 mm/kasan/common.c:52 kasan_save_free_info+0x2b/0x50 mm/kasan/generic.c:522 ____kasan_slab_free mm/kasan/common.c:236 --truncado---" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.19", + "versionEndExcluding": "6.11.11", + "matchCriteriaId": "A482F6D5-4DB0-4611-AF23-1D568CE9F2BF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.12", + "versionEndExcluding": "6.12.2", + "matchCriteriaId": "D8882B1B-2ABC-4838-AC1D-DBDBB5764776" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/3802f73bd80766d70f319658f334754164075bc3", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/61092568f2a9acb0e6e186f03f2e0649a4e86d09", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a0e93b9fefafe97d596f9c98701ae6c3b04b3ff6", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-531xx/CVE-2024-53180.json b/CVE-2024/CVE-2024-531xx/CVE-2024-53180.json index 1ca003231c6..7cd0f69ea15 100644 --- a/CVE-2024/CVE-2024-531xx/CVE-2024-53180.json +++ b/CVE-2024/CVE-2024-531xx/CVE-2024-53180.json @@ -2,8 +2,8 @@ "id": "CVE-2024-53180", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-12-27T14:15:25.410", - "lastModified": "2024-12-27T14:15:25.410", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-01-16T16:44:59.437", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,31 +15,130 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ALSA: pcm: Agregar comprobaci\u00f3n NULL de cordura para el controlador de errores mmap predeterminado Un controlador podr\u00eda permitir el acceso a mmap antes de inicializar su runtime->dma_area correctamente. Agregue una comprobaci\u00f3n NULL adecuada antes de pasar a virt_to_page() para evitar un p\u00e1nico." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.15.174", + "matchCriteriaId": "1FA41FB1-CC1C-4968-A0A0-29828E3B1AFC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.120", + "matchCriteriaId": "09AC6122-E2A4-40FE-9D33-268A1B2EC265" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.64", + "matchCriteriaId": "CA16DEE3-ABEC-4449-9F4A-7A3DC4FC36C7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.11.11", + "matchCriteriaId": "21434379-192D-472F-9B54-D45E3650E893" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.12", + "versionEndExcluding": "6.12.2", + "matchCriteriaId": "D8882B1B-2ABC-4838-AC1D-DBDBB5764776" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/0c4c9bf5eab7bee6b606f2abb0993e933b5831a0", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/832efbb74b1578e3737d593a204d42af8bd1b81b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8799f4332a9fd812eadfbc32fc5104d6292f754f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/bc200027ee92fba84f1826494735ed675f3aa911", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d2913a07d9037fe7aed4b7e680684163eaed6bc4", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f0ce9e24eff1678c16276f9717f26a78202506a2", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-531xx/CVE-2024-53187.json b/CVE-2024/CVE-2024-531xx/CVE-2024-53187.json index 41849682bac..c29093eb4c5 100644 --- a/CVE-2024/CVE-2024-531xx/CVE-2024-53187.json +++ b/CVE-2024/CVE-2024-531xx/CVE-2024-53187.json @@ -2,8 +2,8 @@ "id": "CVE-2024-53187", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-12-27T14:15:26.190", - "lastModified": "2024-12-27T14:15:26.190", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-01-16T16:45:18.850", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,19 +15,88 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: io_uring: comprobar si hay desbordamientos en io_pin_pages ADVERTENCIA: CPU: 0 PID: 5834 en io_uring/memmap.c:144 io_pin_pages+0x149/0x180 io_uring/memmap.c:144 CPU: 0 UID: 0 PID: 5834 Comm: syz-executor825 No contaminado 6.12.0-next-20241118-syzkaller #0 Seguimiento de llamadas: __io_uaddr_map+0xfb/0x2d0 io_uring/memmap.c:183 io_rings_map io_uring/io_uring.c:2611 [en l\u00ednea] El par\u00e1metro uaddr de io_pin_pages() proviene directamente del usuario y puede ser basura. No le agregue tama\u00f1o, ya que puede desbordarse." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-190" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.11.11", + "matchCriteriaId": "C459439C-3A00-492D-B0D6-E6DAF2A9B255" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.12", + "versionEndExcluding": "6.12.2", + "matchCriteriaId": "D8882B1B-2ABC-4838-AC1D-DBDBB5764776" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/0c0a4eae26ac78379d0c1db053de168a8febc6c9", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/29eac3eca72d4c2a71122050c37cd7d8f73ac4f3", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/aaa90844afd499c9142d0199dfda74439314c013", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-532xx/CVE-2024-53203.json b/CVE-2024/CVE-2024-532xx/CVE-2024-53203.json index efb7061771a..76f6f8d2803 100644 --- a/CVE-2024/CVE-2024-532xx/CVE-2024-53203.json +++ b/CVE-2024/CVE-2024-532xx/CVE-2024-53203.json @@ -2,8 +2,8 @@ "id": "CVE-2024-53203", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-12-27T14:15:28.083", - "lastModified": "2024-12-27T14:15:28.083", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-01-16T16:46:16.927", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,19 +15,89 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: usb: typec: se corrige un posible desbordamiento de matriz en ucsi_ccg_sync_control(). El usuario puede controlar la variable \"command\" a trav\u00e9s de debugfs. La preocupaci\u00f3n es que si con_index es cero, entonces \"&uc->ucsi->connector[con_index - 1]\" ser\u00eda un desbordamiento de matriz." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-129" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.6", + "versionEndExcluding": "6.11.11", + "matchCriteriaId": "F6E5BC9C-2956-4725-8827-6A983AE003AB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.12", + "versionEndExcluding": "6.12.2", + "matchCriteriaId": "D8882B1B-2ABC-4838-AC1D-DBDBB5764776" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/56971710cd541f2f05160a84b3183477d34a1be9", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e56aac6e5a25630645607b6856d4b2a17b2311a5", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ef92cd55289a282910575c5b9d87f646f2d39b38", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-532xx/CVE-2024-53208.json b/CVE-2024/CVE-2024-532xx/CVE-2024-53208.json index ca3071f443b..0329667acb2 100644 --- a/CVE-2024/CVE-2024-532xx/CVE-2024-53208.json +++ b/CVE-2024/CVE-2024-532xx/CVE-2024-53208.json @@ -2,8 +2,8 @@ "id": "CVE-2024-53208", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-12-27T14:15:28.677", - "lastModified": "2024-12-27T14:15:28.677", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-01-16T16:46:38.657", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,27 +15,117 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: Bluetooth: MGMT: Corregir lectura slab-use-after-free en set_powered_sync Esto corrige el siguiente fallo: ====================================================================== ERROR: KASAN: slab-use-after-free en set_powered_sync+0x3a/0xc0 net/bluetooth/mgmt.c:1353 Lectura de tama\u00f1o 8 en la direcci\u00f3n ffff888029b4dd18 por la tarea kworker/u9:0/54 CPU: 1 UID: 0 PID: 54 Comm: kworker/u9:0 No contaminado 6.11.0-rc6-syzkaller-01155-gf723224742fc #0 Nombre del hardware: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 Cola de trabajo: hci0 hci_cmd_sync_work Seguimiento de llamadas: __dump_stack lib/dump_stack.c:93 [en l\u00ednea] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:119 print_address_description mm/kasan/report.c:377 [en l\u00ednea] print_report+0x169/0x550 mm/kasan/report.c:488 q kasan_report+0x143/0x180 mm/kasan/report.c:601 set_powered_sync+0x3a/0xc0 net/bluetooth/mgmt.c:1353 hci_cmd_sync_work+0x22b/0x400 net/bluetooth/hci_sync.c:328 process_one_work kernel/workqueue.c:3231 [en l\u00ednea] process_scheduled_works+0xa2c/0x1830 kernel/workqueue.c:3312 worker_thread+0x86d/0xd10 kernel/workqueue.c:3389 kthread+0x2f0/0x390 kernel/kthread.c:389 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 Asignado por tarea 5247: pila de guardado de kasan mm/kasan/common.c:47 [en l\u00ednea] pista de guardado de kasan+0x3f/0x80 mm/kasan/common.c:68 zona roja de poison_kmalloc mm/kasan/common.c:370 [en l\u00ednea] __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:387 kasan_kmalloc incluir/linux/kasan.h:211 [en l\u00ednea] __kmalloc_cache_noprof+0x19c/0x2c0 mm/slub.c:4193 kmalloc_noprof incluir/linux/slab.h:681 [en l\u00ednea] kzalloc_noprof incluir/linux/slab.h:807 [en l\u00ednea] mgmt_pending_new+0x65/0x250 net/bluetooth/mgmt_util.c:269 mgmt_pending_add+0x36/0x120 net/bluetooth/mgmt_util.c:296 set_powered+0x3cd/0x5e0 net/bluetooth/mgmt.c:1394 hci_mgmt_cmd+0xc47/0x11d0 net/bluetooth/hci_sock.c:1712 hci_sock_sendmsg+0x7b8/0x11c0 net/bluetooth/hci_sock.c:1832 sock_sendmsg_nosec net/socket.c:730 [en l\u00ednea] __sock_sendmsg+0x221/0x270 net/socket.c:745 sock_write_iter+0x2dd/0x400 net/socket.c:1160 new_sync_write fs/read_write.c:497 [en l\u00ednea] vfs_write+0xa72/0xc90 fs/read_write.c:590 ksys_write+0x1a0/0x2c0 fs/read_write.c:643 do_syscall_x64 arch/x86/entry/common.c:52 [en l\u00ednea] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f Liberado por la tarea 5246: kasan_save_stack mm/kasan/common.c:47 [en l\u00ednea] kasan_save_track+0x3f/0x80 mm/kasan/common.c:68 kasan_save_free_info+0x40/0x50 mm/kasan/generic.c:579 poison_slab_object+0xe0/0x150 mm/kasan/common.c:240 __kasan_slab_free+0x37/0x60 mm/kasan/common.c:256 kasan_slab_free include/linux/kasan.h:184 [en l\u00ednea] slab_free_hook mm/slub.c:2256 [en l\u00ednea] slab_free mm/slub.c:4477 [en l\u00ednea] kfree+0x149/0x360 mm/slub.c:4598 settings_rsp+0x2bc/0x390 net/bluetooth/mgmt.c:1443 mgmt_pending_foreach+0xd1/0x130 net/bluetooth/mgmt_util.c:259 __mgmt_power_off+0x112/0x420 net/bluetooth/mgmt.c:9455 hci_dev_close_sync+0x665/0x11a0 net/bluetooth/hci_sync.c:5191 hci_dev_do_close net/bluetooth/hci_core.c:483 [en l\u00ednea] hci_dev_close+0x112/0x210 net/bluetooth/hci_core.c:508 sock_do_ioctl+0x158/0x460 net/socket.c:1222 sock_ioctl+0x629/0x8e0 net/socket.c:1341 vfs_ioctl fs/ioctl.c:51 [en l\u00ednea] __do_sys_ioctl fs/ioctl.c:907 [en l\u00ednea] __se_sys_ioctl+0xfc/0x170 fs/ioctl.c:893 do_syscall_x64 arch/x86/entry/common.c:52 [en l\u00ednea] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83gv entry_SYSCALL_64_after_hwframe+0x77/0x7f" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.17", + "versionEndExcluding": "6.1.120", + "matchCriteriaId": "DFA9B856-F80A-4A22-BC26-5EB65D554687" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.64", + "matchCriteriaId": "CA16DEE3-ABEC-4449-9F4A-7A3DC4FC36C7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.11.11", + "matchCriteriaId": "21434379-192D-472F-9B54-D45E3650E893" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.12", + "versionEndExcluding": "6.12.2", + "matchCriteriaId": "D8882B1B-2ABC-4838-AC1D-DBDBB5764776" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/0b882940665ca2849386ee459d4331aa2f8c4e7d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/6b75f32bce90c085c89c45761373d940fdcff68c", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/87819234aa1d2a0cb0f962fabb335e798f5ec8b2", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/95f7a972194ad20696c36523b54c19a3567e0697", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/cdfc818ffdfeb8266351ed59b6d884056009a095", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-532xx/CVE-2024-53228.json b/CVE-2024/CVE-2024-532xx/CVE-2024-53228.json index 1b5fa6b242e..44f1d2bade8 100644 --- a/CVE-2024/CVE-2024-532xx/CVE-2024-53228.json +++ b/CVE-2024/CVE-2024-532xx/CVE-2024-53228.json @@ -2,8 +2,8 @@ "id": "CVE-2024-53228", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-12-27T14:15:31.057", - "lastModified": "2024-12-27T14:15:31.057", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-01-16T16:46:54.313", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,19 +15,89 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: riscv: kvm: Fix out-of-bounds array access En kvm_riscv_vcpu_sbi_init(), entry->ext_idx puede contener un \u00edndice fuera de los l\u00edmites. Esto se utiliza como un marcador especial para las extensiones base, que no se pueden deshabilitar. Sin embargo, al recorrer las extensiones, ese marcador especial no se verifica antes de indexar la matriz. Agregue una verificaci\u00f3n fuera de los l\u00edmites a la funci\u00f3n." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-129" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.11.11", + "matchCriteriaId": "21434379-192D-472F-9B54-D45E3650E893" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.12", + "versionEndExcluding": "6.12.2", + "matchCriteriaId": "D8882B1B-2ABC-4838-AC1D-DBDBB5764776" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/332fa4a802b16ccb727199da685294f85f9880cb", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/3c49e1084a5df99807fc43dd318c491e6cbaa168", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b1af648f0d610665c956ea4604d9f797e5c7e991", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-536xx/CVE-2024-53689.json b/CVE-2024/CVE-2024-536xx/CVE-2024-53689.json index fd8ffbbac37..5cf008d28c9 100644 --- a/CVE-2024/CVE-2024-536xx/CVE-2024-53689.json +++ b/CVE-2024/CVE-2024-536xx/CVE-2024-53689.json @@ -2,24 +2,98 @@ "id": "CVE-2024-53689", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2025-01-11T13:15:26.313", - "lastModified": "2025-01-11T13:15:26.313", - "vulnStatus": "Received", + "lastModified": "2025-01-16T16:21:09.993", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: Fix potential deadlock while freezing queue and acquiring sysfs_lock\n\nFor storing a value to a queue attribute, the queue_attr_store function\nfirst freezes the queue (->q_usage_counter(io)) and then acquire\n->sysfs_lock. This seems not correct as the usual ordering should be to\nacquire ->sysfs_lock before freezing the queue. This incorrect ordering\ncauses the following lockdep splat which we are able to reproduce always\nsimply by accessing /sys/kernel/debug file using ls command:\n\n[ 57.597146] WARNING: possible circular locking dependency detected\n[ 57.597154] 6.12.0-10553-gb86545e02e8c #20 Tainted: G W\n[ 57.597162] ------------------------------------------------------\n[ 57.597168] ls/4605 is trying to acquire lock:\n[ 57.597176] c00000003eb56710 (&mm->mmap_lock){++++}-{4:4}, at: __might_fault+0x58/0xc0\n[ 57.597200]\n but task is already holding lock:\n[ 57.597207] c0000018e27c6810 (&sb->s_type->i_mutex_key#3){++++}-{4:4}, at: iterate_dir+0x94/0x1d4\n[ 57.597226]\n which lock already depends on the new lock.\n\n[ 57.597233]\n the existing dependency chain (in reverse order) is:\n[ 57.597241]\n -> #5 (&sb->s_type->i_mutex_key#3){++++}-{4:4}:\n[ 57.597255] down_write+0x6c/0x18c\n[ 57.597264] start_creating+0xb4/0x24c\n[ 57.597274] debugfs_create_dir+0x2c/0x1e8\n[ 57.597283] blk_register_queue+0xec/0x294\n[ 57.597292] add_disk_fwnode+0x2e4/0x548\n[ 57.597302] brd_alloc+0x2c8/0x338\n[ 57.597309] brd_init+0x100/0x178\n[ 57.597317] do_one_initcall+0x88/0x3e4\n[ 57.597326] kernel_init_freeable+0x3cc/0x6e0\n[ 57.597334] kernel_init+0x34/0x1cc\n[ 57.597342] ret_from_kernel_user_thread+0x14/0x1c\n[ 57.597350]\n -> #4 (&q->debugfs_mutex){+.+.}-{4:4}:\n[ 57.597362] __mutex_lock+0xfc/0x12a0\n[ 57.597370] blk_register_queue+0xd4/0x294\n[ 57.597379] add_disk_fwnode+0x2e4/0x548\n[ 57.597388] brd_alloc+0x2c8/0x338\n[ 57.597395] brd_init+0x100/0x178\n[ 57.597402] do_one_initcall+0x88/0x3e4\n[ 57.597410] kernel_init_freeable+0x3cc/0x6e0\n[ 57.597418] kernel_init+0x34/0x1cc\n[ 57.597426] ret_from_kernel_user_thread+0x14/0x1c\n[ 57.597434]\n -> #3 (&q->sysfs_lock){+.+.}-{4:4}:\n[ 57.597446] __mutex_lock+0xfc/0x12a0\n[ 57.597454] queue_attr_store+0x9c/0x110\n[ 57.597462] sysfs_kf_write+0x70/0xb0\n[ 57.597471] kernfs_fop_write_iter+0x1b0/0x2ac\n[ 57.597480] vfs_write+0x3dc/0x6e8\n[ 57.597488] ksys_write+0x84/0x140\n[ 57.597495] system_call_exception+0x130/0x360\n[ 57.597504] system_call_common+0x160/0x2c4\n[ 57.597516]\n -> #2 (&q->q_usage_counter(io)#21){++++}-{0:0}:\n[ 57.597530] __submit_bio+0x5ec/0x828\n[ 57.597538] submit_bio_noacct_nocheck+0x1e4/0x4f0\n[ 57.597547] iomap_readahead+0x2a0/0x448\n[ 57.597556] xfs_vm_readahead+0x28/0x3c\n[ 57.597564] read_pages+0x88/0x41c\n[ 57.597571] page_cache_ra_unbounded+0x1ac/0x2d8\n[ 57.597580] filemap_get_pages+0x188/0x984\n[ 57.597588] filemap_read+0x13c/0x4bc\n[ 57.597596] xfs_file_buffered_read+0x88/0x17c\n[ 57.597605] xfs_file_read_iter+0xac/0x158\n[ 57.597614] vfs_read+0x2d4/0x3b4\n[ 57.597622] ksys_read+0x84/0x144\n[ 57.597629] system_call_exception+0x130/0x360\n[ 57.597637] system_call_common+0x160/0x2c4\n[ 57.597647]\n -> #1 (mapping.invalidate_lock#2){++++}-{4:4}:\n[ 57.597661] down_read+0x6c/0x220\n[ 57.597669] filemap_fault+0x870/0x100c\n[ 57.597677] xfs_filemap_fault+0xc4/0x18c\n[ 57.597684] __do_fault+0x64/0x164\n[ 57.597693] __handle_mm_fault+0x1274/0x1dac\n[ 57.597702] handle_mm_fault+0x248/0x48\n---truncated---" + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: block: Fix potential deadlock while frozen queue and acquires sysfs_lock Para almacenar un valor en un atributo de cola, la funci\u00f3n queue_attr_store primero congela la cola (->q_usage_counter(io)) y luego adquiere ->sysfs_lock. Esto no parece correcto ya que el orden habitual deber\u00eda ser adquirir ->sysfs_lock antes de congelar la cola. Este orden incorrecto provoca el siguiente splat lockdep que siempre podemos reproducir simplemente accediendo al archivo /sys/kernel/debug usando el comando ls: [ 57.597146] ADVERTENCIA: posible dependencia de bloqueo circular detectada [ 57.597154] 6.12.0-10553-gb86545e02e8c #20 Tainted: GW [ 57.597162] ------------------------------------------------------ [ 57.597168] ls/4605 est\u00e1 intentando adquirir el bloqueo: [ 57.597176] c00000003eb56710 (&mm->mmap_lock){++++}-{4:4}, at: __might_fault+0x58/0xc0 [ 57.597200] pero la tarea ya tiene el bloqueo: [ 57.597207] c0000018e27c6810 (&sb->s_type->i_mutex_key#3){++++}-{4:4}, en: iterate_dir+0x94/0x1d4 [ 57.597226] cuyo bloqueo ya depende del nuevo bloqueo. [ 57.597233] la cadena de dependencia existente (en orden inverso) es: [ 57.597241] -> #5 (&sb->s_type->i_mutex_key#3){++++}-{4:4}: [ 57.597255] down_write+0x6c/0x18c [ 57.597264] start_creating+0xb4/0x24c [ 57.597274] debugfs_create_dir+0x2c/0x1e8 [ 57.597283] blk_register_queue+0xec/0x294 [ 57.597292] add_disk_fwnode+0x2e4/0x548 [ 57.597302] brd_alloc+0x2c8/0x338 [ 57.597309] brd_init+0x100/0x178 [ 57.597317] hacer_una_initcall+0x88/0x3e4 [ 57.597326] kernel_init_freeable+0x3cc/0x6e0 [ 57.597334] kernel_init+0x34/0x1cc [ 57.597342] retirar_del_subproceso_usuario_kernel+0x14/0x1c [ 57.597350] -> #4 (&q->debugfs_mutex){+.+.}-{4:4}: [ 57.597362] __mutex_lock+0xfc/0x12a0 [ 57.597370] blk_register_queue+0xd4/0x294 [ 57.597379] add_disk_fwnode+0x2e4/0x548 [ 57.597388] brd_alloc+0x2c8/0x338 [ 57.597395] brd_init+0x100/0x178 [ 57.597402] hacer_una_llamada_inicio+0x88/0x3e4 [ 57.597410] kernel_init_freeable+0x3cc/0x6e0 [ 57.597418] kernel_init+0x34/0x1cc [ 57.597426] ret_desde_hilo_usuario_kernel+0x14/0x1c [ 57.597434] -> #3 (&q->sysfs_lock){+.+.}-{4:4}: [ 57.597446] __mutex_lock+0xfc/0x12a0 [ 57.597454] queue_attr_store+0x9c/0x110 [ 57.597462] sysfs_kf_write+0x70/0xb0 [ 57.597471] kernfs_fop_write_iter+0x1b0/0x2ac [ 57.597480] vfs_write+0x3dc/0x6e8 [ 57.597488] ksys_write+0x84/0x140 [ 57.597495] excepci\u00f3n_de_llamada_del_sistema+0x130/0x360 [ 57.597504] llamada_del_sistema_com\u00fan+0x160/0x2c4 [ 57.597516] -> #2 (&q->q_contador_de_uso(io)#21){++++}-{0:0}: [ 57.597530] __submit_bio+0x5ec/0x828 [ 57.597538] enviar_bio_noacct_nocheck+0x1e4/0x4f0 [ 57.597547] iomap_readahead+0x2a0/0x448 [ 57.597556] xfs_vm_readahead+0x28/0x3c [ 57.597564] leer_p\u00e1ginas+0x88/0x41c [ 57.597571] page_cache_ra_unbounded+0x1ac/0x2d8 [ 57.597580] filemap_get_pages+0x188/0x984 [ 57.597588] filemap_read+0x13c/0x4bc [ 57.597596] xfs_file_buffered_read+0x88/0x17c [ 57.597605] xfs_file_read_iter+0xac/0x158 [ 57.597614] vfs_read+0x2d4/0x3b4 [ 57.597622] ksys_read+0x84/0x144 [ 57.597629] excepci\u00f3n_llamada_sistema+0x130/0x360 [ 57.597637] llamada_sistema_com\u00fan+0x160/0x2c4 [ 57.597647] -> #1 (asignaci\u00f3n.invalidar_bloqueo#2){++++}-{4:4}: [ 57.597661] lectura_abajo+0x6c/0x220 [ 57.597669] error_mapa_archivo+0x870/0x100c [ 57.597677] error_mapa_archivo_xfs+0xc4/0x18c [ 57.597684] __error_do+0x64/0x164 [ 57.597693] __error_manejar_mm+0x1274/0x1dac [ 57.597702] handle_mm_fault+0x248/0x48 ---truncado---" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-667" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.11", + "versionEndExcluding": "6.12.6", + "matchCriteriaId": "97C759FD-3999-4EA7-B961-1CADF641F560" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc1:*:*:*:*:*:*", + "matchCriteriaId": "62567B3C-6CEE-46D0-BC2E-B3717FBF7D13" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc2:*:*:*:*:*:*", + "matchCriteriaId": "5A073481-106D-4B15-B4C7-FB0213B8E1D4" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://git.kernel.org/stable/c/be26ba96421ab0a8fa2055ccf7db7832a13c44d2", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f1a494df8350da2e673618627cb392a8669825dd", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-541xx/CVE-2024-54191.json b/CVE-2024/CVE-2024-541xx/CVE-2024-54191.json index 459bc3e4eea..16c2c822891 100644 --- a/CVE-2024/CVE-2024-541xx/CVE-2024-54191.json +++ b/CVE-2024/CVE-2024-541xx/CVE-2024-54191.json @@ -2,24 +2,105 @@ "id": "CVE-2024-54191", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2025-01-11T13:15:26.667", - "lastModified": "2025-01-11T13:15:26.667", - "vulnStatus": "Received", + "lastModified": "2025-01-16T16:21:27.237", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: iso: Fix circular lock in iso_conn_big_sync\n\nThis fixes the circular locking dependency warning below, by reworking\niso_sock_recvmsg, to ensure that the socket lock is always released\nbefore calling a function that locks hdev.\n\n[ 561.670344] ======================================================\n[ 561.670346] WARNING: possible circular locking dependency detected\n[ 561.670349] 6.12.0-rc6+ #26 Not tainted\n[ 561.670351] ------------------------------------------------------\n[ 561.670353] iso-tester/3289 is trying to acquire lock:\n[ 561.670355] ffff88811f600078 (&hdev->lock){+.+.}-{3:3},\n at: iso_conn_big_sync+0x73/0x260 [bluetooth]\n[ 561.670405]\n but task is already holding lock:\n[ 561.670407] ffff88815af58258 (sk_lock-AF_BLUETOOTH){+.+.}-{0:0},\n at: iso_sock_recvmsg+0xbf/0x500 [bluetooth]\n[ 561.670450]\n which lock already depends on the new lock.\n\n[ 561.670452]\n the existing dependency chain (in reverse order) is:\n[ 561.670453]\n -> #2 (sk_lock-AF_BLUETOOTH){+.+.}-{0:0}:\n[ 561.670458] lock_acquire+0x7c/0xc0\n[ 561.670463] lock_sock_nested+0x3b/0xf0\n[ 561.670467] bt_accept_dequeue+0x1a5/0x4d0 [bluetooth]\n[ 561.670510] iso_sock_accept+0x271/0x830 [bluetooth]\n[ 561.670547] do_accept+0x3dd/0x610\n[ 561.670550] __sys_accept4+0xd8/0x170\n[ 561.670553] __x64_sys_accept+0x74/0xc0\n[ 561.670556] x64_sys_call+0x17d6/0x25f0\n[ 561.670559] do_syscall_64+0x87/0x150\n[ 561.670563] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 561.670567]\n -> #1 (sk_lock-AF_BLUETOOTH-BTPROTO_ISO){+.+.}-{0:0}:\n[ 561.670571] lock_acquire+0x7c/0xc0\n[ 561.670574] lock_sock_nested+0x3b/0xf0\n[ 561.670577] iso_sock_listen+0x2de/0xf30 [bluetooth]\n[ 561.670617] __sys_listen_socket+0xef/0x130\n[ 561.670620] __x64_sys_listen+0xe1/0x190\n[ 561.670623] x64_sys_call+0x2517/0x25f0\n[ 561.670626] do_syscall_64+0x87/0x150\n[ 561.670629] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 561.670632]\n -> #0 (&hdev->lock){+.+.}-{3:3}:\n[ 561.670636] __lock_acquire+0x32ad/0x6ab0\n[ 561.670639] lock_acquire.part.0+0x118/0x360\n[ 561.670642] lock_acquire+0x7c/0xc0\n[ 561.670644] __mutex_lock+0x18d/0x12f0\n[ 561.670647] mutex_lock_nested+0x1b/0x30\n[ 561.670651] iso_conn_big_sync+0x73/0x260 [bluetooth]\n[ 561.670687] iso_sock_recvmsg+0x3e9/0x500 [bluetooth]\n[ 561.670722] sock_recvmsg+0x1d5/0x240\n[ 561.670725] sock_read_iter+0x27d/0x470\n[ 561.670727] vfs_read+0x9a0/0xd30\n[ 561.670731] ksys_read+0x1a8/0x250\n[ 561.670733] __x64_sys_read+0x72/0xc0\n[ 561.670736] x64_sys_call+0x1b12/0x25f0\n[ 561.670738] do_syscall_64+0x87/0x150\n[ 561.670741] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 561.670744]\n other info that might help us debug this:\n\n[ 561.670745] Chain exists of:\n&hdev->lock --> sk_lock-AF_BLUETOOTH-BTPROTO_ISO --> sk_lock-AF_BLUETOOTH\n\n[ 561.670751] Possible unsafe locking scenario:\n\n[ 561.670753] CPU0 CPU1\n[ 561.670754] ---- ----\n[ 561.670756] lock(sk_lock-AF_BLUETOOTH);\n[ 561.670758] lock(sk_lock\n AF_BLUETOOTH-BTPROTO_ISO);\n[ 561.670761] lock(sk_lock-AF_BLUETOOTH);\n[ 561.670764] lock(&hdev->lock);\n[ 561.670767]\n *** DEADLOCK ***" + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: Bluetooth: iso: Corregir bloqueo circular en iso_conn_big_sync Esto corrige la advertencia de dependencia de bloqueo circular a continuaci\u00f3n, al reelaborar iso_sock_recvmsg, para garantizar que el bloqueo del socket siempre se libere antes de llamar a una funci\u00f3n que bloquea hdev. [ 561.670344] ========================================================= [ 561.670346] ADVERTENCIA: posible dependencia de bloqueo circular detectada [ 561.670349] 6.12.0-rc6+ #26 No contaminado [ 561.670351] ------------------------------------------------------ [ 561.670353] iso-tester/3289 est\u00e1 intentando adquirir bloqueo: [ 561.670355] ffff88811f600078 (&hdev->lock){+.+.}-{3:3}, en: iso_conn_big_sync+0x73/0x260 [bluetooth] [ 561.670405] pero la tarea ya tiene el bloqueo: [ 561.670407] ffff88815af58258 (sk_lock-AF_BLUETOOTH){+.+.}-{0:0}, en: iso_sock_recvmsg+0xbf/0x500 [bluetooth] [ 561.670450] cuyo bloqueo ya depende del nuevo bloqueo. [ 561.670452] la cadena de dependencia existente (en orden inverso) es: [ 561.670453] -> #2 (sk_lock-AF_BLUETOOTH){+.+.}-{0:0}: [ 561.670458] lock_acquire+0x7c/0xc0 [ 561.670463] lock_sock_nested+0x3b/0xf0 [ 561.670467] bt_accept_dequeue+0x1a5/0x4d0 [bluetooth] [ 561.670510] iso_sock_accept+0x271/0x830 [bluetooth] [ 561.670547] do_accept+0x3dd/0x610 [ 561.670550] __sys_accept4+0xd8/0x170 [ 561.670553] __x64_sys_accept+0x74/0xc0 [ 561.670556] x64_sys_call+0x17d6/0x25f0 [ 561.670559] hacer_syscall_64+0x87/0x150 [ 561.670563] entrada_SYSCALL_64_after_hwframe+0x76/0x7e [ 561.670567] -> #1 (sk_lock-AF_BLUETOOTH-BTPROTO_ISO){+.+.}-{0:0}: [ 561.670571] bloqueo_adquirir+0x7c/0xc0 [ 561.670574] lock_sock_nested+0x3b/0xf0 [ 561.670577] iso_sock_listen+0x2de/0xf30 [bluetooth] [ 561.670617] __sys_listen_socket+0xef/0x130 [ 561.670620] __x64_sys_listen+0xe1/0x190 [ 561.670623] x64_sys_call+0x2517/0x25f0 [ 561.670626] hacer_syscall_64+0x87/0x150 [ 561.670629] entrada_SYSCALL_64_despu\u00e9s_de_hwframe+0x76/0x7e [ 561.670632] -> #0 (&hdev->lock){+.+.}-{3:3}: [ 561.670636] __lock_acquire+0x32ad/0x6ab0 [ 561.670639] lock_acquire.part.0+0x118/0x360 [ 561.670642] lock_acquire+0x7c/0xc0 [ 561.670644] __mutex_lock+0x18d/0x12f0 [ 561.670647] mutex_lock_nested+0x1b/0x30 [ 561.670651] iso_conn_big_sync+0x73/0x260 [bluetooth] [ 561.670687] iso_sock_recvmsg+0x3e9/0x500 [bluetooth] [561.670722] sock_recvmsg+0x1d5/0x240 [561.670725] sock_read_iter+0x27d/0x470 [561.670727] vfs_read+0x9a0/0xd30 [561.670731] ksys_read+0x1a8/0x250 [561.670733] __x64_sys_read+0x72/0xc0 [561.670736] x64_sys_call+0x1b12/0x25f0 [561.670738] do_syscall_64+0x87/0x150 [ 561.670741] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 561.670744] otra informaci\u00f3n que podr\u00eda ayudarnos a depurar esto: [ 561.670745] La cadena existe de: &hdev->lock --> sk_lock-AF_BLUETOOTH-BTPROTO_ISO --> sk_lock-AF_BLUETOOTH [ 561.670751] Posible escenario de bloqueo inseguro: [ 561.670753] CPU0 CPU1 [ 561.670754] ---- ---- [ 561.670756] lock(sk_lock-AF_BLUETOOTH); [ 561.670758] bloqueo(sk_lock AF_BLUETOOTH-BTPROTO_ISO); [ 561.670761] bloqueo(sk_lock-AF_BLUETOOTH); [ 561.670764] bloqueo(&hdev->lock); [ 561.670767] *** BLOQUEO INTERMEDIO ***" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-667" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.11.11", + "versionEndExcluding": "6.12", + "matchCriteriaId": "4CBF5F6E-D446-4CAE-AAA4-413442319824" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.12.2", + "versionEndExcluding": "6.12.6", + "matchCriteriaId": "56F9CCF9-9EA2-4DE9-BBC1-74C3D2046E55" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc1:*:*:*:*:*:*", + "matchCriteriaId": "62567B3C-6CEE-46D0-BC2E-B3717FBF7D13" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc2:*:*:*:*:*:*", + "matchCriteriaId": "5A073481-106D-4B15-B4C7-FB0213B8E1D4" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://git.kernel.org/stable/c/7a17308c17880d259105f6e591eb1bc77b9612f0", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/cbe640d6cae590b9a7d81ce86fe9a90e83eec1d5", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-544xx/CVE-2024-54460.json b/CVE-2024/CVE-2024-544xx/CVE-2024-54460.json index 6f336a19413..09f1c811896 100644 --- a/CVE-2024/CVE-2024-544xx/CVE-2024-54460.json +++ b/CVE-2024/CVE-2024-544xx/CVE-2024-54460.json @@ -2,24 +2,98 @@ "id": "CVE-2024-54460", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2025-01-11T13:15:27.157", - "lastModified": "2025-01-11T13:15:27.157", - "vulnStatus": "Received", + "lastModified": "2025-01-16T15:15:42.083", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: iso: Fix circular lock in iso_listen_bis\n\nThis fixes the circular locking dependency warning below, by\nreleasing the socket lock before enterning iso_listen_bis, to\navoid any potential deadlock with hdev lock.\n\n[ 75.307983] ======================================================\n[ 75.307984] WARNING: possible circular locking dependency detected\n[ 75.307985] 6.12.0-rc6+ #22 Not tainted\n[ 75.307987] ------------------------------------------------------\n[ 75.307987] kworker/u81:2/2623 is trying to acquire lock:\n[ 75.307988] ffff8fde1769da58 (sk_lock-AF_BLUETOOTH-BTPROTO_ISO)\n at: iso_connect_cfm+0x253/0x840 [bluetooth]\n[ 75.308021]\n but task is already holding lock:\n[ 75.308022] ffff8fdd61a10078 (&hdev->lock)\n at: hci_le_per_adv_report_evt+0x47/0x2f0 [bluetooth]\n[ 75.308053]\n which lock already depends on the new lock.\n\n[ 75.308054]\n the existing dependency chain (in reverse order) is:\n[ 75.308055]\n -> #1 (&hdev->lock){+.+.}-{3:3}:\n[ 75.308057] __mutex_lock+0xad/0xc50\n[ 75.308061] mutex_lock_nested+0x1b/0x30\n[ 75.308063] iso_sock_listen+0x143/0x5c0 [bluetooth]\n[ 75.308085] __sys_listen_socket+0x49/0x60\n[ 75.308088] __x64_sys_listen+0x4c/0x90\n[ 75.308090] x64_sys_call+0x2517/0x25f0\n[ 75.308092] do_syscall_64+0x87/0x150\n[ 75.308095] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 75.308098]\n -> #0 (sk_lock-AF_BLUETOOTH-BTPROTO_ISO){+.+.}-{0:0}:\n[ 75.308100] __lock_acquire+0x155e/0x25f0\n[ 75.308103] lock_acquire+0xc9/0x300\n[ 75.308105] lock_sock_nested+0x32/0x90\n[ 75.308107] iso_connect_cfm+0x253/0x840 [bluetooth]\n[ 75.308128] hci_connect_cfm+0x6c/0x190 [bluetooth]\n[ 75.308155] hci_le_per_adv_report_evt+0x27b/0x2f0 [bluetooth]\n[ 75.308180] hci_le_meta_evt+0xe7/0x200 [bluetooth]\n[ 75.308206] hci_event_packet+0x21f/0x5c0 [bluetooth]\n[ 75.308230] hci_rx_work+0x3ae/0xb10 [bluetooth]\n[ 75.308254] process_one_work+0x212/0x740\n[ 75.308256] worker_thread+0x1bd/0x3a0\n[ 75.308258] kthread+0xe4/0x120\n[ 75.308259] ret_from_fork+0x44/0x70\n[ 75.308261] ret_from_fork_asm+0x1a/0x30\n[ 75.308263]\n other info that might help us debug this:\n\n[ 75.308264] Possible unsafe locking scenario:\n\n[ 75.308264] CPU0 CPU1\n[ 75.308265] ---- ----\n[ 75.308265] lock(&hdev->lock);\n[ 75.308267] lock(sk_lock-\n AF_BLUETOOTH-BTPROTO_ISO);\n[ 75.308268] lock(&hdev->lock);\n[ 75.308269] lock(sk_lock-AF_BLUETOOTH-BTPROTO_ISO);\n[ 75.308270]\n *** DEADLOCK ***\n\n[ 75.308271] 4 locks held by kworker/u81:2/2623:\n[ 75.308272] #0: ffff8fdd66e52148 ((wq_completion)hci0#2){+.+.}-{0:0},\n at: process_one_work+0x443/0x740\n[ 75.308276] #1: ffffafb488b7fe48 ((work_completion)(&hdev->rx_work)),\n at: process_one_work+0x1ce/0x740\n[ 75.308280] #2: ffff8fdd61a10078 (&hdev->lock){+.+.}-{3:3}\n at: hci_le_per_adv_report_evt+0x47/0x2f0 [bluetooth]\n[ 75.308304] #3: ffffffffb6ba4900 (rcu_read_lock){....}-{1:2},\n at: hci_connect_cfm+0x29/0x190 [bluetooth]" + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: Bluetooth: iso: Corregir bloqueo circular en iso_listen_bis Esto corrige la advertencia de dependencia de bloqueo circular a continuaci\u00f3n, liberando el bloqueo del socket antes de ingresar a iso_listen_bis, para evitar cualquier posible bloqueo con el bloqueo hdev. [ 75.307983] ========================================================= [ 75.307984] ADVERTENCIA: posible dependencia de bloqueo circular detectada [ 75.307985] 6.12.0-rc6+ #22 No contaminado [ 75.307987] ------------------------------------------------------ [ 75.307987] kworker/u81:2/2623 est\u00e1 intentando adquirir el bloqueo: [ 75.307988] ffff8fde1769da58 (sk_lock-AF_BLUETOOTH-BTPROTO_ISO) en: iso_connect_cfm+0x253/0x840 [bluetooth] [ 75.308021] pero la tarea ya tiene el bloqueo: [ 75.308022] ffff8fdd61a10078 (&hdev->lock) en: hci_le_per_adv_report_evt+0x47/0x2f0 [bluetooth] [ 75.308053] cuyo bloqueo ya depende del nuevo bloqueo. [ 75.308054] la cadena de dependencia existente (en orden inverso) es: [ 75.308055] -> #1 (&hdev->lock){+.+.}-{3:3}: [ 75.308057] __mutex_lock+0xad/0xc50 [ 75.308061] mutex_lock_nested+0x1b/0x30 [ 75.308063] iso_sock_listen+0x143/0x5c0 [bluetooth] [ 75.308085] __sys_listen_socket+0x49/0x60 [ 75.308088] __x64_sys_listen+0x4c/0x90 [ 75.308090] x64_sys_call+0x2517/0x25f0 [ 75.308092] hacer_syscall_64+0x87/0x150 [ 75.308095] entrada_SYSCALL_64_despu\u00e9s_de_hwframe+0x76/0x7e [ 75.308098] -> #0 (sk_lock-AF_BLUETOOTH-BTPROTO_ISO){+.+.}-{0:0}: [ 75.308100] __lock_acquire+0x155e/0x25f0 [ 75.308103] lock_acquire+0xc9/0x300 [ 75.308105] lock_sock_nested+0x32/0x90 [ 75.308107] iso_connect_cfm+0x253/0x840 [bluetooth] [ 75.308128] hci_connect_cfm+0x6c/0x190 [bluetooth] [ 75.308155] hci_le_per_adv_report_evt+0x27b/0x2f0 [bluetooth] [ 75.308180] hci_le_meta_evt+0xe7/0x200 [bluetooth] [ 75.308206] hci_event_packet+0x21f/0x5c0 [bluetooth] [ 75.308230] hci_rx_work+0x3ae/0xb10 [bluetooth] [ 75.308254] process_one_work+0x212/0x740 [ 75.308256] worker_thread+0x1bd/0x3a0 [ 75.308258] kthread+0xe4/0x120 [ 75.308259] ret_from_fork+0x44/0x70 [ 75.308261] ret_from_fork_asm+0x1a/0x30 [ 75.308263] otra informaci\u00f3n que podr\u00eda ayudarnos a depurar esto: [ 75.308264] Posible escenario de bloqueo inseguro: [ 75.308264] CPU0 CPU1 [ 75.308265] ---- ---- [ 75.308265] lock(&hdev->lock); [ 75.308267] lock(sk_lock- AF_BLUETOOTH-BTPROTO_ISO); [ 75.308268] bloquear(&hdev->bloquear); [ 75.308269] bloquear(sk_lock-AF_BLUETOOTH-BTPROTO_ISO); [ 75.308270] *** BLOQUEO INTERMEDIO *** [ 75.308271] 4 bloqueos mantenidos por kworker/u81:2/2623: [ 75.308272] #0: ffff8fdd66e52148 ((wq_completion)hci0#2){+.+.}-{0:0}, en: process_one_work+0x443/0x740 [ 75.308276] #1: ffffafb488b7fe48 ((work_completion)(&hdev->rx_work)), en: process_one_work+0x1ce/0x740 [ 75.308280] #2: ffff8fdd61a10078 (&hdev->lock){+.+.}-{3:3} en: hci_le_per_adv_report_evt+0x47/0x2f0 [bluetooth] [ 75.308304] #3: ffffffffb6ba4900 (rcu_read_lock){....}-{1:2}, en: hci_connect_cfm+0x29/0x190 [bluetooth]" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-667" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.8.12", + "versionEndExcluding": "6.12.6", + "matchCriteriaId": "9C6C7E91-EB56-47C5-AB8F-8E569B8E5D4C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc1:*:*:*:*:*:*", + "matchCriteriaId": "62567B3C-6CEE-46D0-BC2E-B3717FBF7D13" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc2:*:*:*:*:*:*", + "matchCriteriaId": "5A073481-106D-4B15-B4C7-FB0213B8E1D4" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://git.kernel.org/stable/c/168e28305b871d8ec604a8f51f35467b8d7ba05b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c541d7b5e17987ed330798b07d4ad508859c1c93", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-545xx/CVE-2024-54540.json b/CVE-2024/CVE-2024-545xx/CVE-2024-54540.json index 9e71fe57ab2..f87c7e7f28a 100644 --- a/CVE-2024/CVE-2024-545xx/CVE-2024-54540.json +++ b/CVE-2024/CVE-2024-545xx/CVE-2024-54540.json @@ -2,16 +2,55 @@ "id": "CVE-2024-54540", "sourceIdentifier": "product-security@apple.com", "published": "2025-01-15T20:15:28.703", - "lastModified": "2025-01-15T20:15:28.703", + "lastModified": "2025-01-16T15:15:13.697", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The issue was addressed with improved input sanitization. This issue is fixed in Apple Music 1.5.0.152 for Windows. Processing maliciously crafted web content may disclose internal states of the app." + }, + { + "lang": "es", + "value": " El problema se solucion\u00f3 con una mejora en la desinfecci\u00f3n de entradas. Este problema se solucion\u00f3 en Apple Music 1.5.0.152 para Windows. El procesamiento de contenido web creado con fines malintencionados puede revelar estados internos de la aplicaci\u00f3n." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://support.apple.com/en-us/122043", diff --git a/CVE-2024/CVE-2024-546xx/CVE-2024-54680.json b/CVE-2024/CVE-2024-546xx/CVE-2024-54680.json index 29b0aa78677..d3cfe276971 100644 --- a/CVE-2024/CVE-2024-546xx/CVE-2024-54680.json +++ b/CVE-2024/CVE-2024-546xx/CVE-2024-54680.json @@ -2,28 +2,117 @@ "id": "CVE-2024-54680", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2025-01-11T13:15:27.340", - "lastModified": "2025-01-11T13:15:27.340", - "vulnStatus": "Received", + "lastModified": "2025-01-16T15:17:54.520", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix TCP timers deadlock after rmmod\n\nCommit ef7134c7fc48 (\"smb: client: Fix use-after-free of network namespace.\")\nfixed a netns UAF by manually enabled socket refcounting\n(sk->sk_net_refcnt=1 and sock_inuse_add(net, 1)).\n\nThe reason the patch worked for that bug was because we now hold\nreferences to the netns (get_net_track() gets a ref internally)\nand they're properly released (internally, on __sk_destruct()),\nbut only because sk->sk_net_refcnt was set.\n\nProblem:\n(this happens regardless of CONFIG_NET_NS_REFCNT_TRACKER and regardless\nif init_net or other)\n\nSetting sk->sk_net_refcnt=1 *manually* and *after* socket creation is not\nonly out of cifs scope, but also technically wrong -- it's set conditionally\nbased on user (=1) vs kernel (=0) sockets. And net/ implementations\nseem to base their user vs kernel space operations on it.\n\ne.g. upon TCP socket close, the TCP timers are not cleared because\nsk->sk_net_refcnt=1:\n(cf. commit 151c9c724d05 (\"tcp: properly terminate timers for kernel sockets\"))\n\nnet/ipv4/tcp.c:\n void tcp_close(struct sock *sk, long timeout)\n {\n \tlock_sock(sk);\n \t__tcp_close(sk, timeout);\n \trelease_sock(sk);\n \tif (!sk->sk_net_refcnt)\n \t\tinet_csk_clear_xmit_timers_sync(sk);\n \tsock_put(sk);\n }\n\nWhich will throw a lockdep warning and then, as expected, deadlock on\ntcp_write_timer().\n\nA way to reproduce this is by running the reproducer from ef7134c7fc48\nand then 'rmmod cifs'. A few seconds later, the deadlock/lockdep\nwarning shows up.\n\nFix:\nWe shouldn't mess with socket internals ourselves, so do not set\nsk_net_refcnt manually.\n\nAlso change __sock_create() to sock_create_kern() for explicitness.\n\nAs for non-init_net network namespaces, we deal with it the best way\nwe can -- hold an extra netns reference for server->ssocket and drop it\nwhen it's released. This ensures that the netns still exists whenever\nwe need to create/destroy server->ssocket, but is not directly tied to\nit." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: smb: client: fix TCP timers deadlock after rmmod Commit ef7134c7fc48 (\"smb: client: Fix use-after-free of network namespace.\") corrigi\u00f3 un UAF de netns habilitando manualmente el recuento de referencias de sockets (sk->sk_net_refcnt=1 y sock_inuse_add(net, 1)). La raz\u00f3n por la que el parche funcion\u00f3 para ese error fue porque ahora tenemos referencias a netns (get_net_track() obtiene una referencia internamente) y se liberan correctamente (internamente, en __sk_destruct()), pero solo porque se configur\u00f3 sk->sk_net_refcnt. Problema: (esto sucede independientemente de CONFIG_NET_NS_REFCNT_TRACKER y sin importar si es init_net u otro) Establecer sk->sk_net_refcnt=1 *manualmente* y *despu\u00e9s* de la creaci\u00f3n del socket no solo est\u00e1 fuera del alcance de cifs, sino que tambi\u00e9n es t\u00e9cnicamente incorrecto: se establece condicionalmente en funci\u00f3n de los sockets del usuario (=1) frente a los del kernel (=0). Y las implementaciones de net/ parecen basar sus operaciones de espacio de usuario frente a kernel en ello. p. ej., al cerrar el socket TCP, los temporizadores TCP no se borran porque sk->sk_net_refcnt=1: (cf. commit 151c9c724d05 (\"tcp: finalizar correctamente los temporizadores para los sockets del kernel\")) net/ipv4/tcp.c: void tcp_close(struct sock *sk, long timeout) { lock_sock(sk); __tcp_close(sk, timeout); release_sock(sk); if (!sk->sk_net_refcnt) inet_csk_clear_xmit_timers_sync(sk); sock_put(sk); } Esto arrojar\u00e1 una advertencia de lockdep y luego, como se esperaba, un bloqueo en tcp_write_timer(). Una forma de reproducir esto es ejecutando el reproductor desde ef7134c7fc48 y luego 'rmmod cifs'. Unos segundos m\u00e1s tarde, aparece la advertencia de bloqueo/lockdep. Soluci\u00f3n: No deber\u00edamos meternos con los componentes internos del socket nosotros mismos, as\u00ed que no configure sk_net_refcnt manualmente. Tambi\u00e9n cambie __sock_create() a sock_create_kern() para que sea m\u00e1s expl\u00edcito. En cuanto a los espacios de nombres de red que no son init_net, lo tratamos de la mejor manera que podemos: mantenemos una referencia netns adicional para server->ssocket y la descartamos cuando se libera. Esto garantiza que netns siga existiendo siempre que necesitemos crear o destruir server->ssocket, pero no est\u00e1 directamente vinculado a \u00e9l." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-667" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.6.62", + "versionEndExcluding": "6.6.68", + "matchCriteriaId": "C07199EE-C70E-4530-AC2F-9BA8E147E58F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.11.9", + "versionEndExcluding": "6.12.7", + "matchCriteriaId": "824994E7-D328-4F50-8DE8-FE9995F1B52C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc1:*:*:*:*:*:*", + "matchCriteriaId": "62567B3C-6CEE-46D0-BC2E-B3717FBF7D13" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc2:*:*:*:*:*:*", + "matchCriteriaId": "5A073481-106D-4B15-B4C7-FB0213B8E1D4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc3:*:*:*:*:*:*", + "matchCriteriaId": "DE491969-75AE-4A6B-9A58-8FC5AF98798F" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://git.kernel.org/stable/c/127e907e11ccd54b59bb78fc22c43ccb76c71079", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/906807c734ed219dcb2e7bbfde5c4168ed72a3d0", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e9f2517a3e18a54a3943c098d2226b245d488801", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-546xx/CVE-2024-54683.json b/CVE-2024/CVE-2024-546xx/CVE-2024-54683.json index 72f75ac1ce1..1288c46bcbc 100644 --- a/CVE-2024/CVE-2024-546xx/CVE-2024-54683.json +++ b/CVE-2024/CVE-2024-546xx/CVE-2024-54683.json @@ -2,28 +2,112 @@ "id": "CVE-2024-54683", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2025-01-11T13:15:27.490", - "lastModified": "2025-01-11T13:15:27.490", - "vulnStatus": "Received", + "lastModified": "2025-01-16T15:18:09.453", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: IDLETIMER: Fix for possible ABBA deadlock\n\nDeletion of the last rule referencing a given idletimer may happen at\nthe same time as a read of its file in sysfs:\n\n| ======================================================\n| WARNING: possible circular locking dependency detected\n| 6.12.0-rc7-01692-g5e9a28f41134-dirty #594 Not tainted\n| ------------------------------------------------------\n| iptables/3303 is trying to acquire lock:\n| ffff8881057e04b8 (kn->active#48){++++}-{0:0}, at: __kernfs_remove+0x20\n|\n| but task is already holding lock:\n| ffffffffa0249068 (list_mutex){+.+.}-{3:3}, at: idletimer_tg_destroy_v]\n|\n| which lock already depends on the new lock.\n\nA simple reproducer is:\n\n| #!/bin/bash\n|\n| while true; do\n| iptables -A INPUT -i foo -j IDLETIMER --timeout 10 --label \"testme\"\n| iptables -D INPUT -i foo -j IDLETIMER --timeout 10 --label \"testme\"\n| done &\n| while true; do\n| cat /sys/class/xt_idletimer/timers/testme >/dev/null\n| done\n\nAvoid this by freeing list_mutex right after deleting the element from\nthe list, then continuing with the teardown." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: netfilter: IDLETIMER: Correcci\u00f3n de un posible bloqueo de ABBA La eliminaci\u00f3n de la \u00faltima regla que hace referencia a un temporizador inactivo determinado puede ocurrir al mismo tiempo que una lectura de su archivo en sysfs: | ======================================================== | ADVERTENCIA: se detect\u00f3 una posible dependencia de bloqueo circular | 6.12.0-rc7-01692-g5e9a28f41134-dirty #594 No contaminado | ------------------------------------------------------ | iptables/3303 est\u00e1 intentando adquirir el bloqueo: | ffff8881057e04b8 (kn->active#48){++++}-{0:0}, at: __kernfs_remove+0x20 | | pero la tarea ya tiene el bloqueo: | ffffffffa0249068 (list_mutex){+.+.}-{3:3}, at: idletimer_tg_destroy_v] | | cuyo bloqueo ya depende del nuevo bloqueo. Un reproductor simple es: | #!/bin/bash | | mientras es verdadero; hacer | iptables -A INPUT -i foo -j IDLETIMER --timeout 10 --label \"testme\" | iptables -D INPUT -i foo -j IDLETIMER --timeout 10 --label \"testme\" | hecho & | mientras es verdadero; hacer | cat /sys/class/xt_idletimer/timers/testme >/dev/null | Evite esto liberando list_mutex inmediatamente despu\u00e9s de eliminar el elemento de la lista y luego contin\u00fae con el desmontaje." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-667" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "2.6.36", + "versionEndExcluding": "6.6.67", + "matchCriteriaId": "04498663-FC2C-477E-9F63-68E556076CB8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.12.6", + "matchCriteriaId": "0CB1A9BB-F95E-43DD-A2FD-147912FD91E5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc1:*:*:*:*:*:*", + "matchCriteriaId": "62567B3C-6CEE-46D0-BC2E-B3717FBF7D13" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc2:*:*:*:*:*:*", + "matchCriteriaId": "5A073481-106D-4B15-B4C7-FB0213B8E1D4" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://git.kernel.org/stable/c/45fe76573a2557f632e248cc141342233f422b9a", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8c2c8445cda8f59c38dec7dc10509bcb23ae26a0", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f36b01994d68ffc253c8296e2228dfe6e6431c03", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-547xx/CVE-2024-54730.json b/CVE-2024/CVE-2024-547xx/CVE-2024-54730.json index ca9d3698d22..bc1750ea4d6 100644 --- a/CVE-2024/CVE-2024-547xx/CVE-2024-54730.json +++ b/CVE-2024/CVE-2024-547xx/CVE-2024-54730.json @@ -2,16 +2,55 @@ "id": "CVE-2024-54730", "sourceIdentifier": "cve@mitre.org", "published": "2025-01-14T23:15:08.837", - "lastModified": "2025-01-14T23:15:08.837", + "lastModified": "2025-01-16T16:15:31.407", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Flatnotes \n \n asm_sysvec_hyperv_stimer0\n...\n kvp_register_done\n hvt_op_read\n vfs_read\n ksys_read\n __x64_sys_read\n\nThis can happen because the KVP/VSS channel callback can be invoked\neven before the channel is fully opened:\n1) as soon as hv_kvp_init() -> hvutil_transport_init() creates\n/dev/vmbus/hv_kvp, the kvp daemon can open the device file immediately and\nregister itself to the driver by writing a message KVP_OP_REGISTER1 to the\nfile (which is handled by kvp_on_msg() ->kvp_handle_handshake()) and\nreading the file for the driver's response, which is handled by\nhvt_op_read(), which calls hvt->on_read(), i.e. kvp_register_done().\n\n2) the problem with kvp_register_done() is that it can cause the\nchannel callback to be called even before the channel is fully opened,\nand when the channel callback is starting to run, util_probe()->\nvmbus_open() may have not initialized the ringbuffer yet, so the\ncallback can hit the panic of NULL pointer dereference.\n\nTo reproduce the panic consistently, we can add a \"ssleep(10)\" for KVP in\n__vmbus_open(), just before the first hv_ringbuffer_init(), and then we\nunload and reload the driver hv_utils, and run the daemon manually within\nthe 10 seconds.\n\nFix the panic by reordering the steps in util_probe() so the char dev\nentry used by the KVP or VSS daemon is not created until after\nvmbus_open() has completed. This reordering prevents the race condition\nfrom happening." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: Controladores: hv: util: evitar acceder a un b\u00fafer de anillo que a\u00fan no se ha inicializado Si el demonio KVP (o VSS) se inicia antes de que el b\u00fafer de anillo del canal VMBus se haya inicializado por completo, podemos activar el p\u00e1nico siguiente: hv_utils: registrar el controlador de la utilidad HyperV hv_vmbus: registrar el controlador hv_utils ... ERROR: desreferencia de puntero NULL del kernel, direcci\u00f3n: 000000000000000 CPU: 44 UID: 0 PID: 2552 Comm: hv_kvp_daemon Tainted: GE 6.11.0-rc3+ #1 RIP: 0010:hv_pkt_iter_first+0x12/0xd0 Seguimiento de llamadas: ... vmbus_recvpacket hv_kvp_onchannelcallback vmbus_on_event tasklet_action_common asm_sysvec_hyperv_stimer0 ... kvp_register_done hvt_op_read vfs_read ksys_read __x64_sys_read Esto puede suceder porque la devoluci\u00f3n de llamada del canal KVP/VSS se puede invocar incluso antes de que el canal est\u00e9 completamente abierto: 1) tan pronto como hv_kvp_init() -> hvutil_transport_init() crea /dev/vmbus/hv_kvp, el demonio kvp puede abrir el archivo del dispositivo inmediatamente y registrarse en el controlador escribiendo un mensaje KVP_OP_REGISTER1 en el archivo (que es manejado por kvp_on_msg() ->kvp_handle_handshake()) y leyendo el archivo para la respuesta del controlador, que es manejada por hvt_op_read(), que llama a hvt->on_read(), es decir, kvp_register_done(). 2) El problema con kvp_register_done() es que puede provocar que se llame a la devoluci\u00f3n de llamada del canal incluso antes de que el canal est\u00e9 completamente abierto, y cuando la devoluci\u00f3n de llamada del canal est\u00e1 comenzando a ejecutarse, util_probe()-> vmbus_open() puede no haber inicializado a\u00fan el ringbuffer, por lo que la devoluci\u00f3n de llamada puede alcanzar el p\u00e1nico de la desreferencia de puntero NULL. Para reproducir el p\u00e1nico de manera consistente, podemos agregar un \"ssleep(10)\" para KVP en __vmbus_open(), justo antes del primer hv_ringbuffer_init(), y luego descargamos y volvemos a cargar el controlador hv_utils, y ejecutamos el demonio manualmente dentro de los 10 segundos. Solucione el problema reordenando los pasos en util_probe() de modo que la entrada char dev que utiliza el demonio KVP o VSS no se cree hasta que se haya completado vmbus_open(). Esta reordenaci\u00f3n evita que se produzca la condici\u00f3n de ejecuci\u00f3n." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.9", + "versionEndExcluding": "5.4.289", + "matchCriteriaId": "DDE15310-57BA-4BA1-87F2-D344FBFF9497" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.233", + "matchCriteriaId": "44569A17-FE4C-4BE3-9C0C-74AC54C7B51B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.176", + "matchCriteriaId": "DDBD8FC6-2357-4347-BFA1-B4A4A3039F35" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.122", + "matchCriteriaId": "3B06AD1C-E7B3-4B24-A884-D3BE92CC042F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.68", + "matchCriteriaId": "74BA9823-CCED-4B24-815D-B82543954BF8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.12.7", + "matchCriteriaId": "811AC89A-14AC-49FA-9B54-E99526F1CA47" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc1:*:*:*:*:*:*", + "matchCriteriaId": "62567B3C-6CEE-46D0-BC2E-B3717FBF7D13" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc2:*:*:*:*:*:*", + "matchCriteriaId": "5A073481-106D-4B15-B4C7-FB0213B8E1D4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc3:*:*:*:*:*:*", + "matchCriteriaId": "DE491969-75AE-4A6B-9A58-8FC5AF98798F" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://git.kernel.org/stable/c/042253c57be901bfd19f15b68267442b70f510d5", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/07a756a49f4b4290b49ea46e089cbe6f79ff8d26", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/3dd7a30c6d7f90afcf19e9b072f572ba524d7ec6", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/718fe694a334be9d1a89eed22602369ac18d6583", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/89fcec5e466b3ac9b376e0d621c71effa1a7983f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d81f4e73aff9b861671df60e5100ad25cc16fbf8", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f091a224a2c82f1e302b1768d73bb6332f687321", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-563xx/CVE-2024-56369.json b/CVE-2024/CVE-2024-563xx/CVE-2024-56369.json index 3d7f6aa9e82..f4a93f868cc 100644 --- a/CVE-2024/CVE-2024-563xx/CVE-2024-56369.json +++ b/CVE-2024/CVE-2024-563xx/CVE-2024-56369.json @@ -2,36 +2,144 @@ "id": "CVE-2024-56369", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2025-01-11T13:15:28.700", - "lastModified": "2025-01-11T13:15:28.700", - "vulnStatus": "Received", + "lastModified": "2025-01-16T15:18:59.237", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/modes: Avoid divide by zero harder in drm_mode_vrefresh()\n\ndrm_mode_vrefresh() is trying to avoid divide by zero\nby checking whether htotal or vtotal are zero. But we may\nstill end up with a div-by-zero of vtotal*htotal*..." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/modes: Evite dividir por cero con m\u00e1s dificultad en drm_mode_vrefresh() drm_mode_vrefresh() intenta evitar dividir por cero comprobando si htotal o vtotal son cero. Pero a\u00fan as\u00ed podemos terminar con una divisi\u00f3n por cero de vtotal*htotal*..." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-369" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.15.176", + "matchCriteriaId": "D1FB3CC3-98F2-4021-A58A-538E8257FD90" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.122", + "matchCriteriaId": "3B06AD1C-E7B3-4B24-A884-D3BE92CC042F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.68", + "matchCriteriaId": "74BA9823-CCED-4B24-815D-B82543954BF8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.12.7", + "matchCriteriaId": "811AC89A-14AC-49FA-9B54-E99526F1CA47" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc1:*:*:*:*:*:*", + "matchCriteriaId": "62567B3C-6CEE-46D0-BC2E-B3717FBF7D13" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc2:*:*:*:*:*:*", + "matchCriteriaId": "5A073481-106D-4B15-B4C7-FB0213B8E1D4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc3:*:*:*:*:*:*", + "matchCriteriaId": "DE491969-75AE-4A6B-9A58-8FC5AF98798F" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://git.kernel.org/stable/c/47c8b6cf1d08f0ad40d7ea7b025442e51b35ee1f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/69fbb01e891701e6d04db1ddb5ad49e42c4dd963", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9398332f23fab10c5ec57c168b44e72997d6318e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b39de5a71bac5641d0fda33d1cf5682d82cf1ae5", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e7c7b48a0fc5ed83baae400a1b15e33978c25d7f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56551.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56551.json index 2dfb04437f4..5b0fbd6053d 100644 --- a/CVE-2024/CVE-2024-565xx/CVE-2024-56551.json +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56551.json @@ -2,8 +2,8 @@ "id": "CVE-2024-56551", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-12-27T15:15:13.850", - "lastModified": "2024-12-27T15:15:13.850", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-01-16T16:47:11.533", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,19 +15,88 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amdgpu: correcci\u00f3n de slab de use-after-free [ +0.000021] ERROR: KASAN: slab-use-after-free en drm_sched_entity_flush+0x6cb/0x7a0 [gpu_sched] [ +0.000027] Lectura de tama\u00f1o 8 en la direcci\u00f3n ffff8881b8605f88 por la tarea amd_pci_unplug/2147 [ +0.000023] CPU: 6 PID: 2147 Comm: amd_pci_unplug No contaminado 6.10.0+ #1 [ +0.000016] Nombre del hardware: Nombre del producto del sistema ASUS/ROG STRIX B550-F GAMING (WI-FI), BIOS 1401 12/03/2020 [ +0.000016] Rastreo de llamadas: [ +0.000008] [ +0.000009] dump_stack_lvl+0x76/0xa0 [ +0.000017] print_report+0xce/0x5f0 [ +0.000017] ? drm_sched_entity_flush+0x6cb/0x7a0 [gpu_sched] [ +0.000019] ? srso_return_thunk+0x5/0x5f [ +0.000015] ? kasan_complete_mode_report_info+0x72/0x200 [ +0.000016] ? drm_sched_entity_flush+0x6cb/0x7a0 [gpu_sched] [ +0.000019] kasan_report+0xbe/0x110 [ +0.000015] ? drm_sched_entity_flush+0x6cb/0x7a0 [gpu_sched] [ +0.000023] __asan_report_load8_noabort+0x14/0x30 [ +0.000014] drm_sched_entity_flush+0x6cb/0x7a0 [gpu_sched] [ +0.000020] ? srso_return_thunk+0x5/0x5f [ +0.000013] ? __pfx_drm_sched_entity_flush+0x10/0x10 [gpu_sched] [ +0.000020] ? srso_return_thunk+0x5/0x5f [ +0.000013] ? __kasan_check_write+0x14/0x30 [ +0.000013] ? srso_return_thunk+0x5/0x5f [ +0.000013] ? enable_work+0x124/0x220 [ +0.000015] ? __pfx_enable_work+0x10/0x10 [ +0.000013] ? srso_return_thunk+0x5/0x5f [ +0.000014] ? free_large_kmalloc+0x85/0xf0 [ +0.000016] drm_sched_entity_destroy+0x18/0x30 [gpu_sched] [ +0.000020] amdgpu_vce_sw_fini+0x55/0x170 [amdgpu] [ +0.000735] ? __kasan_check_read+0x11/0x20 [ +0.000016] vce_v4_0_sw_fini+0x80/0x110 [amdgpu] [ +0.000726] amdgpu_device_fini_sw+0x331/0xfc0 [amdgpu] [ +0.000679] ? mutex_unlock+0x80/0xe0 [ +0.000017] ? __pfx_amdgpu_device_fini_sw+0x10/0x10 [amdgpu] [ +0.000662] ? srso_return_thunk+0x5/0x5f [ +0.000014] ? __kasan_check_write+0x14/0x30 [ +0.000013] ? srso_return_thunk+0x5/0x5f [ +0.000013] ? mutex_unlock+0x80/0xe0 [ +0.000016] amdgpu_driver_release_kms+0x16/0x80 [amdgpu] [ +0.000663] drm_minor_release+0xc9/0x140 [drm] [ +0.000081] drm_release+0x1fd/0x390 [drm] [ +0.000082] __fput+0x36c/0xad0 [ +0.000018] __fput_sync+0x3c/0x50 [ +0.000014] __x64_sys_close+0x7d/0xe0 [ +0.000014] x64_sys_call+0x1bc6/0x2680 [ +0.000014] do_syscall_64+0x70/0x130 [ +0.000014] ? srso_return_thunk+0x5/0x5f [ +0.000014] ? irqentry_exit_to_user_mode+0x60/0x190 [ +0.000015] ? srso_return_thunk+0x5/0x5f [ +0.000014] ? irqentry_exit+0x43/0x50 [ +0.000012] ? srso_return_thunk+0x5/0x5f [ +0.000013] ? exc_page_fault+0x7c/0x110 [ +0.000015] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ +0.000014] RIP: 0033:0x7ffff7b14f67 [ +0.000013] C\u00f3digo: ff e8 0d 16 02 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 41 c3 48 83 ec 18 89 7c 24 0c e8 73 ba f7 ff [ +0.000026] RSP: 002b:00007ffffffffe378 EFLAGS: 00000246 ORIG_RAX: 0000000000000003 [ +0.000019] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007ffff7b14f67 [ +0.000014] RDX: 0000000000000000 RSI: 00007ffff7f6f47a RDI: 0000000000000003 [ +0.000014] RBP: 00007ffffffffe3a0 R08: 0000555555569890 R09: 0000000000000000 [ +0.000014] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffffffffe5c8 [ +0.000013] R13: 0000555555552a9 R14: 0000555555557d48 R15: 00007ffff7ffd040 [ +0.000020] [ +0.000016] Asignado por la tarea 383 en la CPU 7 en 26.880319s: [ +0.000014] kasan_save_stack+0x28/0x60 [ +0.000008] kasan_save_track+0x18/0x70 [ +0.000007] kasan_save_alloc_info+0x38/0x60 [ +0.000007] __kasan_kmalloc+0xc1/0xd0 [ +0.000007] kmalloc_trace_noprof+0x180/0x380 [ +0.000007] drm_sched_init+0x411/0xec0 [gpu_sched] [ +0.000012] amdgpu_device_init+0x695f/0xa610 [amdgpu] [ +0.000658] amdgpu_driver_load_kms+0x1a/0x120 [amdgpu] [ +0.000662] amdgpu_pci_p ---truncado---" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.6.64", + "matchCriteriaId": "523573B1-32B0-4CEF-A666-DC2DA3D85104" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.12.4", + "matchCriteriaId": "04756810-D093-4B43-B1D9-CF5035968061" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/3990ef742c064e22189b954522930db04fc6b1a7", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/6383199ada42d30562b4249c393592a2a9c38165", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b61badd20b443eabe132314669bb51a263982e5c", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56595.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56595.json index a9fa40c9477..01ddf928bc2 100644 --- a/CVE-2024/CVE-2024-565xx/CVE-2024-56595.json +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56595.json @@ -2,8 +2,8 @@ "id": "CVE-2024-56595", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-12-27T15:15:18.843", - "lastModified": "2024-12-27T15:15:18.843", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-01-16T16:47:27.707", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,35 +15,144 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: jfs: agregar una verificaci\u00f3n para evitar que el \u00edndice de la matriz est\u00e9 fuera de los l\u00edmites en dbAdjTree Cuando el valor de lp es 0 al comienzo del bucle for, se volver\u00e1 negativo en la siguiente asignaci\u00f3n y deber\u00edamos abandonar." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-129" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.4.287", + "matchCriteriaId": "DC7D5C80-B677-4131-A399-3366D7F3961C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.231", + "matchCriteriaId": "B5C644CC-2BD7-4E32-BC54-8DCC7ABE9935" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.174", + "matchCriteriaId": "419FD073-1517-4FD5-8158-F94BC68A1E89" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.120", + "matchCriteriaId": "09AC6122-E2A4-40FE-9D33-268A1B2EC265" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.66", + "matchCriteriaId": "29A976AD-B9AB-4A95-9F08-7669F8847EB9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.12.5", + "matchCriteriaId": "9501D045-7A94-42CA-8B03-821BE94A65B7" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/368a533152220b0a6f1142327d96c6b6361f3002", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/3b5d21b56c3774bc84eab0a93aaac22a4475e2c4", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/491487eeddccc4bb49f2e59d8c8f35bec89c15ca", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8a4311bbde702362fe7412045d06ab6767235dac", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a174706ba4dad895c40b1d2277bade16dfacdcd9", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a3d408870bc19b794646871bc4c3a5daa66f91c5", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b15000bcbecf27e0f7c0f149a409e5b865e28ca2", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56596.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56596.json index 7fba8938801..3c39d722c7b 100644 --- a/CVE-2024/CVE-2024-565xx/CVE-2024-56596.json +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56596.json @@ -2,8 +2,8 @@ "id": "CVE-2024-56596", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-12-27T15:15:18.963", - "lastModified": "2024-12-27T15:15:18.963", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-01-16T16:12:13.840", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,35 +15,144 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: jfs: se corrige el error array-index-out-of-bounds en jfs_readdir. El stbl podr\u00eda contener algunos valores no v\u00e1lidos. Se agreg\u00f3 una verificaci\u00f3n para devolver un c\u00f3digo de error en ese caso." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-129" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.4.287", + "matchCriteriaId": "DC7D5C80-B677-4131-A399-3366D7F3961C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.231", + "matchCriteriaId": "B5C644CC-2BD7-4E32-BC54-8DCC7ABE9935" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.174", + "matchCriteriaId": "419FD073-1517-4FD5-8158-F94BC68A1E89" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.120", + "matchCriteriaId": "09AC6122-E2A4-40FE-9D33-268A1B2EC265" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.66", + "matchCriteriaId": "29A976AD-B9AB-4A95-9F08-7669F8847EB9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.12.5", + "matchCriteriaId": "9501D045-7A94-42CA-8B03-821BE94A65B7" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/839f102efb168f02dfdd46717b7c6dddb26b015e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8ff7579554571d92e3deab168f5a7d7b146ed368", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/97e693593162eef6851d232f0c8148169ed46a5c", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9efe72eefd4c4a7ce63b3e4d667d766d2b360cb4", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b62f41aeec9d250144c53875b507c1d45ae8c8fc", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e7d376f94f72b020f84e77278b150ec1cc27502c", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ff9fc48fab0e1ea0d423c23c99b91bba178f0b05", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-565xx/CVE-2024-56598.json b/CVE-2024/CVE-2024-565xx/CVE-2024-56598.json index 66a821bedf1..9baf2653f01 100644 --- a/CVE-2024/CVE-2024-565xx/CVE-2024-56598.json +++ b/CVE-2024/CVE-2024-565xx/CVE-2024-56598.json @@ -2,8 +2,8 @@ "id": "CVE-2024-56598", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-12-27T15:15:19.200", - "lastModified": "2024-12-27T15:15:19.200", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-01-16T16:12:32.320", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,35 +15,144 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: jfs: arreglo de array-index-out-of-bounds en dtReadFirst El valor de stbl a veces puede estar fuera de los l\u00edmites debido a un sistema de archivos defectuoso. Se agreg\u00f3 una verificaci\u00f3n con el retorno apropiado del c\u00f3digo de error en ese caso." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-129" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.4.287", + "matchCriteriaId": "DC7D5C80-B677-4131-A399-3366D7F3961C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.231", + "matchCriteriaId": "B5C644CC-2BD7-4E32-BC54-8DCC7ABE9935" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.174", + "matchCriteriaId": "419FD073-1517-4FD5-8158-F94BC68A1E89" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.120", + "matchCriteriaId": "09AC6122-E2A4-40FE-9D33-268A1B2EC265" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.66", + "matchCriteriaId": "29A976AD-B9AB-4A95-9F08-7669F8847EB9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.12.5", + "matchCriteriaId": "9501D045-7A94-42CA-8B03-821BE94A65B7" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/22dcbf7661c6ffc3247978c254dc40b833a0d429", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/25f1e673ef61d6bf9a6022e27936785896d74948", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/2eea5fda5556ef03defebf07b0a12fcd2c5210f4", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/823d573f5450ca6be80b36f54d1902ac7cd23fb9", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8c97a4d5463a1c972ef576ac499ea9b05f956097", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ca84a2c9be482836b86d780244f0357e5a778c46", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/fd993b2180b4c373af8b99aa28d4dcda5c2a8f10", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56615.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56615.json index 64216462470..013deeceac8 100644 --- a/CVE-2024/CVE-2024-566xx/CVE-2024-56615.json +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56615.json @@ -2,8 +2,8 @@ "id": "CVE-2024-56615", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-12-27T15:15:21.013", - "lastModified": "2024-12-27T15:15:21.013", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-01-16T16:12:58.100", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,35 +15,150 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: bpf: arregla las escrituras OOB de devmap al eliminar elementos Jordy inform\u00f3 un problema contra XSKMAP que tambi\u00e9n se aplica a DEVMAP: el \u00edndice utilizado para acceder a la entrada del mapa, debido a que es un entero con signo, provoca las escrituras OOB. La soluci\u00f3n es tan simple como cambiar el tipo de int a u32, sin embargo, en comparaci\u00f3n con el caso de XSKMAP, hay que abordar una cosa m\u00e1s. Cuando el mapa se libera del sistema a trav\u00e9s de dev_map_free(), iteramos a trav\u00e9s de todas las entradas y una variable de iterador tambi\u00e9n es un int, lo que implica accesos OOB. Nuevamente, c\u00e1mbielo a u32. Ejemplo de splat a continuaci\u00f3n: [ 160.724676] ERROR: no se puede gestionar el error de p\u00e1gina para la direcci\u00f3n: ffffc8fc2c001000 [ 160.731662] #PF: acceso de lectura del supervisor en modo kernel [ 160.736876] #PF: error_code(0x0000) - p\u00e1gina no presente [ 160.742095] PGD 0 P4D 0 [ 160.744678] Oops: Oops: 0000 [#1] PREEMPT SMP [ 160.749106] CPU: 1 UID: 0 PID: 520 Comm: kworker/u145:12 No contaminado 6.12.0-rc1+ #487 [ 160.757050] Nombre del hardware: Intel Corporation S2600WFT/S2600WFT, BIOS SE5C620.86B.02.01.0008.031920191559 19/03/2019 [ 160.767642] Cola de trabajo: events_unbound bpf_map_free_deferred [ 160.773308] RIP: 0010:dev_map_free+0x77/0x170 [ 160.777735] C\u00f3digo: 00 e8 fd 91 ed ff e8 b8 73 ed ff 41 83 7d 18 19 74 6e 41 8b 45 24 49 8b bd f8 00 00 00 31 db 85 c0 74 48 48 63 c3 48 8d 04 c7 <48> 8b 28 48 85 ed 74 30 48 8b 7d 18 48 85 ff 74 05 e8 b3 52 fa ff [ 160.796777] RSP: 0018:ffffc9000ee1fe38 EFLAGS: 00010202 [ 160.802086] RAX: ffffc8fc2c001000 RBX: 0000000080000000 RCX: 00000000000000024 [ 160.809331] RDX: 0000000000000000 RSI: 00000000000000024 RDI: ffffc9002c001000 [ 160.816576] RBP: 0000000000000000 R08: 0000000000000023 R09: 0000000000000001 [ 160.823823] R10: 000000000000001 R11: 00000000000ee6b2 R12: muerto000000000122 [ 160.831066] R13: ffff88810c928e00 R14: ffff8881002df405 R15: 0000000000000000 [ 160.838310] FS: 0000000000000000(0000) GS:ffff8897e0c40000(0000) knlGS:0000000000000000 [ 160.846528] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 160.852357] CR2: ffffc8fc2c001000 CR3: 0000000005c32006 CR4: 00000000007726f0 [ 160.859604] DR0: 00000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 160.866847] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 160.874092] PKRU: 55555554 [ 160.876847] Rastreo de llamadas: [ 160.879338] [ 160.881477] ? __die+0x20/0x60 [ 160.884586] ? exc_page_fault+0xa9/0x140 [ 160.900973] ? asm_exc_page_fault+0x22/0x30 [ 160.905232] ? dev_map_free+0x77/0x170 [ 160.909043] ? dev_map_free+0x58/0x170 [ 160.912857] bpf_map_free_deferred+0x51/0x90 [ 160.917196] process_one_work+0x142/0x370 [ 160.921272] subproceso_trabajador+0x29e/0x3b0 [ 160.925082] ? subproceso_rescatador+0x4b0/0x4b0 [ 160.929157] kthread+0xd4/0x110 [ 160.932355] ? kthread_park+0x80/0x80 [ 160.936079] ret_from_fork+0x2d/0x50 [ 160.943396] ? kthread_park+0x80/0x80 [ 160.950803] ret_desde_fork_asm+0x11/0x20 [ 160.958482] " } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.14", + "versionEndExcluding": "5.4.287", + "matchCriteriaId": "6B2EFA99-DE35-4505-AB14-A564806C8ADE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.231", + "matchCriteriaId": "B5C644CC-2BD7-4E32-BC54-8DCC7ABE9935" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.174", + "matchCriteriaId": "419FD073-1517-4FD5-8158-F94BC68A1E89" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.120", + "matchCriteriaId": "09AC6122-E2A4-40FE-9D33-268A1B2EC265" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.66", + "matchCriteriaId": "29A976AD-B9AB-4A95-9F08-7669F8847EB9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.12.5", + "matchCriteriaId": "9501D045-7A94-42CA-8B03-821BE94A65B7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc1:*:*:*:*:*:*", + "matchCriteriaId": "62567B3C-6CEE-46D0-BC2E-B3717FBF7D13" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/0f170e91d3063ca60baec4bd9f544faf3bfe29eb", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/178e31df1fb3d9e0890eb471da16709cbc82edee", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/70f3de869865f9c3da0508a5ea29f6f4c1889057", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8e858930695d3ebec423e85384c95427258c294f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/98c03d05936d846073df8f550e9e8bf0dde1d77f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ab244dd7cf4c291f82faacdc50b45cc0f55b674d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ad34306ac6836e5dd096b7d0ad4aa20cb7c8d9e5", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56617.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56617.json index d15160b6543..23065b6b0aa 100644 --- a/CVE-2024/CVE-2024-566xx/CVE-2024-56617.json +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56617.json @@ -2,8 +2,8 @@ "id": "CVE-2024-56617", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-12-27T15:15:21.227", - "lastModified": "2024-12-27T15:15:21.227", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-01-16T16:13:18.913", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,19 +15,94 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: cacheinfo: Asignar memoria durante la conexi\u00f3n en caliente de la CPU si no se hace desde la CPU principal. el commit 5944ce092b97 (\"arch_topology: Generar cacheinfo desde la CPU principal\") a\u00f1ade una funcionalidad que las arquitecturas pueden utilizar para asignar y generar opcionalmente cacheinfo de forma temprana durante el arranque. el commit 6539cffa9495 (\"cacheinfo: A\u00f1adir inicializador de nivel temprano espec\u00edfico de la arquitectura\") permite que las CPU secundarias corrijan (y reasignen memoria) los datos de cacheinfo si es necesario. Si no se utiliza la funcionalidad de generaci\u00f3n temprana y cacheinfo no necesita correcci\u00f3n, nunca se asigna memoria para cacheinfo. x86 no utiliza la funcionalidad de generaci\u00f3n temprana. En consecuencia, durante la devoluci\u00f3n de llamada hotplug de CPU de cacheinfo, last_level_cache_is_valid() intenta desreferenciar un puntero NULL: BUG: kernel NULL pointer dereference, address: 0000000000000100 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not present page PGD 0 P4D 0 Oops: 0000 [#1] PREEPMT SMP NOPTI CPU: 0 PID 19 Comm: cpuhp/0 Not tainted 6.4.0-rc2 #1 RIP: 0010: last_level_cache_is_valid+0x95/0xe0a Asigne memoria para cacheinfo durante la devoluci\u00f3n de llamada hotplug de CPU de cacheinfo si no se hizo antes. Adem\u00e1s, antes de determinar la validez de la informaci\u00f3n de cach\u00e9 de \u00faltimo nivel, aseg\u00farese de que se haya asignado. No basta con comprobar si hay cache_leaves() distintos de cero, ya que algunas arquitecturas (por ejemplo, los procesadores Intel) tienen cache_leaves() distintos de cero antes de la asignaci\u00f3n. La anulaci\u00f3n de referencias a cacheinfo NULL puede ocurrir en update_per_cpu_data_slice_size(). Esta funci\u00f3n itera sobre todas las CPU en l\u00ednea. Sin embargo, es posible que una CPU se haya conectado recientemente, pero que su cacheinfo a\u00fan no se haya asignado. Mientras est\u00e9 aqu\u00ed, elimine una sangr\u00eda innecesaria en allocate_cache_info(). [ bp: Masaje. ]" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.4", + "versionEndExcluding": "6.6.66", + "matchCriteriaId": "26B700EE-A79C-4047-8214-099FACC0BEB5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.12.5", + "matchCriteriaId": "9501D045-7A94-42CA-8B03-821BE94A65B7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc1:*:*:*:*:*:*", + "matchCriteriaId": "62567B3C-6CEE-46D0-BC2E-B3717FBF7D13" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/23b5908b11b77ff8d7b8f7b8f11cbab2e1f4bfc2", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/95e197354e0de07e9a20819bdae6562e4dda0f20", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b3fce429a1e030b50c1c91351d69b8667eef627b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56618.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56618.json index 9e8adb0d9c7..09aa6d89bae 100644 --- a/CVE-2024/CVE-2024-566xx/CVE-2024-56618.json +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56618.json @@ -2,8 +2,8 @@ "id": "CVE-2024-56618", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-12-27T15:15:21.337", - "lastModified": "2024-12-27T15:15:21.337", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-01-16T16:13:52.180", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,15 +15,80 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: pmdomain: imx: gpcv2: Ajuste del retraso despu\u00e9s del protocolo de enlace de encendido El udelay(5) no es suficiente, a veces el p\u00e1nico del kernel a\u00fan se puede activar: [ 4.012973] P\u00e1nico del kernel: no sincroniza: Interrupci\u00f3n de error asincr\u00f3nica [ 4.012976] CPU: 2 UID: 0 PID: 186 Comm: (udev-worker) No contaminado 6.12.0-rc2-0.0.0-devel-00004-g8b1b79e88956 #1 [ 4.012982] Nombre del hardware: Toradex Verdin iMX8M Plus WB en placa Dahlia (DT) [ 4.012985] Rastreo de llamadas: [...] [ 4.013029] arm64_serror_panic+0x64/0x70 [ 4.013034] do_serror+0x3c/0x70 [ 4.013039] el1h_64_error_handler+0x30/0x54 [ 4.013046] el1h_64_error+0x64/0x68 [ 4.013050] clk_imx8mp_audiomix_runtime_resume+0x38/0x48 [ 4.013059] __genpd_runtime_resume+0x30/0x80 [ 4.013066] genpd_runtime_resume+0x114/0x29c [ 4.013073] __rpm_callback+0x48/0x1e0 [ 4.013079] rpm_callback+0x68/0x80 [ 4.013084] rpm_resume+0x3bc/0x6a0 [ 4.013089] __pm_runtime_resume+0x50/0x9c [ 4.013095] pm_runtime_get_suppliers+0x60/0x8c [ 4.013101] __driver_probe_device+0x4c/0x14c [ 4.013108] driver_probe_device+0x3c/0x120 [ 4.013114] __driver_attach+0xc4/0x200 [ 4.013119] bus_for_each_dev+0x7c/0xe0 [ 4.013125] driver_attach+0x24/0x30 [ 4.013130] bus_add_driver+0x110/0x240 [ 4.013135] driver_register+0x68/0x124 [ 4.013142] __platform_driver_register+0x24/0x30 [ 4.013149] sdma_driver_init+0x20/0x1000 [imx_sdma] [ 4.013163] do_one_initcall+0x60/0x1e0 [ 4.013168] do_init_module+0x5c/0x21c [ 4.013175] load_module+0x1a98/0x205c [ 4.013181] init_module_from_file+0x88/0xd4 [ 4.013187] __arm64_sys_finit_module+0x258/0x350 [ 4.013194] anybody_syscall.constprop.0+0x50/0xe0 [ 4.013202] anyone_syscall.constprop.0+0x50/0xe0 [ 4.013202] anyone_syscall.constprop.0+0x50/0xe0 [ 4.013208] anyone_syscall.constprop.0+0x3c/0x140 [ 4.013215] anyone_sysvc+0x120/0x12c [ 4.013222] anyone_sysvc+0x3c/0x140 [ 4.013215] anyone_sysvc+0x120/0x12c [ 4.013222] anyone_sys_sync+0x190/0x194 [ 4.013228] SMP: deteniendo CPUs secundarias La forma correcta es esperar el protocolo de enlace, pero necesita que el reloj BUS de BLK-CTL est\u00e9 habilitado, lo cual est\u00e1 en un controlador separado. Entonces, el retraso es la \u00fanica opci\u00f3n aqu\u00ed. Udelay(10) es un dato obtenido mediante experimento." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.10", + "versionEndExcluding": "6.12.5", + "matchCriteriaId": "DC342DCB-0FE7-49A9-8291-3E1FCB51A530" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc1:*:*:*:*:*:*", + "matchCriteriaId": "62567B3C-6CEE-46D0-BC2E-B3717FBF7D13" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/2379fb937de5333991c567eefd7d11b98977d059", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a63907c8c712414643b597debcd09d16b6827b23", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56626.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56626.json index 49ed6259262..ab45bccb002 100644 --- a/CVE-2024/CVE-2024-566xx/CVE-2024-56626.json +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56626.json @@ -2,8 +2,8 @@ "id": "CVE-2024-56626", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-12-27T15:15:22.140", - "lastModified": "2025-01-09T16:16:22.770", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-01-16T16:18:20.643", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,27 +15,122 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ksmbd: se corrige la escritura fuera de los l\u00edmites en ksmbd_vfs_stream_write. Un desplazamiento del cliente podr\u00eda ser un valor negativo, lo que podr\u00eda permitir escribir datos fuera de los l\u00edmites del b\u00fafer asignado. Tenga en cuenta que este problema se produce al configurar 'vfs objects = streams_xattr parameter' en ksmbd.conf." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.15", + "versionEndExcluding": "5.15.176", + "matchCriteriaId": "6877BC79-54F8-4872-9080-B8D0D2E4FC9C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.120", + "matchCriteriaId": "09AC6122-E2A4-40FE-9D33-268A1B2EC265" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.66", + "matchCriteriaId": "29A976AD-B9AB-4A95-9F08-7669F8847EB9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.12.5", + "matchCriteriaId": "9501D045-7A94-42CA-8B03-821BE94A65B7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc1:*:*:*:*:*:*", + "matchCriteriaId": "62567B3C-6CEE-46D0-BC2E-B3717FBF7D13" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/164d3597d26d9acff5d5b8bc3208bdcca942dd6a", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/1aea5c9470be2c7129704fb1b9562b1e3e0576f8", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/313dab082289e460391c82d855430ec8a28ddf81", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8cd7490fc0f268883e86e840cda5311257af69ca", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c5797f195c67132d061d29c57a7c6d30530686f0", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56627.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56627.json index 7af7b2f6a68..79a46b7f51a 100644 --- a/CVE-2024/CVE-2024-566xx/CVE-2024-56627.json +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56627.json @@ -2,8 +2,8 @@ "id": "CVE-2024-56627", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-12-27T15:15:22.250", - "lastModified": "2025-01-09T16:16:22.907", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-01-16T16:18:48.093", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,27 +15,122 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ksmbd: se ha corregido la lectura fuera de los l\u00edmites en ksmbd_vfs_stream_read. Un desplazamiento del cliente podr\u00eda ser un valor negativo, lo que podr\u00eda provocar una lectura fuera de los l\u00edmites desde stream_buf. Tenga en cuenta que este problema se produce al configurar 'vfs objects = streams_xattr parameter' en ksmbd.conf." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.15", + "versionEndExcluding": "5.15.176", + "matchCriteriaId": "6877BC79-54F8-4872-9080-B8D0D2E4FC9C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.120", + "matchCriteriaId": "09AC6122-E2A4-40FE-9D33-268A1B2EC265" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.66", + "matchCriteriaId": "29A976AD-B9AB-4A95-9F08-7669F8847EB9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.12.5", + "matchCriteriaId": "9501D045-7A94-42CA-8B03-821BE94A65B7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc1:*:*:*:*:*:*", + "matchCriteriaId": "62567B3C-6CEE-46D0-BC2E-B3717FBF7D13" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/27de4295522e9a33e4a3fc72f7b8193df9eebe41", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/6bd1bf0e8c42f10a9a9679a4c103a9032d30594d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/81eed631935f2c52cdaf6691c6d48e0b06e8ad73", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/de4d790dcf53be41736239d7ee63849a16ff5d10", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/fc342cf86e2dc4d2edb0fc2ff5e28b6c7845adb9", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-566xx/CVE-2024-56692.json b/CVE-2024/CVE-2024-566xx/CVE-2024-56692.json index 0dfca4793f9..5825d98818a 100644 --- a/CVE-2024/CVE-2024-566xx/CVE-2024-56692.json +++ b/CVE-2024/CVE-2024-566xx/CVE-2024-56692.json @@ -2,8 +2,8 @@ "id": "CVE-2024-56692", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-12-28T10:15:14.490", - "lastModified": "2024-12-28T10:15:14.490", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-01-16T16:20:06.443", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,23 +15,102 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: f2fs: correcci\u00f3n para realizar una comprobaci\u00f3n de cordura en el nodo blkaddr en truncate_node() syzbot informa un error de f2fs como se muestra a continuaci\u00f3n: ------------[ cortar aqu\u00ed ]------------ \u00a1ERROR del kernel en fs/f2fs/segment.c:2534! RIP: 0010:f2fs_invalidate_blocks+0x35f/0x370 fs/f2fs/segment.c:2534 Seguimiento de llamadas: truncate_node+0x1ae/0x8c0 fs/f2fs/node.c:909 f2fs_remove_inode_page+0x5c2/0x870 fs/f2fs/node.c:1288 f2fs_evict_inode+0x879/0x15c0 fs/f2fs/inode.c:856 evict+0x4e8/0x9b0 fs/inode.c:723 f2fs_handle_failed_inode+0x271/0x2e0 fs/f2fs/inode.c:986 f2fs_create+0x357/0x530 fs/f2fs/namei.c:394 lookup_open fs/namei.c:3595 [en l\u00ednea] open_last_lookups fs/namei.c:3694 [en l\u00ednea] path_openat+0x1c03/0x3590 fs/namei.c:3930 do_filp_open+0x235/0x490 fs/namei.c:3960 do_sys_openat2+0x13e/0x1d0 fs/open.c:1415 do_sys_open fs/open.c:1430 [en l\u00ednea] __do_sys_openat fs/open.c:1446 [en l\u00ednea] __se_sys_openat fs/open.c:1441 [en l\u00ednea] __x64_sys_openat+0x247/0x2a0 fs/open.c:1441 do_syscall_x64 arch/x86/entry/common.c:52 [en l\u00ednea] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0010:f2fs_invalidate_blocks+0x35f/0x370 fs/f2fs/segment.c:2534 La causa ra\u00edz es: en una imagen con errores, blkaddr en la entrada nat puede estar da\u00f1ado, luego causar\u00e1 un p\u00e1nico del sistema al usarlo en f2fs_invalidate_blocks(), para evitar esto, agreguemos una verificaci\u00f3n de cordura en nat blkaddr en truncar_nodo()." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-754" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.6.64", + "matchCriteriaId": "523573B1-32B0-4CEF-A666-DC2DA3D85104" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.11.11", + "matchCriteriaId": "21434379-192D-472F-9B54-D45E3650E893" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.12", + "versionEndExcluding": "6.12.2", + "matchCriteriaId": "D8882B1B-2ABC-4838-AC1D-DBDBB5764776" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/0a5c8b3fbf6200f1c66062d307c9a52084917788", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/27d6e7eff07f8cce8e83b162d8f21a07458c860d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/6babe00ccd34fc65b78ef8b99754e32b4385f23d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c1077078ce4589b5e5387f6b0aaa0d4534b9eb57", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-570xx/CVE-2024-57011.json b/CVE-2024/CVE-2024-570xx/CVE-2024-57011.json index 07b06cc9655..b94e85ddb13 100644 --- a/CVE-2024/CVE-2024-570xx/CVE-2024-57011.json +++ b/CVE-2024/CVE-2024-570xx/CVE-2024-57011.json @@ -2,16 +2,55 @@ "id": "CVE-2024-57011", "sourceIdentifier": "cve@mitre.org", "published": "2025-01-15T17:15:17.013", - "lastModified": "2025-01-15T17:15:17.013", + "lastModified": "2025-01-16T15:15:13.873", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the \"minute\" parameters in setScheduleCfg." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que TOTOLINK X5000R V9.1.0cu.2350_B20230313 conten\u00eda una vulnerabilidad de inyecci\u00f3n de comandos del sistema operativo a trav\u00e9s del par\u00e1metro \"minute\" en setScheduleCfg." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/tiger5671/Vulnerabilities/blob/main/TOTOLINK%20X5000R/setScheduleCfg/setScheduleCfg.md", diff --git a/CVE-2024/CVE-2024-570xx/CVE-2024-57012.json b/CVE-2024/CVE-2024-570xx/CVE-2024-57012.json index 1f1624899c8..d7f504a2b92 100644 --- a/CVE-2024/CVE-2024-570xx/CVE-2024-57012.json +++ b/CVE-2024/CVE-2024-570xx/CVE-2024-57012.json @@ -2,16 +2,55 @@ "id": "CVE-2024-57012", "sourceIdentifier": "cve@mitre.org", "published": "2025-01-15T17:15:17.113", - "lastModified": "2025-01-15T17:15:17.113", + "lastModified": "2025-01-16T15:15:14.090", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the \"week\" parameter in setScheduleCfg." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que TOTOLINK X5000R V9.1.0cu.2350_B20230313 conten\u00eda una vulnerabilidad de inyecci\u00f3n de comando del sistema operativo a trav\u00e9s del par\u00e1metro \"week\" en setScheduleCfg." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/tiger5671/Vulnerabilities/blob/main/TOTOLINK%20X5000R/setScheduleCfg/setScheduleCfg.md", diff --git a/CVE-2024/CVE-2024-570xx/CVE-2024-57013.json b/CVE-2024/CVE-2024-570xx/CVE-2024-57013.json index 9805f33c1d4..16975a4126e 100644 --- a/CVE-2024/CVE-2024-570xx/CVE-2024-57013.json +++ b/CVE-2024/CVE-2024-570xx/CVE-2024-57013.json @@ -2,16 +2,55 @@ "id": "CVE-2024-57013", "sourceIdentifier": "cve@mitre.org", "published": "2025-01-15T17:15:17.213", - "lastModified": "2025-01-15T17:15:17.213", + "lastModified": "2025-01-16T15:15:14.300", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the \"switch\" parameter in setScheduleCfg." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que TOTOLINK X5000R V9.1.0cu.2350_B20230313 conten\u00eda una vulnerabilidad de inyecci\u00f3n de comandos del sistema operativo a trav\u00e9s del par\u00e1metro \"switch\" en setScheduleCfg." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/tiger5671/Vulnerabilities/blob/main/TOTOLINK%20X5000R/setScheduleCfg/setScheduleCfg.md", diff --git a/CVE-2024/CVE-2024-570xx/CVE-2024-57014.json b/CVE-2024/CVE-2024-570xx/CVE-2024-57014.json index f1a870eb6f0..0fcdf9a25ff 100644 --- a/CVE-2024/CVE-2024-570xx/CVE-2024-57014.json +++ b/CVE-2024/CVE-2024-570xx/CVE-2024-57014.json @@ -2,16 +2,55 @@ "id": "CVE-2024-57014", "sourceIdentifier": "cve@mitre.org", "published": "2025-01-15T17:15:17.307", - "lastModified": "2025-01-15T17:15:17.307", + "lastModified": "2025-01-16T15:15:14.527", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the \"recHour\" parameter in setScheduleCfg." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que TOTOLINK X5000R V9.1.0cu.2350_B20230313 conten\u00eda una vulnerabilidad de inyecci\u00f3n de comando del sistema operativo a trav\u00e9s del par\u00e1metro \"recHour\" en setScheduleCfg." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/tiger5671/Vulnerabilities/blob/main/TOTOLINK%20X5000R/setScheduleCfg/setScheduleCfg.md", diff --git a/CVE-2024/CVE-2024-570xx/CVE-2024-57015.json b/CVE-2024/CVE-2024-570xx/CVE-2024-57015.json index b28af4b58fb..0cb775a74b1 100644 --- a/CVE-2024/CVE-2024-570xx/CVE-2024-57015.json +++ b/CVE-2024/CVE-2024-570xx/CVE-2024-57015.json @@ -2,16 +2,55 @@ "id": "CVE-2024-57015", "sourceIdentifier": "cve@mitre.org", "published": "2025-01-15T17:15:17.403", - "lastModified": "2025-01-15T17:15:17.403", + "lastModified": "2025-01-16T15:15:14.733", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the \"hour\" parameter in setScheduleCfg." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que TOTOLINK X5000R V9.1.0cu.2350_B20230313 conten\u00eda una vulnerabilidad de inyecci\u00f3n de comando del sistema operativo a trav\u00e9s del par\u00e1metro \"hour\" en setScheduleCfg." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/tiger5671/Vulnerabilities/blob/main/TOTOLINK%20X5000R/setScheduleCfg/setScheduleCfg.md", diff --git a/CVE-2024/CVE-2024-570xx/CVE-2024-57016.json b/CVE-2024/CVE-2024-570xx/CVE-2024-57016.json index e0b0ce383a4..86b3fb11b60 100644 --- a/CVE-2024/CVE-2024-570xx/CVE-2024-57016.json +++ b/CVE-2024/CVE-2024-570xx/CVE-2024-57016.json @@ -2,16 +2,55 @@ "id": "CVE-2024-57016", "sourceIdentifier": "cve@mitre.org", "published": "2025-01-15T17:15:17.500", - "lastModified": "2025-01-15T17:15:17.500", + "lastModified": "2025-01-16T15:15:14.937", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the \"user\" parameter in setVpnAccountCfg." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que TOTOLINK X5000R V9.1.0cu.2350_B20230313 conten\u00eda una vulnerabilidad de inyecci\u00f3n de comando del sistema operativo a trav\u00e9s del par\u00e1metro \"user\" en setVpnAccountCfg." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/tiger5671/Vulnerabilities/blob/main/TOTOLINK%20X5000R/setVpnAccountCfg/setVpnAccountCfg.md", diff --git a/CVE-2024/CVE-2024-570xx/CVE-2024-57017.json b/CVE-2024/CVE-2024-570xx/CVE-2024-57017.json index 93559dafe4d..1c01042d5da 100644 --- a/CVE-2024/CVE-2024-570xx/CVE-2024-57017.json +++ b/CVE-2024/CVE-2024-570xx/CVE-2024-57017.json @@ -2,16 +2,55 @@ "id": "CVE-2024-57017", "sourceIdentifier": "cve@mitre.org", "published": "2025-01-15T17:15:17.597", - "lastModified": "2025-01-15T17:15:17.597", + "lastModified": "2025-01-16T16:15:31.640", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the \"pass\" parameter in setVpnAccountCfg." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que TOTOLINK X5000R V9.1.0cu.2350_B20230313 conten\u00eda una vulnerabilidad de inyecci\u00f3n de comando del sistema operativo a trav\u00e9s del par\u00e1metro \"pass\" en setVpnAccountCfg." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/tiger5671/Vulnerabilities/blob/main/TOTOLINK%20X5000R/setVpnAccountCfg/setVpnAccountCfg.md", diff --git a/CVE-2024/CVE-2024-570xx/CVE-2024-57018.json b/CVE-2024/CVE-2024-570xx/CVE-2024-57018.json index 7ed2d42f5d9..392c4cf8ada 100644 --- a/CVE-2024/CVE-2024-570xx/CVE-2024-57018.json +++ b/CVE-2024/CVE-2024-570xx/CVE-2024-57018.json @@ -2,16 +2,55 @@ "id": "CVE-2024-57018", "sourceIdentifier": "cve@mitre.org", "published": "2025-01-15T17:15:17.693", - "lastModified": "2025-01-15T17:15:17.693", + "lastModified": "2025-01-16T16:15:31.823", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the \"desc\" parameter in setVpnAccountCfg." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que TOTOLINK X5000R V9.1.0cu.2350_B20230313 conten\u00eda una vulnerabilidad de inyecci\u00f3n de comando del sistema operativo a trav\u00e9s del par\u00e1metro \"desc\" en setVpnAccountCfg." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/tiger5671/Vulnerabilities/blob/main/TOTOLINK%20X5000R/setVpnAccountCfg/setVpnAccountCfg.md", diff --git a/CVE-2024/CVE-2024-570xx/CVE-2024-57019.json b/CVE-2024/CVE-2024-570xx/CVE-2024-57019.json index e156ab38a81..151f62ccaf7 100644 --- a/CVE-2024/CVE-2024-570xx/CVE-2024-57019.json +++ b/CVE-2024/CVE-2024-570xx/CVE-2024-57019.json @@ -2,16 +2,55 @@ "id": "CVE-2024-57019", "sourceIdentifier": "cve@mitre.org", "published": "2025-01-15T17:15:17.797", - "lastModified": "2025-01-15T17:15:17.797", + "lastModified": "2025-01-16T16:15:31.993", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the \"limit\" parameter in setVpnAccountCfg." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que TOTOLINK X5000R V9.1.0cu.2350_B20230313 conten\u00eda una vulnerabilidad de inyecci\u00f3n de comando del sistema operativo a trav\u00e9s del par\u00e1metro \"limit\" en setVpnAccountCfg." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/tiger5671/Vulnerabilities/blob/main/TOTOLINK%20X5000R/setVpnAccountCfg/setVpnAccountCfg.md", diff --git a/CVE-2024/CVE-2024-570xx/CVE-2024-57020.json b/CVE-2024/CVE-2024-570xx/CVE-2024-57020.json index b4f28d29bf8..09d89056daa 100644 --- a/CVE-2024/CVE-2024-570xx/CVE-2024-57020.json +++ b/CVE-2024/CVE-2024-570xx/CVE-2024-57020.json @@ -2,16 +2,55 @@ "id": "CVE-2024-57020", "sourceIdentifier": "cve@mitre.org", "published": "2025-01-15T17:15:17.890", - "lastModified": "2025-01-15T17:15:17.890", + "lastModified": "2025-01-16T16:15:32.180", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the \"sMinute\" parameter in setWiFiScheduleCfg." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que TOTOLINK X5000R V9.1.0cu.2350_B20230313 conten\u00eda una vulnerabilidad de inyecci\u00f3n de comando del sistema operativo a trav\u00e9s del par\u00e1metro \"sMinute\" en setWiFiScheduleCfg." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/tiger5671/Vulnerabilities/blob/main/TOTOLINK%20X5000R/setWiFiScheduleCfg/setWiFiScheduleCfg.md", diff --git a/CVE-2024/CVE-2024-570xx/CVE-2024-57021.json b/CVE-2024/CVE-2024-570xx/CVE-2024-57021.json index 835545f57de..3fd2c2815cc 100644 --- a/CVE-2024/CVE-2024-570xx/CVE-2024-57021.json +++ b/CVE-2024/CVE-2024-570xx/CVE-2024-57021.json @@ -2,16 +2,55 @@ "id": "CVE-2024-57021", "sourceIdentifier": "cve@mitre.org", "published": "2025-01-15T17:15:17.987", - "lastModified": "2025-01-15T17:15:17.987", + "lastModified": "2025-01-16T16:15:32.353", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the \"eHour\" parameter in setWiFiScheduleCfg." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que TOTOLINK X5000R V9.1.0cu.2350_B20230313 conten\u00eda una vulnerabilidad de inyecci\u00f3n de comando del sistema operativo a trav\u00e9s del par\u00e1metro \"eHour\" en setWiFiScheduleCfg." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/tiger5671/Vulnerabilities/blob/main/TOTOLINK%20X5000R/setWiFiScheduleCfg/setWiFiScheduleCfg.md", diff --git a/CVE-2024/CVE-2024-570xx/CVE-2024-57022.json b/CVE-2024/CVE-2024-570xx/CVE-2024-57022.json index 50b90bb30b5..06a6a63067c 100644 --- a/CVE-2024/CVE-2024-570xx/CVE-2024-57022.json +++ b/CVE-2024/CVE-2024-570xx/CVE-2024-57022.json @@ -2,16 +2,55 @@ "id": "CVE-2024-57022", "sourceIdentifier": "cve@mitre.org", "published": "2025-01-15T17:15:18.083", - "lastModified": "2025-01-15T17:15:18.083", + "lastModified": "2025-01-16T16:15:32.530", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the \"sHour\" parameter in setWiFiScheduleCfg." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que TOTOLINK X5000R V9.1.0cu.2350_B20230313 conten\u00eda una vulnerabilidad de inyecci\u00f3n de comando del sistema operativo a trav\u00e9s del par\u00e1metro \"sHour\" en setWiFiScheduleCfg." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/tiger5671/Vulnerabilities/blob/main/TOTOLINK%20X5000R/setWiFiScheduleCfg/setWiFiScheduleCfg.md", diff --git a/CVE-2024/CVE-2024-571xx/CVE-2024-57159.json b/CVE-2024/CVE-2024-571xx/CVE-2024-57159.json new file mode 100644 index 00000000000..2c8241c1756 --- /dev/null +++ b/CVE-2024/CVE-2024-571xx/CVE-2024-57159.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-57159", + "sourceIdentifier": "cve@mitre.org", + "published": "2025-01-16T16:15:32.700", + "lastModified": "2025-01-16T16:15:32.700", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via /erp.07fly.net:80/oa/OaWorkReport/add.html." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/1091101/yang.xian/tree/main/6/readme.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-571xx/CVE-2024-57160.json b/CVE-2024/CVE-2024-571xx/CVE-2024-57160.json new file mode 100644 index 00000000000..cec2a44f9ff --- /dev/null +++ b/CVE-2024/CVE-2024-571xx/CVE-2024-57160.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-57160", + "sourceIdentifier": "cve@mitre.org", + "published": "2025-01-16T16:15:32.817", + "lastModified": "2025-01-16T16:15:32.817", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via /erp.07fly.net:80/oa/OaTask/edit.html." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/1091101/yang.xian/tree/main/7/readme.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-571xx/CVE-2024-57161.json b/CVE-2024/CVE-2024-571xx/CVE-2024-57161.json new file mode 100644 index 00000000000..dd3442786ae --- /dev/null +++ b/CVE-2024/CVE-2024-571xx/CVE-2024-57161.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-57161", + "sourceIdentifier": "cve@mitre.org", + "published": "2025-01-16T16:15:32.937", + "lastModified": "2025-01-16T16:15:32.937", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via /erp.07fly.net:80/oa/OaWorkReport/edit.html" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/1091101/yang.xian/tree/main/8/readme.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-571xx/CVE-2024-57162.json b/CVE-2024/CVE-2024-571xx/CVE-2024-57162.json new file mode 100644 index 00000000000..37ea592cbe1 --- /dev/null +++ b/CVE-2024/CVE-2024-571xx/CVE-2024-57162.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-57162", + "sourceIdentifier": "cve@mitre.org", + "published": "2025-01-16T16:15:33.063", + "lastModified": "2025-01-16T16:15:33.063", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Campcodes Cybercafe Management System v1.0 is vulnerable to SQL Injection in /ccms/view-user-detail.php." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/h1-wh0areu/bug_report/blob/main/cybercafe-management-system/SQLi-1.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-574xx/CVE-2024-57473.json b/CVE-2024/CVE-2024-574xx/CVE-2024-57473.json index 53b65947c5c..9c340bc58c3 100644 --- a/CVE-2024/CVE-2024-574xx/CVE-2024-57473.json +++ b/CVE-2024/CVE-2024-574xx/CVE-2024-57473.json @@ -2,16 +2,55 @@ "id": "CVE-2024-57473", "sourceIdentifier": "cve@mitre.org", "published": "2025-01-14T23:15:08.953", - "lastModified": "2025-01-14T23:15:08.953", + "lastModified": "2025-01-16T16:15:33.183", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification in the mac address editing function. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands by sending a POST request to /bin/webs." + }, + { + "lang": "es", + "value": " H3C N12 V100R005 contiene una vulnerabilidad de desbordamiento de b\u00fafer debido a la falta de verificaci\u00f3n de longitud en la funci\u00f3n de edici\u00f3n de direcciones MAC. Los atacantes que aprovechen esta vulnerabilidad con \u00e9xito pueden provocar que el dispositivo de destino remoto se bloquee o ejecute comandos arbitrarios enviando una solicitud POST a /bin/webs." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] } ], - "metrics": {}, "references": [ { "url": "http://h3c.com", diff --git a/CVE-2024/CVE-2024-574xx/CVE-2024-57479.json b/CVE-2024/CVE-2024-574xx/CVE-2024-57479.json index 1b3ce3ee057..bcf24ee6eb4 100644 --- a/CVE-2024/CVE-2024-574xx/CVE-2024-57479.json +++ b/CVE-2024/CVE-2024-574xx/CVE-2024-57479.json @@ -2,16 +2,55 @@ "id": "CVE-2024-57479", "sourceIdentifier": "cve@mitre.org", "published": "2025-01-14T22:15:28.377", - "lastModified": "2025-01-14T22:15:28.377", + "lastModified": "2025-01-16T16:15:33.360", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification in the mac address update function. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands by sending a POST request to /bin/webs." + }, + { + "lang": "es", + "value": " H3C N12 V100R005 contiene una vulnerabilidad de desbordamiento de b\u00fafer debido a la falta de verificaci\u00f3n de longitud en la funci\u00f3n de actualizaci\u00f3n de la direcci\u00f3n MAC. Los atacantes que aprovechen esta vulnerabilidad con \u00e9xito pueden provocar que el dispositivo de destino remoto se bloquee o ejecute comandos arbitrarios enviando una solicitud POST a /bin/webs." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] } ], - "metrics": {}, "references": [ { "url": "http://h3c.com", diff --git a/CVE-2024/CVE-2024-574xx/CVE-2024-57480.json b/CVE-2024/CVE-2024-574xx/CVE-2024-57480.json index a864eb1df66..de71520dc42 100644 --- a/CVE-2024/CVE-2024-574xx/CVE-2024-57480.json +++ b/CVE-2024/CVE-2024-574xx/CVE-2024-57480.json @@ -2,16 +2,55 @@ "id": "CVE-2024-57480", "sourceIdentifier": "cve@mitre.org", "published": "2025-01-14T22:15:28.510", - "lastModified": "2025-01-14T22:15:28.510", + "lastModified": "2025-01-16T16:15:33.530", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification in the AP configuration function. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands by sending a POST request to /bin/webs." + }, + { + "lang": "es", + "value": "H3C N12 V100R005 contiene una vulnerabilidad de desbordamiento de b\u00fafer debido a la falta de verificaci\u00f3n de longitud en la funci\u00f3n de configuraci\u00f3n de AP. Los atacantes que aprovechen esta vulnerabilidad con \u00e9xito pueden provocar que el dispositivo de destino remoto se bloquee o ejecute comandos arbitrarios enviando una solicitud POST a /bin/webs." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] } ], - "metrics": {}, "references": [ { "url": "http://h3c.com", diff --git a/CVE-2024/CVE-2024-574xx/CVE-2024-57483.json b/CVE-2024/CVE-2024-574xx/CVE-2024-57483.json index e109f28f775..f4cf4786f5e 100644 --- a/CVE-2024/CVE-2024-574xx/CVE-2024-57483.json +++ b/CVE-2024/CVE-2024-574xx/CVE-2024-57483.json @@ -2,16 +2,55 @@ "id": "CVE-2024-57483", "sourceIdentifier": "cve@mitre.org", "published": "2025-01-14T23:15:09.060", - "lastModified": "2025-01-14T23:15:09.060", + "lastModified": "2025-01-16T16:15:33.710", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Tenda i24 V2.0.0.5 is vulnerable to Buffer Overflow in the addWifiMacFilter function." + }, + { + "lang": "es", + "value": "Tenda i24 V2.0.0.5 es vulnerable a un desbordamiento de b\u00fafer en la funci\u00f3n addWifiMacFilter." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] } ], - "metrics": {}, "references": [ { "url": "http://tenda.com", diff --git a/CVE-2024/CVE-2024-576xx/CVE-2024-57611.json b/CVE-2024/CVE-2024-576xx/CVE-2024-57611.json new file mode 100644 index 00000000000..32f9b19b6b8 --- /dev/null +++ b/CVE-2024/CVE-2024-576xx/CVE-2024-57611.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-57611", + "sourceIdentifier": "cve@mitre.org", + "published": "2025-01-16T16:15:33.893", + "lastModified": "2025-01-16T16:15:33.893", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via admin/doAdminAction.php?act=editShop&shopId." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/daodaoshao/Yunpeng-Yin/tree/main/7/readme.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-576xx/CVE-2024-57643.json b/CVE-2024/CVE-2024-576xx/CVE-2024-57643.json index 08c2ecb12ce..2e4a224bd74 100644 --- a/CVE-2024/CVE-2024-576xx/CVE-2024-57643.json +++ b/CVE-2024/CVE-2024-576xx/CVE-2024-57643.json @@ -2,16 +2,55 @@ "id": "CVE-2024-57643", "sourceIdentifier": "cve@mitre.org", "published": "2025-01-14T01:15:12.980", - "lastModified": "2025-01-14T01:15:12.980", - "vulnStatus": "Received", + "lastModified": "2025-01-16T16:15:34.030", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in the box_deserialize_string component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements." + }, + { + "lang": "es", + "value": " Un problema en el componente box_deserialize_string de openlink virtuoso-opensource v7.2.11 permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) a trav\u00e9s de declaraciones SQL manipuladas." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/openlink/virtuoso-opensource/issues/1181", diff --git a/CVE-2024/CVE-2024-576xx/CVE-2024-57655.json b/CVE-2024/CVE-2024-576xx/CVE-2024-57655.json index be2b3bf55c2..124d8d8311c 100644 --- a/CVE-2024/CVE-2024-576xx/CVE-2024-57655.json +++ b/CVE-2024/CVE-2024-576xx/CVE-2024-57655.json @@ -2,16 +2,55 @@ "id": "CVE-2024-57655", "sourceIdentifier": "cve@mitre.org", "published": "2025-01-14T01:15:14.317", - "lastModified": "2025-01-14T01:15:14.317", - "vulnStatus": "Received", + "lastModified": "2025-01-16T16:15:34.243", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in the dfe_n_in_order component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements." + }, + { + "lang": "es", + "value": " Un problema en el componente dfe_n_in_order de openlink virtuoso-opensource v7.2.11 permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) a trav\u00e9s de declaraciones SQL manipuladas." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/openlink/virtuoso-opensource/issues/1216", diff --git a/CVE-2024/CVE-2024-576xx/CVE-2024-57656.json b/CVE-2024/CVE-2024-576xx/CVE-2024-57656.json index 2a189a94470..e314a431c32 100644 --- a/CVE-2024/CVE-2024-576xx/CVE-2024-57656.json +++ b/CVE-2024/CVE-2024-576xx/CVE-2024-57656.json @@ -2,16 +2,55 @@ "id": "CVE-2024-57656", "sourceIdentifier": "cve@mitre.org", "published": "2025-01-14T01:15:14.417", - "lastModified": "2025-01-14T01:15:14.417", - "vulnStatus": "Received", + "lastModified": "2025-01-16T16:15:34.417", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in the sqlc_add_distinct_node component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements." + }, + { + "lang": "es", + "value": "Un problema en el componente sqlc_add_distinct_node de openlink virtuoso-opensource v7.2.11 permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) a trav\u00e9s de declaraciones SQL manipuladas." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/openlink/virtuoso-opensource/issues/1210", diff --git a/CVE-2024/CVE-2024-576xx/CVE-2024-57657.json b/CVE-2024/CVE-2024-576xx/CVE-2024-57657.json index 7244d497df4..cf3eb39fbb1 100644 --- a/CVE-2024/CVE-2024-576xx/CVE-2024-57657.json +++ b/CVE-2024/CVE-2024-576xx/CVE-2024-57657.json @@ -2,16 +2,55 @@ "id": "CVE-2024-57657", "sourceIdentifier": "cve@mitre.org", "published": "2025-01-14T01:15:14.530", - "lastModified": "2025-01-14T01:15:14.530", - "vulnStatus": "Received", + "lastModified": "2025-01-16T16:15:34.600", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in the sqlg_vec_upd component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements." + }, + { + "lang": "es", + "value": " Un problema en el componente sqlg_vec_upd de openlink virtuoso-opensource v7.2.11 permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) a trav\u00e9s de declaraciones SQL manipuladas." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/openlink/virtuoso-opensource/issues/1219", diff --git a/CVE-2024/CVE-2024-576xx/CVE-2024-57658.json b/CVE-2024/CVE-2024-576xx/CVE-2024-57658.json index c2a35b0444c..217afc73628 100644 --- a/CVE-2024/CVE-2024-576xx/CVE-2024-57658.json +++ b/CVE-2024/CVE-2024-576xx/CVE-2024-57658.json @@ -2,16 +2,55 @@ "id": "CVE-2024-57658", "sourceIdentifier": "cve@mitre.org", "published": "2025-01-14T01:15:14.650", - "lastModified": "2025-01-14T01:15:14.650", - "vulnStatus": "Received", + "lastModified": "2025-01-16T16:15:34.770", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in the sql_tree_hash_1 component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements." + }, + { + "lang": "es", + "value": " Un problema en el componente sql_tree_hash_1 de openlink virtuoso-opensource v7.2.11 permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) a trav\u00e9s de declaraciones SQL manipuladas." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/openlink/virtuoso-opensource/issues/1209", diff --git a/CVE-2024/CVE-2024-576xx/CVE-2024-57660.json b/CVE-2024/CVE-2024-576xx/CVE-2024-57660.json index 276702c7190..d69fe41530b 100644 --- a/CVE-2024/CVE-2024-576xx/CVE-2024-57660.json +++ b/CVE-2024/CVE-2024-576xx/CVE-2024-57660.json @@ -2,16 +2,55 @@ "id": "CVE-2024-57660", "sourceIdentifier": "cve@mitre.org", "published": "2025-01-14T01:15:14.860", - "lastModified": "2025-01-14T01:15:14.860", - "vulnStatus": "Received", + "lastModified": "2025-01-16T16:15:34.947", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in the sqlo_expand_jts component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements." + }, + { + "lang": "es", + "value": " Un problema en el componente sqlo_expand_jts de openlink virtuoso-opensource v7.2.11 permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) a trav\u00e9s de declaraciones SQL manipuladas." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/openlink/virtuoso-opensource/issues/1221", diff --git a/CVE-2024/CVE-2024-577xx/CVE-2024-57799.json b/CVE-2024/CVE-2024-577xx/CVE-2024-57799.json index 8bd77dee213..2658f53139d 100644 --- a/CVE-2024/CVE-2024-577xx/CVE-2024-57799.json +++ b/CVE-2024/CVE-2024-577xx/CVE-2024-57799.json @@ -2,24 +2,108 @@ "id": "CVE-2024-57799", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2025-01-11T13:15:29.910", - "lastModified": "2025-01-11T13:15:29.910", - "vulnStatus": "Received", + "lastModified": "2025-01-16T15:19:18.117", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nphy: rockchip: samsung-hdptx: Set drvdata before enabling runtime PM\n\nIn some cases, rk_hdptx_phy_runtime_resume() may be invoked before\nplatform_set_drvdata() is executed in ->probe(), leading to a NULL\npointer dereference when using the return of dev_get_drvdata().\n\nEnsure platform_set_drvdata() is called before devm_pm_runtime_enable()." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: phy: rockchip: samsung-hdptx: Establecer drvdata antes de habilitar el PM en tiempo de ejecuci\u00f3n En algunos casos, se puede invocar rk_hdptx_phy_runtime_resume() antes de que se ejecute platform_set_drvdata() en ->probe(), lo que genera una desreferencia de puntero NULL cuando se usa el retorno de dev_get_drvdata(). Aseg\u00farese de que se llame a platform_set_drvdata() antes de devm_pm_runtime_enable()." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.9", + "versionEndExcluding": "6.12.8", + "matchCriteriaId": "D51EFDB8-F0AA-488A-A106-12E46241442C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc1:*:*:*:*:*:*", + "matchCriteriaId": "62567B3C-6CEE-46D0-BC2E-B3717FBF7D13" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc2:*:*:*:*:*:*", + "matchCriteriaId": "5A073481-106D-4B15-B4C7-FB0213B8E1D4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc3:*:*:*:*:*:*", + "matchCriteriaId": "DE491969-75AE-4A6B-9A58-8FC5AF98798F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc4:*:*:*:*:*:*", + "matchCriteriaId": "93C0660D-7FB8-4FBA-892A-B064BA71E49E" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://git.kernel.org/stable/c/7061849a4a1752a06944a819dd1f7bfd58df7383", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9d23e48654620fdccfcc74cc2cef04eaf7353d07", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-578xx/CVE-2024-57807.json b/CVE-2024/CVE-2024-578xx/CVE-2024-57807.json index 4f52f4560f8..d6db76fad54 100644 --- a/CVE-2024/CVE-2024-578xx/CVE-2024-57807.json +++ b/CVE-2024/CVE-2024-578xx/CVE-2024-57807.json @@ -2,44 +2,162 @@ "id": "CVE-2024-57807", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2025-01-11T13:15:30.790", - "lastModified": "2025-01-11T13:15:30.790", - "vulnStatus": "Received", + "lastModified": "2025-01-16T15:19:34.147", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: megaraid_sas: Fix for a potential deadlock\n\nThis fixes a 'possible circular locking dependency detected' warning\n CPU0 CPU1\n ---- ----\n lock(&instance->reset_mutex);\n lock(&shost->scan_mutex);\n lock(&instance->reset_mutex);\n lock(&shost->scan_mutex);\n\nFix this by temporarily releasing the reset_mutex." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: scsi: megaraid_sas: Correcci\u00f3n de un posible bloqueo Esto corrige una advertencia de \"posible dependencia de bloqueo circular detectada\" CPU0 CPU1 ---- ---- lock(&instance->reset_mutex); lock(&shost->scan_mutex); lock(&instance->reset_mutex); lock(&shost->scan_mutex); Solucione esto liberando temporalmente el reset_mutex." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-667" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.4.289", + "matchCriteriaId": "EA819787-BFBA-4C7B-80F4-E74FF26CFE9A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.233", + "matchCriteriaId": "44569A17-FE4C-4BE3-9C0C-74AC54C7B51B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.176", + "matchCriteriaId": "DDBD8FC6-2357-4347-BFA1-B4A4A3039F35" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.123", + "matchCriteriaId": "C6F5378E-B1C8-402E-A256-91DD0F6C30C8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.2", + "versionEndExcluding": "6.6.69", + "matchCriteriaId": "EF18E3CB-058C-4836-B36D-8073F1C09977" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.7", + "versionEndExcluding": "6.12.8", + "matchCriteriaId": "E79883DD-75BE-4DA9-B4EC-AC6DE63BD438" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc1:*:*:*:*:*:*", + "matchCriteriaId": "62567B3C-6CEE-46D0-BC2E-B3717FBF7D13" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://git.kernel.org/stable/c/3c654998a3e8167a58b6c6fede545fe400a4b554", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/466ca39dbf5d0ba71c16b15c27478a9c7d4022a8", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/50740f4dc78b41dec7c8e39772619d5ba841ddd7", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/78afb9bfad00c4aa58a424111d7edbcab9452f2b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/edadc693bfcc0f1ea08b8fa041c9361fd042410d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f36d024bd15ed356a80dda3ddc46d0a62aa55815", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f50783148ec98a1d38b87422e2ceaf2380b7b606", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-578xx/CVE-2024-57872.json b/CVE-2024/CVE-2024-578xx/CVE-2024-57872.json index 575d3886fcf..ea8b7126d05 100644 --- a/CVE-2024/CVE-2024-578xx/CVE-2024-57872.json +++ b/CVE-2024/CVE-2024-578xx/CVE-2024-57872.json @@ -2,24 +2,93 @@ "id": "CVE-2024-57872", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2025-01-11T15:15:07.560", - "lastModified": "2025-01-11T15:15:07.560", - "vulnStatus": "Received", + "lastModified": "2025-01-16T15:19:51.637", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: pltfrm: Dellocate HBA during ufshcd_pltfrm_remove()\n\nThis will ensure that the scsi host is cleaned up properly using\nscsi_host_dev_release(). Otherwise, it may lead to memory leaks." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: scsi: ufs: pltfrm: Deslocalizar HBA durante ufshcd_pltfrm_remove() Esto garantizar\u00e1 que el host SCSI se limpie correctamente mediante scsi_host_dev_release(). De lo contrario, puede provocar fugas de memoria." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-401" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.10", + "versionEndExcluding": "6.12.5", + "matchCriteriaId": "EB9AEFE7-5491-4ADF-BFA6-5F06993B617A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc1:*:*:*:*:*:*", + "matchCriteriaId": "62567B3C-6CEE-46D0-BC2E-B3717FBF7D13" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://git.kernel.org/stable/c/897df60c16d54ad515a3d0887edab5c63da06d1f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/cd188519d2467ab4c2141587b0551ba030abff0e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-578xx/CVE-2024-57881.json b/CVE-2024/CVE-2024-578xx/CVE-2024-57881.json index 0466af2db3e..2f7fe05f91a 100644 --- a/CVE-2024/CVE-2024-578xx/CVE-2024-57881.json +++ b/CVE-2024/CVE-2024-578xx/CVE-2024-57881.json @@ -2,24 +2,103 @@ "id": "CVE-2024-57881", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2025-01-11T16:15:24.307", - "lastModified": "2025-01-11T16:15:24.307", - "vulnStatus": "Received", + "lastModified": "2025-01-16T15:20:10.900", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/page_alloc: don't call pfn_to_page() on possibly non-existent PFN in split_large_buddy()\n\nIn split_large_buddy(), we might call pfn_to_page() on a PFN that might\nnot exist. In corner cases, such as when freeing the highest pageblock in\nthe last memory section, this could result with CONFIG_SPARSEMEM &&\n!CONFIG_SPARSEMEM_EXTREME in __pfn_to_section() returning NULL and and\n__section_mem_map_addr() dereferencing that NULL pointer.\n\nLet's fix it, and avoid doing a pfn_to_page() call for the first\niteration, where we already have the page.\n\nSo far this was found by code inspection, but let's just CC stable as the\nfix is easy." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mm/page_alloc: no llamar a pfn_to_page() en PFN posiblemente inexistente en split_large_buddy() En split_large_buddy(), podr\u00edamos llamar a pfn_to_page() en un PFN que podr\u00eda no existir. En casos especiales, como al liberar el bloque de p\u00e1gina m\u00e1s alto en la \u00faltima secci\u00f3n de memoria, esto podr\u00eda resultar en que CONFIG_SPARSEMEM && !CONFIG_SPARSEMEM_EXTREME en __pfn_to_section() devuelva NULL y __section_mem_map_addr() desreferenciando ese puntero NULL. Vamos a solucionarlo y evitar hacer una llamada a pfn_to_page() para la primera iteraci\u00f3n, donde ya tenemos la p\u00e1gina. Hasta ahora esto se encontr\u00f3 mediante inspecci\u00f3n de c\u00f3digo, pero simplemente controlemos CC estable ya que la soluci\u00f3n es f\u00e1cil." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.10", + "versionEndExcluding": "6.12.7", + "matchCriteriaId": "DCCD8BD3-5C46-4941-B3DF-2AA3E532D3D6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc1:*:*:*:*:*:*", + "matchCriteriaId": "62567B3C-6CEE-46D0-BC2E-B3717FBF7D13" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc2:*:*:*:*:*:*", + "matchCriteriaId": "5A073481-106D-4B15-B4C7-FB0213B8E1D4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc3:*:*:*:*:*:*", + "matchCriteriaId": "DE491969-75AE-4A6B-9A58-8FC5AF98798F" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://git.kernel.org/stable/c/4234ca9884bcae9e48ed38652d91696ad5cd591d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/faeec8e23c10bd30e8aa759a2eb3018dae00f924", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-58xx/CVE-2024-5806.json b/CVE-2024/CVE-2024-58xx/CVE-2024-5806.json index 3246d818a66..de53cd4bbe1 100644 --- a/CVE-2024/CVE-2024-58xx/CVE-2024-5806.json +++ b/CVE-2024/CVE-2024-58xx/CVE-2024-5806.json @@ -2,8 +2,8 @@ "id": "CVE-2024-5806", "sourceIdentifier": "security@progress.com", "published": "2024-06-25T15:15:15.850", - "lastModified": "2024-11-21T09:48:21.940", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-01-16T16:57:19.660", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 5.2 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 } ] }, @@ -49,24 +69,77 @@ "value": "CWE-287" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:progress:moveit_transfer:*:*:*:*:*:*:*:*", + "versionStartIncluding": "2023.0.0", + "versionEndExcluding": "2023.0.11", + "matchCriteriaId": "CE0C8A3C-3670-4DE2-8479-1C55CB376AFF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:progress:moveit_transfer:*:*:*:*:*:*:*:*", + "versionStartIncluding": "2023.1.0", + "versionEndExcluding": "2023.1.6", + "matchCriteriaId": "C0AB12F4-1C2D-46EB-B580-2433B8EEF20C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:progress:moveit_transfer:2024.0.0:*:*:*:*:*:*:*", + "matchCriteriaId": "B2CA3EC7-A597-40D6-AFC1-CEAF7D25D5D5" + } + ] + } + ] } ], "references": [ { "url": "https://community.progress.com/s/article/MOVEit-Transfer-Product-Security-Alert-Bulletin-June-2024-CVE-2024-5806", - "source": "security@progress.com" + "source": "security@progress.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.progress.com/moveit", - "source": "security@progress.com" + "source": "security@progress.com", + "tags": [ + "Product" + ] }, { "url": "https://community.progress.com/s/article/MOVEit-Transfer-Product-Security-Alert-Bulletin-June-2024-CVE-2024-5806", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.progress.com/moveit", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-64xx/CVE-2024-6455.json b/CVE-2024/CVE-2024-64xx/CVE-2024-6455.json index fa29fb3bc18..8c4e00e4ea8 100644 --- a/CVE-2024/CVE-2024-64xx/CVE-2024-6455.json +++ b/CVE-2024/CVE-2024-64xx/CVE-2024-6455.json @@ -2,8 +2,8 @@ "id": "CVE-2024-6455", "sourceIdentifier": "security@wordfence.com", "published": "2024-07-18T21:15:02.683", - "lastModified": "2024-11-21T09:49:41.223", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-01-16T15:06:56.973", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -49,24 +49,64 @@ "value": "CWE-200" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wpmet:elements_kit_elementor_addons:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "3.2.1", + "matchCriteriaId": "4477F01F-592F-48F2-8D39-8B5210AB4B56" + } + ] + } + ] } ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/elementskit-lite/tags/3.2.0/modules/controls/widget-area-utils.php#L15", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7c336530-09b2-4ead-923f-f1a6266e3e8e?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://plugins.trac.wordpress.org/browser/elementskit-lite/tags/3.2.0/modules/controls/widget-area-utils.php#L15", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Product" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7c336530-09b2-4ead-923f-f1a6266e3e8e?source=cve", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-89xx/CVE-2024-8902.json b/CVE-2024/CVE-2024-89xx/CVE-2024-8902.json index b381553fa2f..5f1525fdc79 100644 --- a/CVE-2024/CVE-2024-89xx/CVE-2024-8902.json +++ b/CVE-2024/CVE-2024-89xx/CVE-2024-8902.json @@ -2,8 +2,8 @@ "id": "CVE-2024-8902", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-12T10:15:03.810", - "lastModified": "2024-10-15T12:57:46.880", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2025-01-16T15:23:21.513", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,29 +36,83 @@ }, "exploitabilityScore": 2.8, "impactScore": 1.4 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 } ] }, "weaknesses": [ { "source": "security@wordfence.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", "value": "CWE-200" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:webtechstreet:elementor_addon_elements:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "1.13.9", + "matchCriteriaId": "30846602-02F5-477F-AEAE-9903D66D1590" + } + ] + } + ] } ], "references": [ { "url": "https://plugins.trac.wordpress.org/changeset/3163899/addon-elements-for-elementor-page-builder", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7317ecf5-d43d-4080-ad2a-7644764dd41e?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-04xx/CVE-2025-0488.json b/CVE-2025/CVE-2025-04xx/CVE-2025-0488.json index 195823b6afe..1507cf0c135 100644 --- a/CVE-2025/CVE-2025-04xx/CVE-2025-0488.json +++ b/CVE-2025/CVE-2025-04xx/CVE-2025-0488.json @@ -2,13 +2,17 @@ "id": "CVE-2025-0488", "sourceIdentifier": "cna@vuldb.com", "published": "2025-01-15T21:15:15.380", - "lastModified": "2025-01-15T21:15:15.380", + "lastModified": "2025-01-16T16:15:35.347", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability classified as critical has been found in Fanli2012 native-php-cms 1.0. This affects an unknown part of the file product_list.php. The manipulation of the argument cat leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en Fanli2012 native-php-cms 1.0. Afecta a una parte desconocida del archivo product_list.php. La manipulaci\u00f3n del argumento cat provoca una inyecci\u00f3n SQL. Es posible iniciar el ataque de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse." } ], "metrics": { @@ -107,7 +111,7 @@ "weaknesses": [ { "source": "cna@vuldb.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -140,6 +144,14 @@ { "url": "https://vuldb.com/?submit.475255", "source": "cna@vuldb.com" + }, + { + "url": "https://github.com/Fanli2012/native-php-cms/issues/10", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" + }, + { + "url": "https://github.com/Fanli2012/native-php-cms/issues/10#issue-2769983658", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-04xx/CVE-2025-0489.json b/CVE-2025/CVE-2025-04xx/CVE-2025-0489.json index 6a3825c7216..01479e01cf7 100644 --- a/CVE-2025/CVE-2025-04xx/CVE-2025-0489.json +++ b/CVE-2025/CVE-2025-04xx/CVE-2025-0489.json @@ -2,13 +2,17 @@ "id": "CVE-2025-0489", "sourceIdentifier": "cna@vuldb.com", "published": "2025-01-15T22:15:26.660", - "lastModified": "2025-01-15T22:15:26.660", + "lastModified": "2025-01-16T16:15:35.517", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability classified as critical was found in Fanli2012 native-php-cms 1.0. This vulnerability affects unknown code of the file /fladmin/friendlink_dodel.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en Fanli2012 native-php-cms 1.0. Esta vulnerabilidad afecta al c\u00f3digo desconocido del archivo /fladmin/friendlink_dodel.php. La manipulaci\u00f3n del argumento id conduce a una inyecci\u00f3n SQL. El ataque puede iniciarse de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse." } ], "metrics": { @@ -107,7 +111,7 @@ "weaknesses": [ { "source": "cna@vuldb.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -140,6 +144,14 @@ { "url": "https://vuldb.com/?submit.475256", "source": "cna@vuldb.com" + }, + { + "url": "https://github.com/Fanli2012/native-php-cms/issues/11", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" + }, + { + "url": "https://github.com/Fanli2012/native-php-cms/issues/11#issue-2769999157", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-04xx/CVE-2025-0490.json b/CVE-2025/CVE-2025-04xx/CVE-2025-0490.json index f9fbf7d16e0..1491d2eef66 100644 --- a/CVE-2025/CVE-2025-04xx/CVE-2025-0490.json +++ b/CVE-2025/CVE-2025-04xx/CVE-2025-0490.json @@ -2,13 +2,17 @@ "id": "CVE-2025-0490", "sourceIdentifier": "cna@vuldb.com", "published": "2025-01-15T22:15:26.820", - "lastModified": "2025-01-15T22:15:26.820", + "lastModified": "2025-01-16T16:15:35.653", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability, which was classified as critical, has been found in Fanli2012 native-php-cms 1.0. This issue affects some unknown processing of the file /fladmin/article_dodel.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": " Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en Fanli2012 native-php-cms 1.0. Este problema afecta a algunos procesos desconocidos del archivo /fladmin/article_dodel.php. La manipulaci\u00f3n del argumento id provoca una inyecci\u00f3n SQL. El ataque puede iniciarse de forma remota. La vulnerabilidad se ha hecho p\u00fablica y puede utilizarse." } ], "metrics": { @@ -107,7 +111,7 @@ "weaknesses": [ { "source": "cna@vuldb.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -140,6 +144,14 @@ { "url": "https://vuldb.com/?submit.475258", "source": "cna@vuldb.com" + }, + { + "url": "https://github.com/Fanli2012/native-php-cms/issues/12", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" + }, + { + "url": "https://github.com/Fanli2012/native-php-cms/issues/12#issue-2770013163", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0" } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-229xx/CVE-2025-22905.json b/CVE-2025/CVE-2025-229xx/CVE-2025-22905.json index e222c3c0f8d..22785fe92f3 100644 --- a/CVE-2025/CVE-2025-229xx/CVE-2025-22905.json +++ b/CVE-2025/CVE-2025-229xx/CVE-2025-22905.json @@ -2,7 +2,7 @@ "id": "CVE-2025-22905", "sourceIdentifier": "cve@mitre.org", "published": "2025-01-16T03:15:06.430", - "lastModified": "2025-01-16T03:15:06.430", + "lastModified": "2025-01-16T15:15:15.180", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -15,7 +15,42 @@ "value": " Se descubri\u00f3 que RE11S v1.11 conten\u00eda una vulnerabilidad de inyecci\u00f3n de comandos a trav\u00e9s del par\u00e1metro command en /goform/mp." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], "references": [ { "url": "http://re11s.com", diff --git a/CVE-2025/CVE-2025-229xx/CVE-2025-22906.json b/CVE-2025/CVE-2025-229xx/CVE-2025-22906.json index 6dfd443703f..6ba06ec6be3 100644 --- a/CVE-2025/CVE-2025-229xx/CVE-2025-22906.json +++ b/CVE-2025/CVE-2025-229xx/CVE-2025-22906.json @@ -2,7 +2,7 @@ "id": "CVE-2025-22906", "sourceIdentifier": "cve@mitre.org", "published": "2025-01-16T03:15:06.530", - "lastModified": "2025-01-16T03:15:06.530", + "lastModified": "2025-01-16T15:15:15.357", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -15,7 +15,42 @@ "value": " Se descubri\u00f3 que RE11S v1.11 conten\u00eda una vulnerabilidad de inyecci\u00f3n de comandos a trav\u00e9s del par\u00e1metro L2TPUserName en /goform/setWAN." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], "references": [ { "url": "http://re11s.com", diff --git a/CVE-2025/CVE-2025-229xx/CVE-2025-22907.json b/CVE-2025/CVE-2025-229xx/CVE-2025-22907.json index 9fd5e9529a1..b516057c583 100644 --- a/CVE-2025/CVE-2025-229xx/CVE-2025-22907.json +++ b/CVE-2025/CVE-2025-229xx/CVE-2025-22907.json @@ -2,7 +2,7 @@ "id": "CVE-2025-22907", "sourceIdentifier": "cve@mitre.org", "published": "2025-01-16T03:15:06.630", - "lastModified": "2025-01-16T03:15:06.630", + "lastModified": "2025-01-16T15:15:15.547", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -15,7 +15,42 @@ "value": "Se descubri\u00f3 que RE11S v1.11 contiene un desbordamiento de pila a trav\u00e9s del par\u00e1metro selSSID en la funci\u00f3n formWlSiteSurvey." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], "references": [ { "url": "http://re11s.com", diff --git a/CVE-2025/CVE-2025-229xx/CVE-2025-22912.json b/CVE-2025/CVE-2025-229xx/CVE-2025-22912.json index e4c4d5453f5..62b09651ef4 100644 --- a/CVE-2025/CVE-2025-229xx/CVE-2025-22912.json +++ b/CVE-2025/CVE-2025-229xx/CVE-2025-22912.json @@ -2,7 +2,7 @@ "id": "CVE-2025-22912", "sourceIdentifier": "cve@mitre.org", "published": "2025-01-16T03:15:06.723", - "lastModified": "2025-01-16T03:15:06.723", + "lastModified": "2025-01-16T15:15:15.717", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -15,7 +15,42 @@ "value": " Se descubri\u00f3 que RE11S v1.11 conten\u00eda una vulnerabilidad de inyecci\u00f3n de comandos a trav\u00e9s del componente /goform/formAccept." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], "references": [ { "url": "http://re11s.com", diff --git a/CVE-2025/CVE-2025-229xx/CVE-2025-22913.json b/CVE-2025/CVE-2025-229xx/CVE-2025-22913.json index 8300f8db771..9f362289af6 100644 --- a/CVE-2025/CVE-2025-229xx/CVE-2025-22913.json +++ b/CVE-2025/CVE-2025-229xx/CVE-2025-22913.json @@ -2,7 +2,7 @@ "id": "CVE-2025-22913", "sourceIdentifier": "cve@mitre.org", "published": "2025-01-16T03:15:06.850", - "lastModified": "2025-01-16T03:15:06.850", + "lastModified": "2025-01-16T15:15:15.903", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -15,7 +15,42 @@ "value": " Se descubri\u00f3 que RE11S v1.11 contiene un desbordamiento de pila a trav\u00e9s del par\u00e1metro rootAPmac en la funci\u00f3n formStaDrvSetup." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], "references": [ { "url": "https://github.com/xyqer1/RE11S_1.11-formStaDrvSetup-StackOverflow", diff --git a/CVE-2025/CVE-2025-229xx/CVE-2025-22916.json b/CVE-2025/CVE-2025-229xx/CVE-2025-22916.json index ed8c81fd262..b18147c1e06 100644 --- a/CVE-2025/CVE-2025-229xx/CVE-2025-22916.json +++ b/CVE-2025/CVE-2025-229xx/CVE-2025-22916.json @@ -2,7 +2,7 @@ "id": "CVE-2025-22916", "sourceIdentifier": "cve@mitre.org", "published": "2025-01-16T03:15:06.970", - "lastModified": "2025-01-16T03:15:06.970", + "lastModified": "2025-01-16T15:15:16.113", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -15,7 +15,42 @@ "value": " Se descubri\u00f3 que RE11S v1.11 contiene un desbordamiento de pila a trav\u00e9s del par\u00e1metro pppUserName en la funci\u00f3n formPPPoESetup." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], "references": [ { "url": "http://re11s.com", diff --git a/CVE-2025/CVE-2025-229xx/CVE-2025-22968.json b/CVE-2025/CVE-2025-229xx/CVE-2025-22968.json index ad49c1a0fee..c69a2b7bdc7 100644 --- a/CVE-2025/CVE-2025-229xx/CVE-2025-22968.json +++ b/CVE-2025/CVE-2025-229xx/CVE-2025-22968.json @@ -2,16 +2,55 @@ "id": "CVE-2025-22968", "sourceIdentifier": "cve@mitre.org", "published": "2025-01-15T16:15:42.657", - "lastModified": "2025-01-15T16:15:42.657", + "lastModified": "2025-01-16T16:15:35.917", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in D-Link DWR-M972V 1.05SSG allows a remote attacker to execute arbitrary code via SSH using root account without restrictions" + }, + { + "lang": "es", + "value": "Un problema en D-Link DWR-M972V 1.05SSG permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de SSH utilizando una cuenta root sin restricciones" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/CRUNZEX/CVE-2025-22968", diff --git a/CVE-2025/CVE-2025-230xx/CVE-2025-23081.json b/CVE-2025/CVE-2025-230xx/CVE-2025-23081.json index e7cb4d7550c..fbe5a8824ca 100644 --- a/CVE-2025/CVE-2025-230xx/CVE-2025-23081.json +++ b/CVE-2025/CVE-2025-230xx/CVE-2025-23081.json @@ -2,16 +2,43 @@ "id": "CVE-2025-23081", "sourceIdentifier": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc", "published": "2025-01-14T17:15:21.750", - "lastModified": "2025-01-14T17:15:21.750", - "vulnStatus": "Received", + "lastModified": "2025-01-16T16:15:36.090", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Cross-Site Request Forgery (CSRF), Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - DataTransfer Extension allows Cross Site Request Forgery, Cross-Site Scripting (XSS).This issue affects Mediawiki - DataTransfer Extension: from 1.39.X before 1.39.11, from 1.41.X before 1.41.3, from 1.42.X before 1.42.2." + }, + { + "lang": "es", + "value": "Cross-Site Request Forgery (CSRF), vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web (XSS o 'Cross-site Scripting') en Mediawiki - DataTransfer Extension de Wikimedia Foundation permite Cross Site Request Forgery y Cross-Site Scripting (XSS). Este problema afecta a Mediawiki - DataTransfer Extension: desde 1.39.X hasta 1.39.11, desde 1.41.X hasta 1.41.3, desde 1.42.X hasta 1.42.2." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, "weaknesses": [ { "source": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc", diff --git a/README.md b/README.md index e80f3c62a27..4e4a45dc642 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2025-01-16T15:00:31.822088+00:00 +2025-01-16T17:00:49.520130+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2025-01-16T14:48:55.897000+00:00 +2025-01-16T16:59:39.197000+00:00 ``` ### Last Data Feed Release @@ -33,28 +33,49 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -277647 +277652 ``` ### CVEs added in the last Commit -Recently added CVEs: `3` +Recently added CVEs: `5` -- [CVE-2025-0471](CVE-2025/CVE-2025-04xx/CVE-2025-0471.json) (`2025-01-16T13:15:06.973`) -- [CVE-2025-0472](CVE-2025/CVE-2025-04xx/CVE-2025-0472.json) (`2025-01-16T13:15:07.353`) -- [CVE-2025-0473](CVE-2025/CVE-2025-04xx/CVE-2025-0473.json) (`2025-01-16T13:15:07.540`) +- [CVE-2024-57159](CVE-2024/CVE-2024-571xx/CVE-2024-57159.json) (`2025-01-16T16:15:32.700`) +- [CVE-2024-57160](CVE-2024/CVE-2024-571xx/CVE-2024-57160.json) (`2025-01-16T16:15:32.817`) +- [CVE-2024-57161](CVE-2024/CVE-2024-571xx/CVE-2024-57161.json) (`2025-01-16T16:15:32.937`) +- [CVE-2024-57162](CVE-2024/CVE-2024-571xx/CVE-2024-57162.json) (`2025-01-16T16:15:33.063`) +- [CVE-2024-57611](CVE-2024/CVE-2024-576xx/CVE-2024-57611.json) (`2025-01-16T16:15:33.893`) ### CVEs modified in the last Commit -Recently modified CVEs: `6` +Recently modified CVEs: `128` -- [CVE-2024-1165](CVE-2024/CVE-2024-11xx/CVE-2024-1165.json) (`2025-01-16T14:48:55.897`) -- [CVE-2024-1776](CVE-2024/CVE-2024-17xx/CVE-2024-1776.json) (`2025-01-16T14:34:59.577`) -- [CVE-2024-1777](CVE-2024/CVE-2024-17xx/CVE-2024-1777.json) (`2025-01-16T14:35:48.920`) -- [CVE-2024-1778](CVE-2024/CVE-2024-17xx/CVE-2024-1778.json) (`2025-01-16T14:36:39.337`) -- [CVE-2024-1779](CVE-2024/CVE-2024-17xx/CVE-2024-1779.json) (`2025-01-16T14:37:04.887`) -- [CVE-2025-23013](CVE-2025/CVE-2025-230xx/CVE-2025-23013.json) (`2025-01-16T13:15:07.723`) +- [CVE-2024-57483](CVE-2024/CVE-2024-574xx/CVE-2024-57483.json) (`2025-01-16T16:15:33.710`) +- [CVE-2024-57643](CVE-2024/CVE-2024-576xx/CVE-2024-57643.json) (`2025-01-16T16:15:34.030`) +- [CVE-2024-57655](CVE-2024/CVE-2024-576xx/CVE-2024-57655.json) (`2025-01-16T16:15:34.243`) +- [CVE-2024-57656](CVE-2024/CVE-2024-576xx/CVE-2024-57656.json) (`2025-01-16T16:15:34.417`) +- [CVE-2024-57657](CVE-2024/CVE-2024-576xx/CVE-2024-57657.json) (`2025-01-16T16:15:34.600`) +- [CVE-2024-57658](CVE-2024/CVE-2024-576xx/CVE-2024-57658.json) (`2025-01-16T16:15:34.770`) +- [CVE-2024-57660](CVE-2024/CVE-2024-576xx/CVE-2024-57660.json) (`2025-01-16T16:15:34.947`) +- [CVE-2024-57799](CVE-2024/CVE-2024-577xx/CVE-2024-57799.json) (`2025-01-16T15:19:18.117`) +- [CVE-2024-57807](CVE-2024/CVE-2024-578xx/CVE-2024-57807.json) (`2025-01-16T15:19:34.147`) +- [CVE-2024-57872](CVE-2024/CVE-2024-578xx/CVE-2024-57872.json) (`2025-01-16T15:19:51.637`) +- [CVE-2024-57881](CVE-2024/CVE-2024-578xx/CVE-2024-57881.json) (`2025-01-16T15:20:10.900`) +- [CVE-2024-5806](CVE-2024/CVE-2024-58xx/CVE-2024-5806.json) (`2025-01-16T16:57:19.660`) +- [CVE-2024-6455](CVE-2024/CVE-2024-64xx/CVE-2024-6455.json) (`2025-01-16T15:06:56.973`) +- [CVE-2024-8902](CVE-2024/CVE-2024-89xx/CVE-2024-8902.json) (`2025-01-16T15:23:21.513`) +- [CVE-2025-0488](CVE-2025/CVE-2025-04xx/CVE-2025-0488.json) (`2025-01-16T16:15:35.347`) +- [CVE-2025-0489](CVE-2025/CVE-2025-04xx/CVE-2025-0489.json) (`2025-01-16T16:15:35.517`) +- [CVE-2025-0490](CVE-2025/CVE-2025-04xx/CVE-2025-0490.json) (`2025-01-16T16:15:35.653`) +- [CVE-2025-22905](CVE-2025/CVE-2025-229xx/CVE-2025-22905.json) (`2025-01-16T15:15:15.180`) +- [CVE-2025-22906](CVE-2025/CVE-2025-229xx/CVE-2025-22906.json) (`2025-01-16T15:15:15.357`) +- [CVE-2025-22907](CVE-2025/CVE-2025-229xx/CVE-2025-22907.json) (`2025-01-16T15:15:15.547`) +- [CVE-2025-22912](CVE-2025/CVE-2025-229xx/CVE-2025-22912.json) (`2025-01-16T15:15:15.717`) +- [CVE-2025-22913](CVE-2025/CVE-2025-229xx/CVE-2025-22913.json) (`2025-01-16T15:15:15.903`) +- [CVE-2025-22916](CVE-2025/CVE-2025-229xx/CVE-2025-22916.json) (`2025-01-16T15:15:16.113`) +- [CVE-2025-22968](CVE-2025/CVE-2025-229xx/CVE-2025-22968.json) (`2025-01-16T16:15:35.917`) +- [CVE-2025-23081](CVE-2025/CVE-2025-230xx/CVE-2025-23081.json) (`2025-01-16T16:15:36.090`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 7ebf73714b4..7770ae10072 100644 --- a/_state.csv +++ b/_state.csv @@ -159443,7 +159443,7 @@ CVE-2020-36710,0,0,81320b11c67eeac31b647403c450424eb6595e8d213bf7030a0d489f75ba8 CVE-2020-36711,0,0,08dac0a5722113f101a00cbb41158e75971171145b2a33e71b1d8de922a5eb2e,2024-11-21T05:30:07.990000 CVE-2020-36712,0,0,51284c427cc1eed1b6d5778a03bfb2336830fc1ef70dec45f921dfd4d9c43467,2024-11-21T05:30:08.160000 CVE-2020-36713,0,0,507c2e14d305f038084d2bce622870921e628906d555b8cc82cf57854e67cd04,2024-11-21T05:30:08.323000 -CVE-2020-36714,0,0,52fe1e42894288552209360755d03b6585d7b857a763a1f170b87b64cf8d212a,2024-11-21T05:30:08.480000 +CVE-2020-36714,0,1,68116cef9b90e5142e1f26e770e84dfaaf375f34276e3be577f68c1855409bfe,2025-01-16T15:08:00.773000 CVE-2020-36715,0,0,bc32d782af1b00f06ecae3ebc0263929cd02dec3699e01a608110fc466e8ed50,2024-11-21T05:30:08.653000 CVE-2020-36716,0,0,7220f49ed428588a8581635559d7e1ffac4fbbbb37741786d1692dfe0ee063a6,2024-11-21T05:30:08.817000 CVE-2020-36717,0,0,462ea2a1fa307e57e6e7e855ae37ca1a02fc072f48185b6e095de454d202e420,2024-11-21T05:30:08.967000 @@ -190118,7 +190118,7 @@ CVE-2022-20396,0,0,07e02cefc7d3bfb9b82b5c60db2b4a71e3f1977b70b3e687a6b492039a981 CVE-2022-20397,0,0,0fd0463a59787f2109dc201d0891807e1e53ef4d5c1a8d18269ddc4c9f30d948,2024-11-21T06:42:44.417000 CVE-2022-20398,0,0,e63adb7d62d33790505566cf730d7659162d3afd132c852f32066c8f2fed2fc4,2024-11-21T06:42:44.523000 CVE-2022-20399,0,0,d750c2ea8ab17535f0ce3df3184a8bca0bb3222d770e5b8f21b034d221e4455e,2024-11-21T06:42:44.627000 -CVE-2022-2040,0,0,40ae71fca7431cccceb63cc6988260410a98c4e16af73bd5d6aa3c12efcca662,2024-11-21T07:00:13.107000 +CVE-2022-2040,0,1,2b0f0988d033391e6a262837516423850dfb099cac016cc6d58e6e1661c57083,2025-01-16T15:08:00.773000 CVE-2022-20400,0,0,4d49af93e4f8e841113c4960aea3ca217468a1ab667d4157483a7a24e9650329,2024-11-21T06:42:44.730000 CVE-2022-20401,0,0,f682456d677a623d3d29ec3beee6002e6513334662c5372b1f633184ea363f61,2024-11-21T06:42:44.833000 CVE-2022-20402,0,0,54781aec1b993579a11ddba24a5bcb8f57ea32ad122022dd6f11bc4a10f34356,2024-11-21T06:42:44.937000 @@ -190129,7 +190129,7 @@ CVE-2022-20406,0,0,825345f1f3d8916e709da040e141ee467e95e81aae1feab20e1b6362de45b CVE-2022-20407,0,0,04bf5152ee55414a3164e06f849f96c2e11d995034687de8108febf71f54e550,2024-11-21T06:42:45.473000 CVE-2022-20408,0,0,d14071f7aba8bd3d31cf3ed06bf5e709f5e88703f42e050eaec03280fa1cec50,2024-11-21T06:42:45.580000 CVE-2022-20409,0,0,cd468fcb329061075d488c621e4d5b0df994d53ef7828d6b181bbea7a61c22aa,2024-11-21T06:42:45.677000 -CVE-2022-2041,0,0,6970dba142549993d0a8e97c1ff4351f66d5bfa0d5892935c0829c5f29d2d31a,2024-11-21T07:00:13.220000 +CVE-2022-2041,0,1,29a31a5c801b973f454444ed60fa2758f3d76b9e5b8a6d46010dcdc10f21c83b,2025-01-16T15:08:00.773000 CVE-2022-20410,0,0,0a92c39aac8de556dda15ccb789b54ccf99aed43f531a5b18fdd0a2c4e87502f,2024-11-21T06:42:45.780000 CVE-2022-20411,0,0,d37d8d8bddcaf18118e4ac6fba3096311026113ecc61556908b9d386df325b64,2024-11-21T06:42:45.883000 CVE-2022-20412,0,0,5f1a37172a8baa611d30d0d6d72966d9d0a4e08d2bcffc149774535a582659c0,2024-11-21T06:42:45.993000 @@ -215675,7 +215675,7 @@ CVE-2023-20864,0,0,39d65bf9eec2737398fce78a61b4c6a1da2ba917baec829c31be33107fcb8 CVE-2023-20865,0,0,843ad1deed2ae3669208b12e636ca8ece3446ad34b40d5494b75f26d7af79210,2024-11-21T07:41:43.227000 CVE-2023-20866,0,0,9c22d9b11b1dceeb7840009cf21de1bb2ab7e6f8d80c19829701e60f0c57424b,2024-11-21T07:41:43.330000 CVE-2023-20867,0,0,1b255dd216adfe4a6c134d99f69d81023c9f3b2b5f17d34f031803d5c1a652d0,2024-11-21T07:41:43.433000 -CVE-2023-20868,0,0,19210fa11a4f5220bc59e9038c4ced3b8390209d84d16f4e725d5953e3368470,2024-11-21T07:41:43.580000 +CVE-2023-20868,0,1,4ef12985aa287dd53088fc35032c16f405f309fb0d5f2c97fb98ad8b43ae1d82,2025-01-16T15:15:09.580000 CVE-2023-20869,0,0,1669e54973cbdfb5deedc337c4e061079766c588871a63e53396c6471a79ecc6,2024-11-21T07:41:43.693000 CVE-2023-2087,0,0,c34021487f5653a2ed0c7e62647e4439a96d631ee537366495c67a27dd4f70bb,2024-11-21T07:57:54.647000 CVE-2023-20870,0,0,53354fedb863b4a0daf5619cfa6d0c81df2e9013346f8fe1f90d5736f64a00bc,2024-11-21T07:41:43.800000 @@ -215688,8 +215688,8 @@ CVE-2023-20879,0,0,eea88eeb6a512c97a72206f821436dcf25752e98f66fc5c1c632c6621e574 CVE-2023-2088,0,0,9f8e292d651d21c36b9af5b45c9cdffbf076f69eae648c8e10138b7c2bdda769,2024-11-21T07:57:54.757000 CVE-2023-20880,0,0,b89bffd797ab3d3197d8fc9600fb55a084a937e4452f2b287a8d2721678172d5,2024-11-21T07:41:44.600000 CVE-2023-20881,0,0,62def0607ccd11e547311a6d2ae53b368db8bddddb5dc7171452584ce103c6ce,2024-11-21T07:41:44.710000 -CVE-2023-20882,0,0,6ddba494a8a160ce5e0711fb9d9592f96379b36ce19ada7f36363daeb6f021d7,2024-11-21T07:41:44.820000 -CVE-2023-20883,0,0,85920202989b7ecdfdddde4324618643e477e4eccd5c3ed2dd13f3c9d39a497d,2024-11-21T07:41:44.933000 +CVE-2023-20882,0,1,1976a8fc4a44fc2bcd0b63f6d8b4f374b2bf769fbb5b3a6e0734bfa5f060d62d,2025-01-16T15:15:09.943000 +CVE-2023-20883,0,1,7cab49bc516226b6c1fb7481af063e5cac32e4611c74a54a0dc91fd7f2b94301,2025-01-16T15:15:10.170000 CVE-2023-20884,0,0,b542ae1ea197f6a83956405861656e65fc906b8e995ce857358b3a1f7aff2fa4,2025-01-10T19:15:31.997000 CVE-2023-20885,0,0,0dfdf492922f0b854de542b4e33abc881f21c058cd2a01cc3c31dff463cde87b,2024-12-16T20:15:06.557000 CVE-2023-20886,0,0,7a982823666f96ea57050e3be9fa8d457665501ecee354ebbfe73207a1794a5a,2024-11-21T07:41:45.290000 @@ -219566,7 +219566,7 @@ CVE-2023-25434,0,0,571f5e56236fa9808326880d35572a59c1b6a1bb40906c385bd1a6191e97c CVE-2023-25435,0,0,e64f125b4f4c609726ddb2def3a1414ba08ac5b462994bcc312950eb8396d96b,2024-12-06T20:15:20.487000 CVE-2023-25437,0,0,579707dc4163779f73eb8be843597db5569b95fa17661e9431cfbfb44ee78333,2024-11-21T07:49:30.673000 CVE-2023-25438,0,0,930d14bd652365f198f5c3043909a1e740cff99144c0d9486a27900b45c4f918,2024-11-21T07:49:30.813000 -CVE-2023-25439,0,0,3d62b5a350a95cea1b49fe1d5541550e8abb5c7c3e25d976a219491cfe81887c,2024-11-21T07:49:30.957000 +CVE-2023-25439,0,1,e1897a22d54b32d4273530ebd6a2402cb5c3dd7527500f54f656d48ccc1162bf,2025-01-16T16:15:28.260000 CVE-2023-2544,0,0,3e6f71417b7fd5712bbf5830a9286997d01676002f94afef4a78fab56273abf0,2024-11-21T07:58:48.017000 CVE-2023-25440,0,0,84135d7551fc94f2345267f61ab4cb8f882a96388010887af4f4c75d28d91356,2024-11-21T07:49:31.093000 CVE-2023-25442,0,0,417405e3974ae7e8eaefe5cacf9231e32e7a2051ed7386007618cfaab05cae83,2024-11-21T07:49:31.227000 @@ -220326,7 +220326,7 @@ CVE-2023-26277,0,0,285033dd9e6d9fde7a5f6babbb4b33e46827c13ef090e632a83c08a95cc09 CVE-2023-26278,0,0,0b777da1590b83e755e03fc7a596c9c98d3fd7f67322363f0ebd4f7b2609d5a7,2024-11-21T07:51:02.890000 CVE-2023-26279,0,0,0dae59632a7aa7602a3a1c44d959c2ed446293f68410630857f0af167d03a275,2024-11-21T07:51:03.003000 CVE-2023-2628,0,0,a127feda23f94ec166b82162c441ecee8e9b763e62e681ffeec191d420959835,2024-11-21T07:58:57.757000 -CVE-2023-26280,0,0,823b4eb51a658c31079c2c36e9aeb6272e19d3bc6c29e3036913b18e8ef0168d,2024-11-25T19:15:06.987000 +CVE-2023-26280,0,1,9eb49e9e884e82caa81c4c1e4227f0c0967bc8fcc5b65ee0a7f282788b861fbc,2025-01-16T16:13:59.293000 CVE-2023-26281,0,0,f3f4eb9633b31505daba5bcb31c9d75424b7d803a48d93cf2f87c6db01f4ce03,2024-11-21T07:51:03.130000 CVE-2023-26282,0,0,9464f1793118ca865e8f94983ce3bf61757ee8b06758311da832b161a884052f,2024-11-21T07:51:03.267000 CVE-2023-26283,0,0,978993372bc04c5a66aee6f7d9ec549d78f89453bba1d98e88caa4435826488c,2024-11-21T07:51:03.373000 @@ -221265,7 +221265,7 @@ CVE-2023-27524,0,0,a7c3b99f330b1fc001dbf1dd41768a9c621861c1561254a2a58d79c83db67 CVE-2023-27525,0,0,83fe0dbadcffe7d39f05a9dfbd4c3a59f2d9caa44fe722f2a22cf318d60bfff2,2024-11-21T07:53:05.913000 CVE-2023-27526,0,0,d7a1d434e76959c028190d433010fe08e597ff596a3d2824503093c4d017a38e,2024-11-21T07:53:06.033000 CVE-2023-27527,0,0,ef895853842493f6d6e428aef03b5f2da5176173f94982e6fa7ef668485ee536,2024-11-21T07:53:06.160000 -CVE-2023-27529,0,0,742fe919ca459273a4aea573b60b776ff584255cb3cb0584166ca44156cf4224,2024-11-21T07:53:06.277000 +CVE-2023-27529,0,1,688313a7c2d2ac3cbccb9b02f0a2482a012371b810941312b8acbfdb379df9c2,2025-01-16T16:15:28.460000 CVE-2023-2753,0,0,07c6e809a42ad3b510370047ca6a9af0cbf43d74dbab18486dd49105dce46294,2024-11-21T07:59:13.583000 CVE-2023-27530,0,0,b38d60292378b01f02071b1a709b01b4844b4ce61f4f988722b92fc121e4966a,2024-11-21T07:53:06.430000 CVE-2023-27531,0,0,470c592a54054490454a11c4bcc4669f0b59dff66b009f26fb795e2e9e988986,2025-01-09T22:15:26.207000 @@ -221685,7 +221685,7 @@ CVE-2023-28034,0,0,0c3c5252b0f3c3b70f866cbc2a55e735c6282965fdf6e1145c13c068ce8de CVE-2023-28035,0,0,15f314f144e5eb63016d7717ef733eb3824c36ba29541fa1d4bd963d533cebb5,2024-11-21T07:54:05.993000 CVE-2023-28036,0,0,983d46c81392da482a8e85eaa949114691212f27542a5a058f022101652c5663,2024-11-21T07:54:06.963000 CVE-2023-28039,0,0,6c3a4bcc035c016d7a51798d0c10030756af31c9f86843d0493d07c62950fbaa,2024-11-21T07:54:07.617000 -CVE-2023-2804,0,0,d480cda3a55c9b82b36d32ed03dc70faf2a26e3316cb2e2d38980457194e5fe1,2024-11-21T07:59:19.377000 +CVE-2023-2804,0,1,951bd722662ce74e3089c653bb2e7c02135fc09723820bb9ab69f2a515996192,2025-01-16T16:15:29.043000 CVE-2023-28040,0,0,c157e28694b19ef1838acf8ee808de346d959c68c1a60e5a790bfc4168092514,2024-11-21T07:54:08.297000 CVE-2023-28041,0,0,d07472ec29f8e5cc987811da56181dc90be8bea274c561dfd536eacc4ae006e7,2024-11-21T07:54:09.030000 CVE-2023-28042,0,0,1ae9088a3c3ef959ed106df2e58745f789a3ec21906c7f07ec84c55ca9f88672,2024-11-21T07:54:09.823000 @@ -222008,7 +222008,7 @@ CVE-2023-28367,0,0,5ab048b041c658d1e99d212779b457ca9ba7ed3c85197fb745273f214849f CVE-2023-28368,0,0,36f7dd98387b40400855f4cffb9250bac7b1a05259b6ebff4e7caf81b76ab285,2024-11-21T07:54:56.150000 CVE-2023-28369,0,0,815c110e1ebcd6e549e22f4e285aba8d19a651b9d972e72a40643fc9d8cd7614,2024-11-21T07:54:56.247000 CVE-2023-2837,0,0,ac2b220952bcea1d0717efa8546becfc7608c322c6c4219716a62813de1b4fcb,2024-11-21T07:59:23.307000 -CVE-2023-28370,0,0,65da81cfbd72c48b1a63b01f7e950841378b83d01cc65ff4537cf8e8fdff8138,2024-11-21T07:54:56.357000 +CVE-2023-28370,0,1,8ddfe0194bd02605113924b198b97ec7507865195d1cda20ecb693368d670695,2025-01-16T16:15:28.637000 CVE-2023-28371,0,0,b6df0c22e30ccc2b0d0f39efba2aaf78f63bc29870241aaed15184440466de58,2024-11-21T07:54:56.470000 CVE-2023-28372,0,0,1d400567dfb88a634eb5f31a8b09c412684be8da238a1b8e5aa0ee0dc2e18de1,2024-11-21T07:54:56.607000 CVE-2023-28373,0,0,be6b6a0cc153ded88d772540ea7f5520c44909d8d301215920b84c91326c6a53,2024-11-21T07:54:56.747000 @@ -224497,7 +224497,7 @@ CVE-2023-31582,0,0,53bee5eb9a34eb73c1c7a38822c5ac3a32ac49834d612f98056b620539667 CVE-2023-31584,0,0,89d656f4848a2faf115f6de4cd81cc393d73ae9d7ed51d4efab97d0b62d928f7,2024-11-21T08:02:03.337000 CVE-2023-31587,0,0,e3e9fa62a3bcdaae5be5ba07108774f22c24f16b19946c6231450e8e366c5288,2024-11-21T08:02:03.490000 CVE-2023-3159,0,0,9807e6d823aeb3a21864e69407a3985c2540754f15da81cf40cfb1f6730d0a44,2024-11-21T08:16:35.373000 -CVE-2023-31594,0,0,c7b86e5dae90cf02edae278672a8e3083ce631ecf462cb23d61a82b1f7904dff,2024-11-21T08:02:03.650000 +CVE-2023-31594,0,1,2ce3e386965dea1f61dddc297872812c537c7c3578bf01ba97d20e1959ccf4a0,2025-01-16T15:15:10.397000 CVE-2023-31595,0,0,2026436fcd8bf62d8ba7fed6d43e84eb30b5d83d2404d7bba01566f62966490b,2024-11-21T08:02:03.823000 CVE-2023-31597,0,0,5e3ee5a7288f93d86f529f94fad6d525d8acba4608f2a5acee56ac07aea85fe7,2024-11-21T08:02:03.987000 CVE-2023-3160,0,0,3706adbaff758c87939153381553b204ed7dad56f061b584bcec323680f304d6,2024-11-21T08:16:35.520000 @@ -224638,7 +224638,7 @@ CVE-2023-31856,0,0,ce256db1525fce6a46e28d9cc8111df499b2085637139fa8706530beb5896 CVE-2023-31857,0,0,7bd3853f2c55682965431fa0d6799811d368a0e716fd1913e523e8cb2e1eb410,2024-11-21T08:02:20.413000 CVE-2023-3186,0,0,14a8a3e02f8d6ed26188c9f463e876e766ad72b9a21434e816a4de3953e3d487,2024-11-21T08:16:39.013000 CVE-2023-31860,0,0,b19f93d6a0c37e48d579870939cf38501c29b9fec1e4af7e585d4bb8b6a49d17,2024-11-21T08:02:20.550000 -CVE-2023-31861,0,0,e7cfdb131e95b2a909b32af122c0f5ccf1a14c7804352ab0c37cdc32b902b280,2024-11-21T08:02:20.690000 +CVE-2023-31861,0,1,00ed8b460a421cbea6dd8b076a614dfb6e50c87d17fb1a33433f66e14cf7477d,2025-01-16T15:15:10.720000 CVE-2023-31862,0,0,e5d2282f2c43ebaed31f9de83715b1445773fd7849c890a179b5317ad27e92a4,2024-11-21T08:02:20.827000 CVE-2023-31867,0,0,3f97c746a106b59feb7da8efbb130c3ebd33dce765f13b1306b2c553d6ba473a,2024-11-21T08:02:20.963000 CVE-2023-31868,0,0,6e260dda95c178839b85901984cda3cae3d6a2568e86e3744b8b1efedda9c1ce,2024-11-21T08:02:21.100000 @@ -225928,8 +225928,8 @@ CVE-2023-33243,0,0,590f0b7337db73b310eeeedc8fb6b42289fc37ed06cbdf228f0f61ca9d153 CVE-2023-33244,0,0,c12fd93177aa67aa81e735fe94f3bd4f28deab2ebff4e4f1593c8d4133ce551b,2024-11-21T08:05:14.777000 CVE-2023-33245,0,0,16c9db6606ed2dfdc13b1f06447f38071397777076e1320f59f76264acfe464f,2025-01-10T22:15:24.807000 CVE-2023-33246,0,0,d5532be562df3fd306b7e8e00e03116664e064b7c4b6c033c080a3fe3a322965,2024-11-21T08:05:15.150000 -CVE-2023-33247,0,0,a76590f475c2ed41f4790f8b3ad1093e89fe956f3956efb6ebf02ea07beece72,2024-11-21T08:05:15.357000 -CVE-2023-33248,0,0,d29de1f8eb946bc9ec6a8e3e93acf1f5e4ff31f1f6eb42400cf08e5b698860cb,2024-11-21T08:05:15.520000 +CVE-2023-33247,0,1,28e3bb5766ab12affc427d3366ffd23fb9c14a844b84b4947c8ef44e558c8843,2025-01-16T16:15:29.437000 +CVE-2023-33248,0,1,e14495edb77049f2c89ed0c54ad4447d666394f95d323f14cd348a126ba1d6bb,2025-01-16T16:15:29.630000 CVE-2023-3325,0,0,7efdbd196c90142bd5bd8f5c064614d6c4e96a5dcdb6f4c022ddfa4dae0b97ac,2024-11-21T08:17:01.167000 CVE-2023-33250,0,0,eb61d77835057b442e830c5c7e9bf889618033fc786a0dc98aa2177edc1a394e,2024-11-21T08:05:15.727000 CVE-2023-33251,0,0,e92a4a69fa1b662b2a4691b1ea5954886eb42c8616e222a90d0a8c04df56f76d,2024-11-21T08:05:15.920000 @@ -225939,7 +225939,7 @@ CVE-2023-33254,0,0,6a63e7bf10313313c2d0296eacf9cc48c72dcb64facccfea5da32e91cee31 CVE-2023-33255,0,0,7e4596cdad5b64b99f016651e12a6d1709828aff168c9c419786c73abb34cd09,2025-01-15T21:15:11.620000 CVE-2023-33257,0,0,40f4748e448d3cf2963da9b64864a1171c611d35f4e94fe20624c5b622cd26a5,2024-11-21T08:05:16.770000 CVE-2023-3326,0,0,b95d37602520e2bc0d6938f65ea32c0fa39c0137389f8278d8c7d442c61e26bb,2024-11-21T08:17:01.307000 -CVE-2023-33263,0,0,dc4b2ffcf74cf6f443d68c9d7b3aab6517e8342e36d9996769f4cfda1827e2e8,2024-11-21T08:05:16.943000 +CVE-2023-33263,0,1,23778124e3afc27e8b5e0afdd29438de46ceba861e106bf96392e5be0aead4c8,2025-01-16T15:15:10.990000 CVE-2023-33264,0,0,32703d7cfadfe1a47d5d98675ea65777b8509524f66cc195bd545863572876ce,2024-11-21T08:05:17.100000 CVE-2023-33265,0,0,2b11d7a86fea31c2dcfabcc2e49857d49a2988aa4e7ebd75229684a14f2a3f76,2024-11-21T08:05:17.260000 CVE-2023-33268,0,0,ebe54b136bb644cafbb94a7337823fd2f0b2d47be598988809e9e1c10821ce77,2024-11-21T08:05:17.440000 @@ -225952,10 +225952,10 @@ CVE-2023-33273,0,0,f96dcb046f0cae739f975a6cb1eb2f4b6a0fbfcda05e8cf37118234ed04f7 CVE-2023-33274,0,0,0c7f79fbe7e37c83d471347f15e18931fa4bc09958b2581e7ae313c016e05799,2024-11-21T08:05:18.450000 CVE-2023-33276,0,0,9ab74abe01bc09234a66fc370930346c7e4975ddb31de6768170b9a69ff46899,2024-11-21T08:05:18.620000 CVE-2023-33277,0,0,a3157d29d0151137cac78dff5b1b2f0b21f8f486fd91fcc332bfc4e8d84dac6c,2024-11-21T08:05:18.800000 -CVE-2023-33278,0,0,703fe86c8041177d40929bd58d54b99e678e4586e7f9422659d5128d94fd5afa,2024-11-21T08:05:18.980000 -CVE-2023-33279,0,0,c5b52a353f3ee6325fcdbc23e78def6dd9840f906e0c4aa43a168e1260736b6f,2024-11-21T08:05:19.140000 +CVE-2023-33278,0,1,e05425ab8675e171c33d63653df9959bd3a63e2ffcdaf41c01bd81c21ded889a,2025-01-16T15:15:11.260000 +CVE-2023-33279,0,1,9f1d84365d20bfe7add5c2c4f130d78537a49d68468bb0434f66b8527a53433f,2025-01-16T15:15:11.527000 CVE-2023-3328,0,0,19ff79881d8bc75c570024c2c95120dd8f165b34196c4c953dd29948c4479610,2024-11-21T08:17:01.480000 -CVE-2023-33280,0,0,dd129b41a63a61652c937421f2797c2268bcb168616b41614739762f2d92381c,2024-11-21T08:05:19.307000 +CVE-2023-33280,0,1,4b83c248d1a3c420d2b639ea277094ad952e6a29025ae504408325eea34a0d4d,2025-01-16T15:15:11.777000 CVE-2023-33281,0,0,067771f6ca325b24677ebeb151358c2c9e2cc8b783e08f179c67a9925546697e,2024-11-21T08:05:19.500000 CVE-2023-33282,0,0,21991d1cda740d3863a04439b55493f23b10252d0a74f48de2f6c46509abcfaf,2025-01-07T15:15:08 CVE-2023-33283,0,0,e3c0431f01e27d85457d31c72e20d8bfd74006a2c83ee61b994e55fb29b647c1,2025-01-07T16:15:29.973000 @@ -226013,7 +226013,7 @@ CVE-2023-33335,0,0,3358763c20e8dd36245c4312ff8a1eda11c8429ec592bcfc7c1e0182692af CVE-2023-33336,0,0,9a17791deda8a2f5e4d41115e51e880327f6f5452247b6b1bf9e1a1f070212cc,2024-11-21T08:05:26.987000 CVE-2023-33338,0,0,339eeafc9e1d88945448f5d6a43d142b4d650488667c675b260aac83e5186291,2024-11-21T08:05:27.153000 CVE-2023-3335,0,0,fb37d0e2eeb12ee84ec64f61b3ebe79611631274e3902fc947c2dab9355b0c29,2024-11-21T08:17:02.470000 -CVE-2023-33355,0,0,0384bd0f3d7ab90559d455ae97f41ed1d9c02a56fe5eea6cfaad9f3ce59d46a6,2024-11-21T08:05:27.323000 +CVE-2023-33355,0,1,28d19396f5b03e58ce5c21b6cddd65a6e0518822103375a337785c2512a4a1f8,2025-01-16T15:15:12.030000 CVE-2023-33356,0,0,a26c31f3680a0010e83df1ddd6f1d5c458e950482375c3d4526c4151e59d1d46,2024-11-21T08:05:27.513000 CVE-2023-33359,0,0,e36e54df7a114fc781742c1ba6f8f3348b6ebfaec2694ba7548cdb0412f57afd,2024-11-21T08:05:27.727000 CVE-2023-3336,0,0,84a4ff59018139e73bfd7a7e42d03842e2b5834eafd39ccb577002acae9502ae,2024-11-21T08:17:02.610000 @@ -226157,7 +226157,7 @@ CVE-2023-33627,0,0,be69c89dc294dbf9c769fed8e46c6aecbf568ff1de268341ff1a2d8341f0b CVE-2023-33628,0,0,ac0ff5ac3b1bb26a74a42053a2c69732360ee2bbee04a7bf611f172a86b04147,2025-01-10T16:15:27.373000 CVE-2023-33629,0,0,93dea99aff728d795b0357478ffa248335a6bc2e8e1ab2f8cf218fd2ed827769,2025-01-10T16:15:27.567000 CVE-2023-3363,0,0,fe7d397d3228326c17a4febf68655d5fdd11656c07da049d9e44d3cfb189eb2a,2024-11-21T08:17:06.270000 -CVE-2023-33630,0,0,9a849b4f41d11456da97d275c17734d98e0658a334d37ca714d534afd67b9d6c,2024-11-21T08:05:47.090000 +CVE-2023-33630,0,1,52cf991e1f850ecfce442b08e3a678bced9f074854b210c10365a5c92776aff7,2025-01-16T16:15:29.847000 CVE-2023-33631,0,0,ecc7f39e617bdf40c30c1b9d5ad99f944eaf9ca4b2d9b480ce2e2c9368539d23,2025-01-10T16:15:27.760000 CVE-2023-33632,0,0,64a9cecfbba10a0c6104c4f0ea405cf3bbc8d7e17951e2be33a000ad1e259da1,2025-01-10T16:15:27.947000 CVE-2023-33633,0,0,a0f29d13cb5a212e15d7020741e7dd04135a7dd79d3d08b231949e87da17c86a,2025-01-10T16:15:28.133000 @@ -226276,7 +226276,7 @@ CVE-2023-33806,0,0,ca4c91790cf1dd89d7e33a3f0ce29beec71c0665c833cd72846acd5211549 CVE-2023-3381,0,0,b18f97c5209113732fec9ae4ce3207e2c50f1d97547f9495c2e28ac54153f60d,2024-11-21T08:17:08.660000 CVE-2023-33817,0,0,a71a31ef791bfb13074ee4b8b7639e979b2a166c6d9531911e4f955eba7abb45,2024-11-21T08:06:02.333000 CVE-2023-3382,0,0,ce508df5bc0bb388cad51fa10b5ce024f17951dfbeec34ca2c2f79c477ce00de,2024-11-21T08:17:08.807000 -CVE-2023-33829,0,0,ee5211b084df51b6247289fdd5ee4c181d2b5291be9f089437db46a9530b9114,2024-11-21T08:06:02.473000 +CVE-2023-33829,0,1,a7abc105aea5ef98d9923f3d40129c334466afda424770f6e550b057c88098e1,2025-01-16T16:15:30.050000 CVE-2023-3383,0,0,f98b96ac01ff2e22c10cf7a38d646ca57d3bb88021f63482d36ad36329f28cc3,2024-11-21T08:17:08.953000 CVE-2023-33831,0,0,b37aafed5117b58cfe7673cf9c8bab8473e37b68e6ef19dbb51cf6910cc4a2f9,2024-11-21T08:06:02.613000 CVE-2023-33832,0,0,3db747973acafb8a5f72c6e3891acedd64f16dc14135b52ab540070fd1e5920e,2024-11-21T08:06:02.760000 @@ -226427,10 +226427,10 @@ CVE-2023-33976,0,0,89ad541a1971f4e6c687199980a0c351ef4f09e89d264cf9da92848cc8d79 CVE-2023-33977,0,0,7f9ae9cf63258eb45b3160b45e0b54f8cf115775476935085e3f3f6ae5de4077,2024-11-21T08:06:20.147000 CVE-2023-33979,0,0,099fb6dffcbc022c374218fb16825863b988bbe792a606c32f7a8b68a5254d6e,2024-11-21T08:06:20.273000 CVE-2023-3398,0,0,ac532334ebc2ea5d377a047eed3a69a21b57b1a2389b634cb5b7a8c9c83c1db6,2024-11-21T08:17:11.240000 -CVE-2023-33980,0,0,bcee973f19638ca57dc88785241431491b9c2c22a1d9f622cd0103d07f155e7f,2024-11-21T08:06:20.393000 -CVE-2023-33981,0,0,725408631a871cb8471eff33ec3f2f0048553dd39961cc553e25907c8391ce2e,2024-11-21T08:06:20.537000 -CVE-2023-33982,0,0,c08e238c36bf8146efc3a03d93bf87a6d7388af6b3e10d57d01b29e129e1a34e,2024-11-21T08:06:20.683000 -CVE-2023-33983,0,0,803916a3debe0115ca45dce17ca0ca9f6c30e4c3dd4583cc9744e14dbdf55de1,2024-11-21T08:06:20.833000 +CVE-2023-33980,0,1,b711df1691783ee08c058e35e642804a3b9c96d290c14ba311f8a31f13881963,2025-01-16T16:15:30.280000 +CVE-2023-33981,0,1,1b80f20492609165165bcb0710c37d0eb63e70c48a11fc8a6a92dff7de8524f9,2025-01-16T16:15:30.487000 +CVE-2023-33982,0,1,321e0fe360467f988d4f2efd1ce79cf686f898916bbc59acacf68b9ba6165325,2025-01-16T16:15:30.683000 +CVE-2023-33983,0,1,270ace2b5e639b5581393d82c46bfe19a328b28f93cf876341b3d5658a255754,2025-01-16T16:15:30.897000 CVE-2023-33984,0,0,921d2cf3baf6f17a83e26a55e8d0c3b6f2b7705995d7a029e90e08d02c194360,2024-11-21T08:06:20.987000 CVE-2023-33985,0,0,2b11445a51b3e9daf1008875639114bac0e678fdb422c7a314caba93ce9b1e0d,2024-11-21T08:06:21.127000 CVE-2023-33986,0,0,6e34e6691600f46319c9e5281e1e0ed966c56d4d3bdeab4658a11ddeadeb7fdd,2024-11-21T08:06:21.257000 @@ -238133,7 +238133,7 @@ CVE-2023-49736,0,0,5f4b9c3dabe535117de4c47a73bbb7484a95f0ca523122e6f17e693046c3a CVE-2023-49738,0,0,2b12e3e8524ea15692abd9b16822c9089589b5e93d98b79711f485178de7842f,2024-11-21T08:33:45.263000 CVE-2023-49739,0,0,fcd5b613c85c19ca9511264b194abe30353aa50ac4b7fb5b410119eeadd19f66,2024-11-21T08:33:45.387000 CVE-2023-4974,0,0,0ce0386712441b5f233ddd860cbcdcd9b5856259baf65218a755acb96abcb10f,2024-11-21T08:36:22.890000 -CVE-2023-49740,0,0,7ab3e8cc6f827097640ea528eff3da01ee2d3ea8fb269d6883bf40ea95f14742,2024-11-21T08:33:45.510000 +CVE-2023-49740,0,1,5dba4d54a4b00ad8b48d6bf02488137865c89a66c8894ac81ce3572d3b8cfec9,2025-01-16T15:44:50.793000 CVE-2023-49741,0,0,ffc969bec8c5c782ad8a88845ecde3f669dc839bea1c91530bb073d28ec3bbe0,2024-11-21T08:33:45.633000 CVE-2023-49742,0,0,83fc6efe61a128a773b48a12487443178dcff62bfed8e9fa3e8234a4e3f4cbe8,2024-11-21T08:33:45.747000 CVE-2023-49743,0,0,8d5415836e614acdde73f612f4f97a1dc3b78d3c5d4c4f9f56260bd44580fd23,2024-11-21T08:33:45.860000 @@ -239142,7 +239142,7 @@ CVE-2023-51392,0,0,f4bff1066f934ff86be4adb92ad07996b48a8aecf3ff8c99559b3a95115f5 CVE-2023-51393,0,0,ecd6d8ef2d4e9d0d663eb3817f2bbd75d0e484fab7da89b72d4f6f5f9c6878ac,2024-11-21T08:38:01.120000 CVE-2023-51394,0,0,414154d29fcf7d58f244655b64e4103af57f7968804c6e550c1375ec821a334b,2024-11-21T08:38:01.250000 CVE-2023-51395,0,0,786aefda3fc214525967d3ea50d54eac0c493099908f3f90b597f8d5b5faf5d5,2024-11-21T08:38:01.377000 -CVE-2023-51396,0,0,9141d1967c9668488502238e80bb28bc8038a735451e0a1e3682d6926afa85d5,2024-11-21T08:38:01.510000 +CVE-2023-51396,0,1,ac4bcc3d44538bc9cc58409beb4d20e428a64d09cfb5d4dbbf8c8a73e33a2f91,2025-01-16T15:08:00.773000 CVE-2023-51397,0,0,0dcf914117c1e222e2f60ef4004a5b0bfe62d0c01ede337c22c9a42735a7ad40,2024-11-21T08:38:01.650000 CVE-2023-51398,0,0,6de3c39a5e1adeb8e048d61ea599c8ccf66e2de9b6e273f9860c70e02b9afc8b,2024-11-21T08:38:01.780000 CVE-2023-51399,0,0,5892462aab6ae494cf2a36e79c2284be690d0f6319d05bbbb9b7c8e4bfbae2e0,2024-11-21T08:38:01.900000 @@ -240077,7 +240077,7 @@ CVE-2023-52529,0,0,841566603cc3e72b05afcb01b587c6dcd4414a7fe1bc2081929dad3add9a6 CVE-2023-5253,0,0,7ead7effcc406218ae6035d8fe47bb748de44284fb99412a6bbf2042e8def61a,2024-11-21T08:41:22.837000 CVE-2023-52530,0,0,4f593611b75e30e5eae6b577cc331379a84a2f608d52430e3e67592abfaa923b,2024-12-11T16:26:57.617000 CVE-2023-52531,0,0,a61dc0f947d453c51b46a28fa43b6378dffa1008ab84f4db783ded8d39575ec4,2024-12-11T15:28:47.893000 -CVE-2023-52532,0,0,ba6c5d12a08551475097b42f738ad172c51125f48fc7f93af83f381f0c057912,2024-11-21T08:39:58.847000 +CVE-2023-52532,0,1,ba70550a0a2e761832c24df2964db26767df6db295842b0739784442e1e33f91,2025-01-16T16:48:47.483000 CVE-2023-52533,0,0,630004815d3f4ebf3c444b7ff3f11f212940db8cc3775558974c6702465635eb,2024-11-21T08:39:58.960000 CVE-2023-52534,0,0,f37e50d7149e08730fd9fe7b8b8fc06c4115123a747760e53b659858db2ba27d,2024-11-21T08:39:59.137000 CVE-2023-52535,0,0,5b5dcc460313aef0f915ae2f03151c386d496381278b48c4b17ddbed983e120e,2024-11-21T08:39:59.317000 @@ -240106,7 +240106,7 @@ CVE-2023-52555,0,0,0bce05514a607edfd688ab05cf5d809587e49373a04112a081400fb17a4d6 CVE-2023-52556,0,0,6c8956bbe9164c8801611357438dca3cfdd9dd6a4b21c4b1a35a303df2e8f575,2024-11-21T08:40:03.070000 CVE-2023-52557,0,0,0a22b9021f7275058bdd115e9063ef7fec559d0df8bd741165304086449b75c3,2024-11-21T08:40:03.273000 CVE-2023-52558,0,0,79680456f3117e5c28c62f76fc61c399e91cab56f37a1e79dfeac8000c81d7c4,2024-11-21T08:40:03.463000 -CVE-2023-52559,0,0,cf30bd183856d2b63ac92d373ef22fc2829696de871c58066f0d288d952437bd,2024-11-21T08:40:03.650000 +CVE-2023-52559,0,1,d19b9ab292d63ef7322e1b7ec06597d9cfc233c4b8c403c3fc71c495ddc8d016,2025-01-16T16:59:39.197000 CVE-2023-5256,0,0,f25b36e2d6816d15ae13d24827e811b1ce1bdb4f814d5704d120858d960e9cb7,2024-11-21T08:41:23.240000 CVE-2023-52560,0,0,8101dc5e12b61978499f3c1f952560bbf0c85a42b7e572f0d17179ed35ab4ed2,2024-12-11T15:24:15.463000 CVE-2023-52561,0,0,bbc18871877cad65375af08e325f56ae47245e643f99add72f816b7bee748d2b,2024-11-21T08:40:03.893000 @@ -240813,7 +240813,7 @@ CVE-2023-5606,0,0,8e8838601be59dd62a1026b55f85fabacf69d7a3b28886ce9ee40adef383ba CVE-2023-5607,0,0,ae07bec7049be2aac508c23a6037efac75545923c19270db74ce6f26f3cb35dd,2024-11-21T08:42:06.837000 CVE-2023-5609,0,0,f184fcfc6e1b76614ae1d704354cb6470164738fda9dd57633bea43c93450bd6,2024-11-21T08:42:06.943000 CVE-2023-5610,0,0,63393a5a8486496c3d3da95fbe7bd3212d189736e02be17abf459660cbead422,2024-11-21T08:42:07.043000 -CVE-2023-5611,0,0,3a533cfacf8866f196b815230b4d28b93d458d3f4d1c15af09a0a62e68aac35c,2024-11-21T08:42:07.153000 +CVE-2023-5611,0,1,a4c05cfa3d14c7e5d1e32e224326bf9cf6432a0a578cce865c4bac9e6a4920f0,2025-01-16T15:44:50.793000 CVE-2023-5612,0,0,07d0fd9a01002c02d5049608faf1e176194fafe91daa7d393bb2813eaacb8940,2024-11-21T08:42:07.260000 CVE-2023-5613,0,0,5c296e92ec08c076f024fb1be87a24997c51c32836e3ceadabd7db4f93d8403e,2024-11-21T08:42:07.397000 CVE-2023-5614,0,0,df3c7aef14595e231847df4cbf9f65fbb272aa8124fbcb08193c413d34988a90,2024-11-21T08:42:07.520000 @@ -244610,7 +244610,7 @@ CVE-2024-11605,0,0,60d00021c065e6f38e758db8986f6f41c042a104c692f051aa09c9422ba7d CVE-2024-11606,0,0,cec53aed2aa35dc5dcc09928013265f08303f051378a3304152c040cdd6a4f8b,2025-01-07T17:15:18.253000 CVE-2024-11607,0,0,64db1cb50de786964ba95a2d2de30c3c373b3627734b2fcf18c662efd5d3b19e,2024-12-27T15:15:09.637000 CVE-2024-11608,0,0,8ddbc230a8730b76ffe6955779ba3c4d90ea8f23edd3f564c2db516009c0d0dc,2024-12-09T18:15:22.580000 -CVE-2024-1161,0,0,68cc61ca71a85d6059ad02181ec1fb4a89655dbd3db8900d271e7a26ec14fb67,2024-11-21T08:49:56.127000 +CVE-2024-1161,0,1,59404f907ebea7b8dd839befaa6ff35913219617a7e1db7c77652ef34247d4c1,2025-01-16T15:08:00.773000 CVE-2024-11612,0,0,bb444eed2bab8dc9d7d3d2707a19c782bc9311cf8cab3a2875a904169993bb7a,2024-11-22T21:15:17.387000 CVE-2024-11613,0,0,7e86a7b71c3d95aae4dbcb0c03692293907b720ebfe581d24518da2d412862bf,2025-01-08T07:15:26.407000 CVE-2024-11614,0,0,7fc209ca70347672f57de5cba21effe4e1d493165b83e201eaf5da4b6f065fbc,2025-01-09T19:15:17.283000 @@ -244634,7 +244634,7 @@ CVE-2024-11635,0,0,ffacee27dce2a3419b3aa106b350e83d5585d5dcfe645774b0023dac2c389 CVE-2024-11636,0,0,0b6d42fa0d5704cd6ac079216da1bb6972215c21c5e47338513c0632cc826b2e,2025-01-13T15:15:07.560000 CVE-2024-11637,0,0,5348ca65261140ae16ec15332c773ee06343664939e89530c0d5541b934692f4,2025-01-14T02:15:07.907000 CVE-2024-11639,0,0,0210e46589d8e363ac9b295eb4432d5b1bb6755405d9d65212946ea82705ab83,2024-12-10T19:15:19.690000 -CVE-2024-1164,0,0,ea75a9ac84fb05bc5899ed5764c236687fb5121f662769fb6e46971a20a2f34a,2024-11-21T08:49:56.530000 +CVE-2024-1164,0,1,d6b3223f31512976ce37113225736cbf014a2aac3d8c295ef68c5d3e3fda5f16,2025-01-16T15:08:00.773000 CVE-2024-11642,0,0,e083dfd7b8388b09206f810c50ef0061b39601a9804b6746591b0dd89f756ab4,2025-01-09T11:15:10.187000 CVE-2024-11643,0,0,ae78ce4f54b48c77ffb4df12d001ddabc5e672affe5a377c6c988d0deb6a52af,2024-12-04T16:15:24.177000 CVE-2024-11644,0,0,38b2c694eddaad1da45e24d2b7150693eba2499ddb691622394ace7d3593825d,2024-12-27T19:15:07.400000 @@ -244643,7 +244643,7 @@ CVE-2024-11646,0,0,0ab6dee87b237852bbf12355ce0d89cfcc42d4de6a7d6f3a29942216f6fdc CVE-2024-11647,0,0,113c43c5842e50477f47583a57de8c41f4ace2d9d3cc0779127cac467b301941,2024-11-25T16:49:24.083000 CVE-2024-11648,0,0,7767a97f87e6ac5b52c62a9ab3e06af98c54488fb6fa6db87ff57d4b595863f5,2024-11-25T16:49:02.417000 CVE-2024-11649,0,0,2e02a1b1ac73e9631e0d1a9797095a406b688cb0877d8f7698e9962760832419,2024-11-25T16:48:37.237000 -CVE-2024-1165,0,1,147ae82fc7da12f28aa758dac0e9f077423e57773054525f0229107e43220ddb,2025-01-16T14:48:55.897000 +CVE-2024-1165,0,0,147ae82fc7da12f28aa758dac0e9f077423e57773054525f0229107e43220ddb,2025-01-16T14:48:55.897000 CVE-2024-11650,0,0,c1a83adb5fe7f79d88eb6196b3c8ac6aa781d1511831a253d8e0e7484128306a,2024-11-25T03:15:06.707000 CVE-2024-11651,0,0,1ab789c9eacaad7c175ddc8afa1992c793e015c3b6f49833dba9691422e781b4,2024-12-10T23:12:34.057000 CVE-2024-11652,0,0,33668e06a8390aec93f01c5243e821060407052a728d8fc9cf77a157eb5f30ec,2024-12-10T23:13:23.947000 @@ -245606,7 +245606,7 @@ CVE-2024-12902,0,0,f67161e0fccba6773f5846cbc230324e550643d0923f7ba0e7e1a11f1d4a5 CVE-2024-12903,0,0,934e7684198b909838e52981ff3e91a85ceaf2d8442d1b9996709c268c32e282,2024-12-23T13:15:06.390000 CVE-2024-12907,0,0,d89f3365314aa5778f704685a334ac72db82727dcecdbb78151d02652b150e1d,2025-01-02T16:15:07.690000 CVE-2024-12908,0,0,76a88b8500008d4ca56b5c37bddceec64b40a69d8577b8cdbf6118a2030881b4,2024-12-27T15:15:10.240000 -CVE-2024-1291,0,0,52c4840726a3cf584db63abe3d1006ff575604ba403c25fca89470816948ce5e,2024-11-21T08:50:14.863000 +CVE-2024-1291,0,1,8f051cca86e07e915f10677720017dd69f0d69620ffe64fe34f7d04e63b0eedf,2025-01-16T15:28:37.230000 CVE-2024-12912,0,0,746e63a7cfb944606513a06821763c045edbf693309ba8391961cb9c8e0e7197,2025-01-02T09:15:17.470000 CVE-2024-12919,0,0,717b1905f08ccbc54ed50a4e384a22b34d13b7a7099ace4bfb6645d63a69b239,2025-01-14T10:15:07.250000 CVE-2024-1292,0,0,38d9bc6a557167174bf37c6662c68d5de6a783380fb5a30941c923054e3f2f16,2024-11-21T08:50:14.983000 @@ -245614,7 +245614,7 @@ CVE-2024-12926,0,0,fc2a26ab92b192ae501d4e54cc781c262c43c0b12662ce958be5565acbb71 CVE-2024-12927,0,0,29caca6ad2306153fa9ab094fa9e0334461e2ea665f8d59bbd5e4f726fcaf708,2024-12-27T15:15:10.513000 CVE-2024-12928,0,0,f27fc1e72c3253dacf2ae81bd17f6b9bf8d3454200381b8820589af6760ad200,2024-12-27T15:15:10.650000 CVE-2024-12929,0,0,9c9f62ec25f6b90eaccc1146ca01571f8d3b7df23317d5dfee6ccde10b2bd392,2024-12-27T15:15:10.793000 -CVE-2024-1293,0,0,a122e9ddbaac35fa4b5b33d2b10cf37b4d4e3a3677cea83da66723805eec222b,2024-11-21T08:50:15.167000 +CVE-2024-1293,0,1,267e594c05a5a87607ea5a7e09950c7d56e34838fbeabc5e43ce12d78dcc76da,2025-01-16T15:28:17.073000 CVE-2024-12930,0,0,55146c493a0f6c549937de8030dcc8ecd0bbff9603ea43201d1b733ea5cf58af,2024-12-27T15:15:10.947000 CVE-2024-12931,0,0,3570b860aae4765a391392f7e586b132ec6300ca8523add426470135812d26e5,2024-12-26T18:15:06.663000 CVE-2024-12932,0,0,684f0de642058c402aef3271019d2ebc84046522bb009c1fa124efcd0b47c16e,2024-12-26T18:15:09.233000 @@ -245646,7 +245646,7 @@ CVE-2024-12955,0,0,01c00ead83fa8f9f7c160a68275906de7eedbd365dc21072a2dc6b944ca9d CVE-2024-12956,0,0,4dec445723280c9365c37949b943566ca38fb5a06bc3ebb0c2c7dccc97d497ce,2024-12-26T16:15:22.847000 CVE-2024-12958,0,0,2f2d1e34a44aceb03695717140ff583c6dfb2178e3abf88d23cee2fb77b7a1a6,2024-12-27T15:15:11.510000 CVE-2024-12959,0,0,5225592e400663837fc5548274da6cb321b7f3df19f7584dc1065af38a815bb7,2024-12-26T16:15:27.643000 -CVE-2024-1296,0,0,2c8681669a40b4c1355bcd3bfff211c08a874ea1e31940665fa8f736883bd89e,2024-11-21T08:50:15.633000 +CVE-2024-1296,0,1,bc7ff5b77e78e698d15576309eb7ce4c3d0e54ba3e687f3aa36d053363066caf,2025-01-16T15:27:56.237000 CVE-2024-12960,0,0,efd466cfc9f2f6251ddec4531038becc9445ea6af683699e7ee7017154c34377,2024-12-26T18:15:21.027000 CVE-2024-12961,0,0,291b46c6482f64b2afbe8eb7bd6d496579d9c717a7992cb4d0a3a6798792113c,2024-12-26T19:15:07.563000 CVE-2024-12962,0,0,89df782ff1ce72c8082b2b682647d5b7782d8547b26cf8085cd25b8697f020c5,2024-12-26T19:15:07.710000 @@ -245771,7 +245771,7 @@ CVE-2024-13106,0,0,d80fbbba9c15e43951afd138aca3e469bb79f935a9b8c8eba4a7ca9542388 CVE-2024-13107,0,0,5a6926d7c1e8daeace4ec3286c40c361550c2e02929feafc5162263c6c22db8c,2025-01-02T18:15:17.310000 CVE-2024-13108,0,0,c5dc2406e116bbc2fe72b40753db00d564180273640363a8ced69a70e93efb2d,2025-01-02T17:15:07.933000 CVE-2024-13109,0,0,45b5042c6767743a421781b4dc3b51295e1d8552da0dbc6b056c91fa29571518,2025-01-02T17:15:08.073000 -CVE-2024-1311,0,0,01ebf083283fbdbf324aa4188b2056da81574dace6d1d37e23fa5b3fb1764821,2024-11-21T08:50:17.897000 +CVE-2024-1311,0,1,2ba6d2321400f10c87ddc27c76143645bc9a4dbe9eea0a653dcae1cf2feda935,2025-01-16T15:27:31.173000 CVE-2024-13110,0,0,3af34e021045f1f321eb3e27d67d0cda816b86ed4d944ed6768c463b9396b88e,2025-01-02T14:15:06.240000 CVE-2024-13111,0,0,111a0995b810edb3a95164b3ad0483dc838f87262c9575afeeb4b85a996b26d6,2025-01-02T17:15:08.223000 CVE-2024-1312,0,0,d16b3ecc82cd74d4071dc20055eab0a36b43013bc6757c1d62cda1a87b890d59,2024-11-21T08:50:18.020000 @@ -246000,7 +246000,7 @@ CVE-2024-1384,0,0,f50cb0336a3fe51b62fe599c783d20749a5fb92b8e797d5c0ac36d466c13f7 CVE-2024-1385,0,0,8d44f2ddcfbec761b90cec48d83e59f97d1a3c53ec848ed4ca09c1c2ed005096,2024-11-21T08:50:27.933000 CVE-2024-1386,0,0,0e88f4287d62ff6aff092302a9322ab713c8f07c6df5c6bed70e82252a8c824b,2024-11-21T08:50:28.063000 CVE-2024-1387,0,0,2c2f906637a61e38d38a9b0ca47ff4dc68c131d6fabb5f801315dfb2710ce089,2025-01-07T18:19:26.400000 -CVE-2024-1388,0,0,c2b5d2938c277c7664f923040377355501089f9ef5680d3793e69eb817c2e3fe,2024-11-21T08:50:28.327000 +CVE-2024-1388,0,1,4055ac29f5fc98e5c697dde8e9fd854a4a3e80aad935e1d1af922e2721330e53,2025-01-16T15:18:18.140000 CVE-2024-1389,0,0,5873690e0845507df8953cc4f63b4ccd0c40998cbb5a2b9d552ef1fc675e0a5e,2024-11-21T08:50:28.477000 CVE-2024-1390,0,0,37b0dff04be1b8b0f2a887698f2eb84de50a3b7e7acefe6e7e54550c938a7935,2024-11-21T08:50:28.600000 CVE-2024-1391,0,0,6af0f8d02ae724a63fea6527bce005134ee75a029b98ba8d29eab431b6a83a92,2024-11-21T08:50:28.720000 @@ -246064,7 +246064,7 @@ CVE-2024-1449,0,0,95a37d5ef698eee492da651c7884d70c40bd960e6512acbe5a06fb32eb9cd0 CVE-2024-1450,0,0,2c4685806ad094ef0e67bd2000051393b62a0d6ee127f95dcc18abbea7135c6a,2024-11-21T08:50:36.610000 CVE-2024-1451,0,0,b0465625c202e8f09e409320e5302d0e1b7fca565c7881c89608e7a88e11ffcb,2024-11-21T08:50:36.730000 CVE-2024-1452,0,0,0d5ef33ed18cfe6afb9e5ddd11bf0c4f1f56bedc89751ce9b22df72c9a658963,2024-11-21T08:50:36.890000 -CVE-2024-1453,0,0,b21196f45da1c79d7e38c04eebd45cbe5bc5aa1645a3e390e01f7bfe36423e9f,2024-11-21T08:50:37.020000 +CVE-2024-1453,0,1,0227e7a01863c94405e531357cdb0c10b796444052d7a86292908c61c86741a3,2025-01-16T16:03:19.477000 CVE-2024-1454,0,0,efee886e7293fa134cee300a2fdd8efed7a47176b613af6fe8be478634f8010f,2024-11-21T08:50:37.150000 CVE-2024-1455,0,0,e455ef50023fd394d707ee63f10df4453b9d4808077ff1d6df4f5071b048364b,2024-11-21T08:50:37.310000 CVE-2024-1456,0,0,8633e71f4c77a0e946debb84f2a4c8ad3ebd080d1f02a90e0c9dc34b01539861,2024-11-21T08:50:37.443000 @@ -246169,7 +246169,7 @@ CVE-2024-1564,0,0,84ceb93463fa25d921ef01feb499d06d312a061c27da82d4c95abef3e4e863 CVE-2024-1565,0,0,00fc6a5125264a59a67555b8c8202352f41a7d44a1f5f9ff79d0346bf16d4f67,2024-11-21T08:50:50.860000 CVE-2024-1566,0,0,4ac720135761f12018d810740b03599e211c6d2088b3ec7481b0c1665640c9db,2024-11-21T08:50:51.007000 CVE-2024-1567,0,0,6cdbaee71c1770d77caf03403af77d158a420504c05e33f36e632e6fe2f3ce20,2025-01-08T20:47:46.820000 -CVE-2024-1568,0,0,7c747a42c43889299b85ee2d411912cccb4847e43395740d8e6d9bd8cca3c1b4,2024-11-21T08:50:51.240000 +CVE-2024-1568,0,1,4660f06f13504a73ee731b062d7289c45d2cdd5ee8fbad08955ed262bed14189,2025-01-16T15:34:31.447000 CVE-2024-1569,0,0,cc3fd6764ddebd625443ddcd2f6dd2aba14c01115654ddd2b36f709166cad3a4,2024-11-21T08:50:51.360000 CVE-2024-1570,0,0,c77fb8a1605b8ff029c140717833d66157c8c7aa9377bb5398abaa6409f8c2d4,2024-11-21T08:50:51.480000 CVE-2024-1571,0,0,59f01ab78b4f7b0f9ac0a699e09826fef03bb32078a1a72f10d58201a8f77caf,2024-11-21T08:50:51.597000 @@ -246360,10 +246360,10 @@ CVE-2024-1772,0,0,f99b113d86a69f6dc327bee2933c94ef07e01bd499efa53690214e4c00dd4e CVE-2024-1773,0,0,cf04e4c0c1e4bfcf1aa2d828b9bc8d0c39a72216a49df579bdba39c0486b0fcb,2024-11-21T08:51:16.823000 CVE-2024-1774,0,0,efbf233830d48bc327722f1b9ca6dd8e89c31b3681155704940a2eada3524c1a,2024-11-21T08:51:16.943000 CVE-2024-1775,0,0,63ec199d61cceacd2db099000c98d254d8ece564b5ceaaa5bdb37783ab401cc8,2024-11-21T08:51:17.060000 -CVE-2024-1776,0,1,8f687e2a9e9f6a8a4412858b8c915f4a1820886d213022ced72ddabc13336d9f,2025-01-16T14:34:59.577000 -CVE-2024-1777,0,1,8e9471bcb086116767fd181f7492497a52ae5dd8ef35ff837c62ea8f2d749fa2,2025-01-16T14:35:48.920000 -CVE-2024-1778,0,1,2cfc75707a8d03f8d413a8de4930720674c1d029b285b395e008211573cb799b,2025-01-16T14:36:39.337000 -CVE-2024-1779,0,1,3dd815054651ee67b64720d9ebcdbe3d16cc1e7a09fac7d36fdf391764873514,2025-01-16T14:37:04.887000 +CVE-2024-1776,0,0,8f687e2a9e9f6a8a4412858b8c915f4a1820886d213022ced72ddabc13336d9f,2025-01-16T14:34:59.577000 +CVE-2024-1777,0,0,8e9471bcb086116767fd181f7492497a52ae5dd8ef35ff837c62ea8f2d749fa2,2025-01-16T14:35:48.920000 +CVE-2024-1778,0,0,2cfc75707a8d03f8d413a8de4930720674c1d029b285b395e008211573cb799b,2025-01-16T14:36:39.337000 +CVE-2024-1779,0,0,3dd815054651ee67b64720d9ebcdbe3d16cc1e7a09fac7d36fdf391764873514,2025-01-16T14:37:04.887000 CVE-2024-1780,0,0,80f26599b8f4d3abbd5d5938cad0c480de1894fa1b8d2642b95876ef2965114e,2024-11-21T08:51:17.680000 CVE-2024-1781,0,0,3daeacfd1a761b461bfa74c09725de95b95754d778b1b0c7aeb6b35ab1727dec,2024-11-21T08:51:17.810000 CVE-2024-1782,0,0,15bc4a01eecf562070055e67a3b5b6d087e6b8c48666a5dcecf70ea075210086,2025-01-08T16:59:14.453000 @@ -246515,10 +246515,10 @@ CVE-2024-1933,0,0,ec2acdb0cb128d6d2e4e087e8a75f4db01db65f33280945e832ec822f7e9b4 CVE-2024-1934,0,0,67d0b46c0c7d874343f5536356cb6ea32a08b1ee91ce9868fb168e6a1ff7f380,2024-11-21T08:51:37.983000 CVE-2024-1935,0,0,7e29f8870d182b73d0c15e13ea8561d34771d6a0f8dd33b0c27960c094edef9c,2024-11-21T08:51:38.110000 CVE-2024-1936,0,0,0141e7479ee19d3800781c2d98bdcf0b22fd86c1a924812f8845932893e70c3e,2024-11-26T14:15:20.260000 -CVE-2024-1937,0,0,d243e30a0b3b0bafaebe03bb90e142c4555b1270156243fb79c6a43d0611b177,2024-11-21T08:51:38.427000 +CVE-2024-1937,0,1,21edc564d8d107c7b32aee93f18d39dfb701e318c887fb17fa65aeb000f67bb9,2025-01-16T15:26:27.540000 CVE-2024-1938,0,0,bb761392093d0500dffc8826166cebd57f27e4ca835bd724044095a9cc9f46f6,2024-12-19T20:20:38.233000 CVE-2024-1939,0,0,ba14000cd43977e6f1eb1cd14ab27eeb70bb77dfe0844ae9ad68ecebd9e8d15b,2024-12-19T20:20:25.553000 -CVE-2024-1940,0,0,7e977c77b87dd39105da7f76cfd55a77e6e1e8669ae9826b7d02c15574f02730,2024-11-21T08:51:38.897000 +CVE-2024-1940,0,1,ecab56fcb3e037dc0ea712fa586ea5c3a8b71e9e2c283b3d79a6b035052ea105,2025-01-16T15:08:00.773000 CVE-2024-1941,0,0,9c69f1cafeafe1dc903ef64743a28dd74bf0a40675a6145a85e76229a13c3f6f,2024-11-21T08:51:39.030000 CVE-2024-1942,0,0,9959f1b48d8df074a766267681ef60ee70470ef041e97518033e1c9e3f4c9350,2024-12-13T17:06:52.710000 CVE-2024-1943,0,0,427bdf5401d6f091cadbed61a8541fc961c944e687902b5c9c41fbd9c10f1f0d,2025-01-08T18:47:34.333000 @@ -247280,7 +247280,7 @@ CVE-2024-20866,0,0,816ba15ae4e3ed788a34ae0b920e095c417cb54f5f74965f3bef19bff7ced CVE-2024-20867,0,0,065726ed80c533fe145569cd90ca3cf5f2c2108c58b8c7f8aec6e60cd40a3a55,2024-11-21T08:53:18.500000 CVE-2024-20868,0,0,a44d2bb06530d84cca812518df05a42b770346d98bb36b77c98a1631ffe2e3b3,2024-11-21T08:53:18.620000 CVE-2024-20869,0,0,2fa771efaaee1e3346d95a523b05184637111ad924d805491e14d8fd23ac9800,2024-11-21T08:53:18.730000 -CVE-2024-2087,0,0,0f162d2718f37ba49db06f35454283d50009532a091048cb29be87f6efa4a89d,2024-11-21T09:09:00.990000 +CVE-2024-2087,0,1,c6aae9d41c3e4a8b768a0abaf5ef4fd8aabc8701ead6f395069b286e31909842,2025-01-16T15:08:00.773000 CVE-2024-20870,0,0,a79fafd6bd119fe995c3eacfe92094b0eed49a501db402f530c838e8b9934e4f,2024-11-21T08:53:18.843000 CVE-2024-20871,0,0,360fbcf0ad786ad1fa489d142c373c15d56dd1143dd214d60456cef8f871bcc4,2024-11-21T08:53:18.960000 CVE-2024-20872,0,0,9a90d6f768603b8e96125fcc5988353d4470246f99238841a85c021f74b7234b,2024-11-21T08:53:19.070000 @@ -249888,7 +249888,7 @@ CVE-2024-24026,0,0,974a3444463c7e0e2715d13d25f58be4fd54008138ef03898c8b54fd1b0ec CVE-2024-24027,0,0,aec19207f017f7825466edd07e3eba9f0725f1323d7c67f0e14217418a85a8b0,2024-11-21T08:58:51.147000 CVE-2024-24028,0,0,a772099fdcdb5a64de92b0a5f00bc8ecba2928b6dc88e323be2e52a116b0850a,2024-11-21T08:58:51.363000 CVE-2024-24029,0,0,ddd9987e9ef3270c764a10cf8b709a2abb3902f1a23f0e8a2ef0b26ec653895f,2024-11-21T08:58:51.580000 -CVE-2024-2403,0,0,9ee74f6655d978405e1f875292a4ed08b612db94cdc7f1275e6441f37119a738,2024-11-21T09:09:40.817000 +CVE-2024-2403,0,1,1a47e4bdeaba076882b8c5f2ad50d2b8c6cfea932e0aea6e8b8f16961479c76e,2025-01-16T15:59:23.390000 CVE-2024-24034,0,0,008c95380cb274a422194929409267c0bff18be1c2c092615625192b01e06285,2024-11-21T08:58:51.727000 CVE-2024-24035,0,0,6cb7d03077ad19362dc330f3692f9890b03cf144492b22d0ab0a7c4560b5ad4e,2024-11-21T08:58:51.867000 CVE-2024-2404,0,0,00b8bdca56d07b7b811d08b76ea65d97e4c2cdb5114ee4e28e4c314094339183,2024-11-21T09:09:40.923000 @@ -251401,7 +251401,7 @@ CVE-2024-26234,0,0,db16ed64dcc4ff6911d4071294d440768cb4877bc16f8ef07a35071524aaa CVE-2024-26235,0,0,90a9c7d5280b779a052ee32ef689e7a17b6061525d8f54b0760b3b681a266608,2025-01-08T16:37:39.897000 CVE-2024-26236,0,0,b3b9a73f635d53188f72ed8d4bfdf7570c407e8d7860bb45359bcbfc66b0532a,2025-01-08T15:53:19.297000 CVE-2024-26237,0,0,b6ed63c886bbef69d9180cf6bc82ee96dada1d58c2dc845441c40e98d2ac9e1f,2025-01-08T15:54:58.580000 -CVE-2024-26238,0,0,29eb84d72f4dfc3bcae14dac7f62a0da44395608805b84bc29b6f93a004843e4,2024-11-21T09:02:12.737000 +CVE-2024-26238,0,1,70b40f1cb527c58471d9934a6612b00a4e987cd981d5ca53a2f990914d4b3045,2025-01-16T16:46:01.327000 CVE-2024-26239,0,0,e8dc81b014c8d64d304b2034d096f12fbbb656650b562a5b91f3b5833037b94d,2025-01-08T15:55:35.740000 CVE-2024-2624,0,0,72d06684172a0b67b71cfadebc73e6297a732acc67b7f4a91e537bcb8fa461ff,2024-11-21T09:10:09.430000 CVE-2024-26240,0,0,44d4125112f72e7d129139dc15aefa83ffc03a8b60a0d690ad9a3c8a89cecb18,2025-01-08T15:55:58.603000 @@ -252718,7 +252718,7 @@ CVE-2024-27851,0,0,c3b97ee6b26dfbc0c56d39614137e38659ab1609757d63181c34ff60a311c CVE-2024-27852,0,0,21baed505dd28c7a0b77d3ba061072e5a4859b987a8b1d420f9b79d60ef54041,2024-12-09T19:40:07.710000 CVE-2024-27853,0,0,72a1ed6ec4d0895fb804921668bc2bff946add21527d9bb528b8f3dbbcdca964,2024-11-21T09:05:17.167000 CVE-2024-27855,0,0,7b61a08acfa4129bbd09ca95b2fbbadadedd2683e38c872f9104fbd486556985,2024-11-21T09:05:17.320000 -CVE-2024-27856,0,0,69510cb9bd366799f2d0040fe911a2357bcf61e5f940dbaa36e6ab73fc306e86,2025-01-15T20:15:27.483000 +CVE-2024-27856,0,1,fdfdaf450b411d17898fb69d56609366edb5ef155e3d02820221a7c03309c67f,2025-01-16T15:15:13.100000 CVE-2024-27857,0,0,50c74cada9fa0a92498be7b0ed6d9257c0a8cdcb5b5d97a471df147f46938208,2024-11-21T09:05:17.540000 CVE-2024-27858,0,0,aa4ac34917fc25a3b363315db7cb3fffd219145d245e40c2d78d17a7bcb483bf,2024-09-23T19:56:28.840000 CVE-2024-2786,0,0,22e7aa45cb0e7749183823d317f8f7b810ca18197f71a7cb7903a7f8a0a36e07,2025-01-07T18:17:10.187000 @@ -253476,7 +253476,7 @@ CVE-2024-2894,0,0,4e4e197d6e5e2cfa7dce6da3a124c67e0d58dfe258916ccee0dc79455f6b83 CVE-2024-28940,0,0,b4e91055e512829ef86de877890d0613f8bb207a143a8a2a9701b281837d479a,2025-01-15T19:06:25.340000 CVE-2024-28941,0,0,c146dba5cc5132ed8f71f242b70ea18220d6242e2e3181c7792809978cb5aa59,2025-01-14T20:51:28.040000 CVE-2024-28942,0,0,45e12863cfd2906d7e9b154de89b6a52a9867356e5cbdae1fbce2828713bad02,2025-01-15T19:06:35.190000 -CVE-2024-28943,0,0,e80a4854eeb7627b9c1ed13dba09eca1d796746a77c7f22cfe39ed58b71671f9,2024-11-21T09:07:14.757000 +CVE-2024-28943,0,1,7d017c6e8b024e31aa0711ccb8f39188fa77c71b824d1308f21cc03c3398627e,2025-01-16T16:01:01.603000 CVE-2024-28944,0,0,be45cc8ea93b7e0969e7b71555f1a6d5af47a05327c0aa4f4ea121fc2d7b8dcf,2025-01-15T19:06:42.510000 CVE-2024-28945,0,0,fd0f929d94e9a072a54ac6220b0a882ea43cf1101ced55267196733ea906c727,2025-01-15T19:06:51.920000 CVE-2024-28947,0,0,f423c6da395b9fab8d455cff865afb02d4eaef269f598c96201d2b407abccf3e,2024-09-12T18:52:38.433000 @@ -253570,7 +253570,7 @@ CVE-2024-2904,0,0,e6586a0e0a8a8357c4d8e40fe57cdb27a69a7f461f34acbd8ec447b7a6408e CVE-2024-29040,0,0,6f600fd776c6a2753acef940ae7e86d9938f64b7492793359aca46255cc2c2bc,2024-11-21T09:07:25.880000 CVE-2024-29041,0,0,6ac0f71fb6f950c6f7b59cb10e9a1d9aeaaf1dbdf40430ddb4997841553145c1,2024-11-21T09:07:26.023000 CVE-2024-29042,0,0,730c6dea49127983163b153e644945f8bae8aa398a44073ad49834eb438c9828,2024-11-21T09:07:26.187000 -CVE-2024-29043,0,0,75345fd1236015f4a39acc2e3adc311342077da343eecc5f0b12f0791dee5f6f,2024-11-21T09:07:26.317000 +CVE-2024-29043,0,1,89b809ddf3803d02765dfa3080b9119153f9a4da4f8dffd74df0180c880d6cfd,2025-01-16T16:01:35.767000 CVE-2024-29044,0,0,3690b041a3c5958ebc59f0790f86871fc965cb811eb42eb807a4bba754e2b2e3,2025-01-15T19:07:05.677000 CVE-2024-29045,0,0,ff22f9c41d3e70ac25fb0e1bb7236e191425737ba948ce35025fae4c11f3715e,2025-01-15T19:07:39.023000 CVE-2024-29046,0,0,7a60f0ac29ac5196b90ed4a88e6d478ff3ffe45f34c3faae54c66ed7a088fac0,2025-01-15T19:07:32.210000 @@ -253578,7 +253578,7 @@ CVE-2024-29047,0,0,8a2e8b2baac4b1a7ff52438994f73baf63d20a80af11c9ac475819fed362a CVE-2024-29048,0,0,ba22a52d5980e59ca3cced96e67087d9c8aaf647cef6c0f589cd918fa4a6bd2e,2025-01-15T19:07:25.327000 CVE-2024-29049,0,0,b4de33718e2a66f5e65d4713457675b539c089be4fac657ccc0a19e7d6ed6465,2025-01-06T18:37:14.790000 CVE-2024-2905,0,0,475c26f278f0caf02a3d877ee86a9d24c3c71da9cf1b51cbc9b4dbccdbf9aab6,2024-11-21T09:10:48.187000 -CVE-2024-29050,0,0,44f58c2f1cf521bf680200ab8a0b4bb5be8ceae4f46643b1fbd737900e35d15c,2024-11-21T09:07:27.143000 +CVE-2024-29050,0,1,34156baed293e58f3fa6d320db1af9b0572057c0a42f3087c98900d47189c156,2025-01-16T16:17:54.357000 CVE-2024-29052,0,0,058430489297e2287c9c708ab61c1a8052dcd6fe648fb5a78044990b3e87d1aa,2024-11-21T09:07:27.290000 CVE-2024-29053,0,0,92488bef950a567a39b779dbf835ed5aff89176a7e49723ab585362f4d64c028,2024-11-21T09:07:27.517000 CVE-2024-29054,0,0,ca067f10dbd952f549de490b8a143c5a74d49758923d6326376ec876a34a7b96,2024-11-21T09:07:27.667000 @@ -253592,7 +253592,7 @@ CVE-2024-29061,0,0,7c8701c84f59f89a131d2c90ff8025ec8c1c9a0e30cbf5684bfc2e3a344ea CVE-2024-29062,0,0,f03a9ee39df1ce87f9f6593d2f68853161a112707f9cad62012855f66733f7d0,2024-11-21T09:07:28.673000 CVE-2024-29063,0,0,bee72f729de29698a3cc7f9ebeb6810ff1d339244d675dc69a9fb16a7c6edfed,2025-01-09T13:36:49.257000 CVE-2024-29064,0,0,f1047475407f41b4a4278520caea13262ff3a01b6b5d085e76d4429789491252,2025-01-09T13:41:45.830000 -CVE-2024-29066,0,0,53d8c2d9a72b252868c9617a516caa10bae8ffeb0d381b0a73d178e0d7a811ff,2024-11-21T09:07:29.083000 +CVE-2024-29066,0,1,f027c48caec29ee6f5d145643250f6c4c4b536b54cc8afbfb2db9c2b18183e3b,2025-01-16T16:19:25.863000 CVE-2024-29068,0,0,4ca16ab4f3100ce464ed61ba1b4d96efe5791a7c4dabbd87db88d42639a78cc7,2024-11-21T09:07:29.217000 CVE-2024-29069,0,0,4e2e8f90811126be2345b98ed47ab42149083ecf4f708fcaf6870de0665ab7a3,2024-11-21T09:07:29.377000 CVE-2024-2907,0,0,afcf7b0dd1ad120eb5edd4bb53db0ef2b60221906dcb3f6ebc628e09a063a180,2024-11-21T09:10:48.460000 @@ -256011,7 +256011,7 @@ CVE-2024-32407,0,0,0df07e739a8ca11adc8e64033efd14a2769f0d1340e998db62e6a377858da CVE-2024-32409,0,0,18b0f3062892cdbdf03588220ff6b6036159d6e3762a6fad7fa112af7d603be7,2024-11-21T09:14:53.293000 CVE-2024-3241,0,0,b1badc4f1f5873ff7ca017fdd306f21fc66be32391b8d27fe7739f7ab8ee3128,2024-11-21T09:29:13.510000 CVE-2024-32418,0,0,d8130dedbe76cdd228daed362bf2d1aca28a9841235dbcc9e6fc321e75783a23,2024-11-21T09:14:53.523000 -CVE-2024-3242,0,0,29c03d4fd576035736ba7a024040434020d7268bad1a14ccb8bf66f0db9ace4f,2024-11-21T09:29:13.687000 +CVE-2024-3242,0,1,5f9a392d5baa5578fca1ab76c564a35b8fe07ebbba529c9b61373bb8ee0e2f7d,2025-01-16T15:08:00.773000 CVE-2024-32428,0,0,60a38dad4b728935d029d05efcaf45ae388db9a4371b63af5cf892c6f872c55e,2024-11-21T09:14:53.750000 CVE-2024-32429,0,0,dbf9a7627ca091682b113486f07b5002a78b5c9605b6253476e7e45785d77881,2024-11-21T09:14:53.857000 CVE-2024-3243,0,0,7ad2c1a5621c9b5154904bb8d368fb43808252d42b17c792d722aae09d5b473f,2024-11-21T09:29:13.827000 @@ -257333,12 +257333,12 @@ CVE-2024-34072,0,0,0328017c25689b65deea8e6b5d9d864dcf5fbd8df8293d860b65d7cb7e44d CVE-2024-34073,0,0,f7ad871910a24067ef07cc0245fd8074bbbce15b6e5922886339bf185df98b53,2024-11-21T09:18:02.103000 CVE-2024-34074,0,0,02adc0170b5030b9c74011e1341a900ec167561775046c5f84ea0d7e875fd048,2024-11-21T09:18:02.237000 CVE-2024-34075,0,0,39a8acf705d3b0af52ff58a8f23a4a612e3c50eb9cefe8bd367a9297ab6991f3,2024-11-21T09:18:02.363000 -CVE-2024-34077,0,0,e5abf2b45b2bf5912bdc2ba2636285dd40eedb38e2321c8531c14b2d2d805338,2024-11-21T09:18:02.530000 +CVE-2024-34077,0,1,1ef2fa5bf93bf1dc9fa004d81089618609fa9d9a4a8c8d66b6faa259ca350461,2025-01-16T16:40:04.230000 CVE-2024-34078,0,0,fe1f3acef64cc6af59fe45a886ab0f1fb4589c578490763891d69b5d5e770594,2024-11-21T09:18:02.690000 CVE-2024-34079,0,0,c9aa484cc01d1a9e01f9cd10e818e4cee344da9ebd23bfda12807cf0f21f3317,2024-11-21T09:18:02.823000 CVE-2024-3408,0,0,29872d3e65afbe1ecf9c7c874018aeba31fa57b43cf60907dab2721d8b5990b8,2024-11-21T09:29:32.273000 -CVE-2024-34080,0,0,ab11b837d7a92236a00e0367354ad64b7b8a3be8eeddcbc32f51db92be07006e,2024-11-21T09:18:02.957000 -CVE-2024-34081,0,0,0953ab7beb18c24a39742275a6f712fc24459dcd2d90f251477ae0b9d4399460,2024-11-21T09:18:03.090000 +CVE-2024-34080,0,1,3ff121388ba47d023930e9b4b89608ae12805d2c1f3440d84bb03d63008be294,2025-01-16T16:44:40.283000 +CVE-2024-34081,0,1,28d65ff1a62a5edd88286115217c9a821b4ee6875a5b38a2bcf646ad638bd8bd,2025-01-16T16:42:57.800000 CVE-2024-34082,0,0,36c8c189b285b5f8508fe3147d7a2cebea9f08e37c8431fe406a0bebc15eefd7,2025-01-02T23:06:29.123000 CVE-2024-34083,0,0,1e08b8cd0a0c82cc0ee55cf3dfb5c71fbf9c3a2b42ac088fff3d0e17c3e3ea6c,2024-11-21T09:18:03.363000 CVE-2024-34084,0,0,6d5b2c4cc74a8a272805777a26892ffa63284ae7c193c1aa4167ffec5688b5cf,2024-11-21T09:18:03.513000 @@ -258038,7 +258038,7 @@ CVE-2024-34982,0,0,ee0288804a2e56d5b1482976ce368ea06f5038c8ea5ba5e7f9197ebc26103 CVE-2024-34987,0,0,9ac391e6c82792d3e31f2013a6dfbc08649da34201c0ddc70d566a68eaae6636,2024-11-21T09:19:39.350000 CVE-2024-34988,0,0,def54a4d922640afedfe5dc79d042c7a44fdcaf333fd1b4f9d790e7bedfb58ee,2024-11-21T09:19:39.563000 CVE-2024-34989,0,0,294468f66da9ea6fa35f9cde266f467bf595234985b1036dd88158fbac39a41b,2024-11-21T09:19:39.793000 -CVE-2024-3499,0,0,ad0e226a4e676a37b9fd638a5b2da8b8b75f09d45342cd348e87a5097a5c989d,2024-11-21T09:29:44.187000 +CVE-2024-3499,0,1,372134dec24a8976398e03eee5911b72a8a970ad0f477724267f09f70c743664,2025-01-16T15:04:25.197000 CVE-2024-34990,0,0,72321dbd5f312e5658316f86d6a8bceb72e7033690d272b75d7998d3e94a4a7b,2024-11-21T09:19:40.020000 CVE-2024-34991,0,0,67f1e732cebaa6a347f7d8ec49cf0dc928aad51449742f437b751fcf77c5a698,2024-11-21T09:19:40.243000 CVE-2024-34992,0,0,ea8367013c20a56151dcc58ea3948e42dbd0ad84151a025ccd43704694a1872e,2024-11-21T09:19:40.473000 @@ -258796,7 +258796,7 @@ CVE-2024-35981,0,0,2935e67e0c7016a6a5c1c59b500045dc906210d41e41d6245f89da6fa3127 CVE-2024-35982,0,0,ffc0591ff45e47ac4517cfe2ad4e5279acd4b701b9862173d0d4a17749d9809c,2024-11-21T09:21:21.300000 CVE-2024-35983,0,0,af2508f51fe43af69357067664509c7069126841e12f94d9594a21269862c42d,2024-11-21T09:21:21.537000 CVE-2024-35984,0,0,bf26a53c916bc290686411572af86b5c948d99c52a4fff4fa3fa9f741b4a8c76,2024-11-21T09:21:21.677000 -CVE-2024-35985,0,0,990e376f73373be55ff1b6629613b246dce18866810e5d7074cd35a954979eb6,2024-11-21T09:21:21.843000 +CVE-2024-35985,0,1,813ee7a10b86bc19ed2c5eb541b2e7b7ab313531e54d6d9f0b050ded02e6c2f9,2025-01-16T16:43:59.487000 CVE-2024-35986,0,0,8ff492a53fdf455409ad92cd45306dbb01a3f4f9f2a9b442438565e4e3d580ee,2024-11-21T09:21:21.980000 CVE-2024-35987,0,0,d3d03fd4d380aa562fc5312ab0636a065d6b376959fc8c803e432aab5bcb4990,2024-11-21T09:21:22.200000 CVE-2024-35988,0,0,1f909ca2d5f9686c6fef5f46bb24b76a2c9984ce0eb8f7f555b16d10b8fa7a61,2024-11-21T09:21:22.337000 @@ -259231,7 +259231,7 @@ CVE-2024-36496,0,0,714184028efd3fe8c9f7d2ed728a4da4803d7a712f47e3b49b2335391ba3f CVE-2024-36497,0,0,8eced1bcdef5e314cf0f9e441a92136c389e617dfa3768edcabff5beddde4a7c,2024-11-21T09:22:17.510000 CVE-2024-36498,0,0,d03852110aad218136641d40371911f8d49f8001ee75d957694a973ed74f458e,2024-12-12T16:15:15.737000 CVE-2024-36499,0,0,ed858a4b472fd445a2ad0302c3cb1fbf31dff02fd641ba3d16a4232251d27f43,2024-11-21T09:22:17.690000 -CVE-2024-3650,0,0,39c66b574e110ed65a957c31c0ff9b18a289672070e2636411b75e7ed3e28849,2024-11-21T09:30:05.030000 +CVE-2024-3650,0,1,c570d0de7ffb466db497537367395a4e348dacb9a390f3a579b56826d954c4fc,2025-01-16T15:04:37.470000 CVE-2024-36500,0,0,3749986292cf3f04be3ecd79c3eae7049cd48de8e666dbec442c9f3a4ab4ee71,2024-11-21T09:22:17.843000 CVE-2024-36501,0,0,9c0f9c29b1ea578ebce558d7100251055f7ba2e7147d4ca51f7dd8451082c4ab,2024-11-21T09:22:17.977000 CVE-2024-36502,0,0,fffafe10f0702323c26baccbe897485dd35ab633d4b0d89efe45f6d8d1e5c5e1,2024-11-21T09:22:18.110000 @@ -259331,7 +259331,7 @@ CVE-2024-3666,0,0,6e5e988f5ab423974d5a5f7acb11b2375f202de0b09ff693ce68e91e4e7b9e CVE-2024-36667,0,0,8f4f0295bcc47ec36880adb7aad507cfc16e8b1183a97eaf9cead75726998905,2024-11-21T09:22:29.420000 CVE-2024-36668,0,0,3a87360afac87282fb27e838acc233ac62ab016d4e64f8fc859b12806447f414,2024-11-21T09:22:29.663000 CVE-2024-36669,0,0,7e4c58a5f746ee440cfd0fa95a11a78fa29dfb012b4e0c3b475c744251536515,2024-11-21T09:22:29.890000 -CVE-2024-3667,0,0,95038facaebf44ba88112af02d087000789c59a8f1d42bf4acc04c69559009c3,2024-11-21T09:30:08.427000 +CVE-2024-3667,0,1,8f6783992716d7fe1bfd9b5979c26698fbe26da5e192e146e423befb309c1e8d,2025-01-16T15:08:00.773000 CVE-2024-36670,0,0,db0d6a98ecab108ec413c087cccc6f05164e218a0f2543756990c48ab3a32294,2024-11-21T09:22:30.133000 CVE-2024-36671,0,0,45874cc906a5a4dfcf418aee7374dedaee709e20fcc4cd91367e7ed7efb65a57,2024-12-04T17:15:13.437000 CVE-2024-36673,0,0,9ad8efab4ed174c13e8d0b9c9df84bae3a3dff48c6d790752a3604a9bf7ffdf9,2024-11-21T09:22:30.363000 @@ -259647,7 +259647,7 @@ CVE-2024-37106,0,0,638b70645936d5ec0e77ab46522d7cd246fd38e014d5d4e3e616ed5608d48 CVE-2024-37107,0,0,069c02769fd08ae225172448bda7107e1d52220aa13748c11716de1279f85421,2024-11-21T09:23:12.200000 CVE-2024-37108,0,0,2f024bcb96a54633731412d88247412e079b9689105c34038dfb5d7ccf87b351,2024-11-01T20:24:53.730000 CVE-2024-37109,0,0,3799e7ba87e852c2c2b4a1fef2e9b178c2dafe6a5487375c084f87878701a715,2024-11-21T09:23:12.417000 -CVE-2024-3711,0,0,a7e6b823741840341c692127078dbc283d215e056aae50046e729d5c4353da68,2024-11-21T09:30:13.527000 +CVE-2024-3711,0,1,c2d17cd50c4427c6f848d56ac1b6ba5a424fa626a4d9cb3461056fbcd597c4d1,2025-01-16T15:27:04.483000 CVE-2024-37110,0,0,708c6a6d8003878defc0a0583116e4ba4f07d21b3d49b440e77ba59c8a02395f,2024-11-21T09:23:12.553000 CVE-2024-37111,0,0,9e308a0b947161f572c2d141328868028c9c4bb36acc5f4a983360dcee9b9694,2024-11-21T09:23:12.690000 CVE-2024-37112,0,0,e7969edf84b79744cc6d9c440bef3decc4b5df09d75ef9b19d68ee18766138ec,2024-11-21T09:23:12.837000 @@ -265055,7 +265055,7 @@ CVE-2024-44132,0,0,8afd03fa4900bdc815951be587052cdc1902d648f6c0f1c1ad745b8e3479d CVE-2024-44133,0,0,9196ca541ad45474d5d5e36a2a1369fb1dbddc304bb390dd887770a28cf137d9,2024-09-24T18:24:44.733000 CVE-2024-44134,0,0,a1a7565b3d1d747868a47cfe0b90ac2757ca3fe3528c74bc3c5562541c409893,2024-09-24T18:26:26.963000 CVE-2024-44135,0,0,1a66ffb3fced69f7dd0088f00608289a6df8f259d48e72e731b80a9fde46b0b9,2024-09-25T13:28:09.067000 -CVE-2024-44136,0,0,16a63f34167268b1dffcacf255b3c118151d27a439821fc597cf12db499ecd47,2025-01-15T20:15:27.923000 +CVE-2024-44136,0,1,c065c4f10368a56e223cbbba40f78abb8fcfe2ea0dc64cd68efb58d12ea08cdf,2025-01-16T15:15:13.300000 CVE-2024-44137,0,0,d4f6436a74ca2949527dd50649d59762594e5936bfba7a01a6e8b64ce29142e0,2024-10-30T19:35:16.590000 CVE-2024-44139,0,0,227592f6930f5804ef7361e5c64b194003d6a9fbe8100b1944463ea300dd6852,2024-09-24T18:30:34.863000 CVE-2024-44141,0,0,cf418c986171e3bc9f6e94361ae23fe33ff672a5506240ca7f0249f80c1cacd9,2024-12-11T18:29:33.870000 @@ -269645,7 +269645,7 @@ CVE-2024-50945,0,0,14ef0d93349a623489e0d6530b83780997045d4cd58c9c3fe88c9be10df02 CVE-2024-50947,0,0,b5c008650b1de4762f100f17a965e455e14b58a340b5da1077acb62ce0721971,2024-12-05T20:15:22.180000 CVE-2024-50948,0,0,a83a95d033c1f852658f7838a2af99f42aaba2f1b7026fbced6a0131c0382cea,2024-12-04T22:15:22.627000 CVE-2024-5095,0,0,435f4b1943c8e810fb8465989f6b408e8982e554cc5e9afb3bd58dc0f211a716,2024-11-21T09:46:57.340000 -CVE-2024-50953,0,0,e78e5ed48d21734b88dd2f3ff998acd61534810681c3f05e8476952459283a07,2025-01-15T17:15:16.413000 +CVE-2024-50953,0,1,aaae13e550df547900d535976c765e7cfcbd4c5ca420ae827af2927bdbd375a0,2025-01-16T16:15:31.227000 CVE-2024-50954,0,0,477775d2966f5589398f5cc34462d3c653cd70d54eda8068d474e05199a05ce7,2025-01-15T17:15:16.517000 CVE-2024-50955,0,0,b7968787a5cfb7ac17e9f82a1b15116d586dfbbc8f589b423fc4833d2d57ec69,2024-11-21T22:15:09.370000 CVE-2024-50956,0,0,cd8ccb18453c11262209c6e4973c32ca207270a933eedc52f0d4a58126b3fbdd,2024-11-25T20:15:09.383000 @@ -271107,12 +271107,12 @@ CVE-2024-53162,0,0,0b78b6007d139b11ecc836b6ff1b71be5bb131848854d4ea532a04007a3e7 CVE-2024-53163,0,0,2d7b0ced3ccddc7c37dde293df99fb4af798fe72968dd76c7ff711baacfc61b5,2024-12-24T12:15:24.670000 CVE-2024-53164,0,0,ae2c77989297659bea888fe0f75049cc76e1ff4e5da327a92f529457a5afac7f,2025-01-09T16:16:21.297000 CVE-2024-53165,0,0,e6a1f351fbfe914c70c09a7e746830d9511a1ad53e947ab7611b5ac5129a6ca9,2025-01-14T16:12:47.017000 -CVE-2024-53166,0,0,6369240927602b727b37db00a085178ec3b29ff0d3946046726872169e4edda3,2024-12-27T14:15:23.703000 +CVE-2024-53166,0,1,c628933072910e7e7196bce3e07129934c217b090b7be47c828a68f80b5cb4a6,2025-01-16T16:44:19.953000 CVE-2024-53167,0,0,cb8147677dfafa0aff01cf4cd8a22b9d4f82e5ca11b808b017228795731965bc,2024-12-27T14:15:23.820000 CVE-2024-53168,0,0,d0947ca635c162627ffb66382a53e68b2f439f3fee0c80e5710bb47b867d4039,2024-12-27T14:15:23.940000 CVE-2024-53169,0,0,7a8f616983e90fab9da24cf74210604a973474b01aef0abb6badfb91bb61b143,2024-12-27T14:15:24.057000 CVE-2024-5317,0,0,c2af981f2442def6d43cf11dee826712fdb79df4e8b131d1c0815426b050d563,2024-11-21T09:47:25.040000 -CVE-2024-53170,0,0,5a95bf5c259586a867511d37720707e80b478019b09b4d90ff4b0d4ba5c54981,2024-12-27T14:15:24.183000 +CVE-2024-53170,0,1,85a2e597796feb076b40b29e4c6913878c09250e657b3b62c88721a7bc6ee3a2,2025-01-16T16:44:43.607000 CVE-2024-53171,0,0,97dc7f0297125ce36bd0bdfea6ef44176bf31aa252076571054dc75cc3955b98,2025-01-14T16:13:26.853000 CVE-2024-53172,0,0,d7717d3732a5c6ae0f50e9a209269cddb8ae836d114b1f214edb7e15b13bbbcc,2024-12-27T14:15:24.433000 CVE-2024-53173,0,0,4f512bf2cb1d2c632d2e91fde509a29ecae6192e9c1b59f5718c6047d06d1b27,2025-01-14T17:11:09.777000 @@ -271123,14 +271123,14 @@ CVE-2024-53177,0,0,6e4eb608d541c1324f87a43e140e2b82d6924d66d6a13e425b7b12cb70c0a CVE-2024-53178,0,0,e85a20e9deaaca3fba597183ded50fa4eeb1ee318b030a9e6028781d792bddb2,2024-12-27T14:15:25.183000 CVE-2024-53179,0,0,89d734d7ec4c48b1480d485917d8c8ef922fe614c573860b17591237c0dae0f8,2025-01-14T17:18:40.840000 CVE-2024-5318,0,0,87e97b53a33051fc1fa3c078212ad6afb68bf37151bd321e62e233d7b2989703,2024-12-13T17:04:31.133000 -CVE-2024-53180,0,0,b6b06c3d1f43c27f0e44a74a522719556265102130aa9b5248c73fb6799cb529,2024-12-27T14:15:25.410000 +CVE-2024-53180,0,1,dbcd148eb4ee7c09b8edc88493ea339c7cb556753e766db6e76ec0f2696918d2,2025-01-16T16:44:59.437000 CVE-2024-53181,0,0,75b064e17895b9f277789ad64fcd6ed5a3980c88dfbac5e82d8241bbd1116758,2024-12-27T14:15:25.530000 CVE-2024-53182,0,0,276da6acd8b3e7662cb4c37221891d60d43b389e6f704002e7f31e4daedb306f,2024-12-27T14:15:25.643000 CVE-2024-53183,0,0,654d7facdcdf21d8448703d0aca76dbb4f82fcf4dcd5a0bcb5fcec43860cb2c1,2024-12-27T14:15:25.743000 CVE-2024-53184,0,0,2a27b94391b5bbab80d359ad179ae46b2fc322eea3533f3c18f42b154d4e7c8c,2024-12-27T14:15:25.853000 CVE-2024-53185,0,0,dee02c021154469479b441934b7a7238faacb7a5d2e8c305c86f7d889e21f278,2025-01-06T17:17:06.007000 CVE-2024-53186,0,0,82fc68b516e7a1b7c442e2f4d591e8cee78802f9dbd9cbded79fa3b441e96229,2025-01-14T17:20:36.107000 -CVE-2024-53187,0,0,e9ffe4e8a0f7104ac73e1d5043e16d403601f578bb2cc6b891174adf55edbf0e,2024-12-27T14:15:26.190000 +CVE-2024-53187,0,1,02e39f0e5d2678b834e80b6761ca56e59e02097c4fad0dd2dbaa6628b2783722,2025-01-16T16:45:18.850000 CVE-2024-53188,0,0,87bab49dbc3d18e6d91d22cbed039a405ce14263e56845387115216180a2f5b9,2025-01-15T18:36:32.493000 CVE-2024-53189,0,0,7db5b520eec87b3d5cf3a4268bb96f973425e7266589752714a0bff057fca02c,2024-12-27T14:15:26.400000 CVE-2024-53190,0,0,153fa3f9259ec5968429531d7a41d372c24290865137d294e4746b162c77afe4,2024-12-27T14:15:26.530000 @@ -271146,12 +271146,12 @@ CVE-2024-53199,0,0,b7d164e48aa05e3c01fb8207aa331e220207154288cf87cf44ac3ccbb8685 CVE-2024-53200,0,0,382e2ed7c91ff816c9972e95788547d617ab94e25d45361504cd38a28e7c4e1f,2025-01-08T21:29:35.877000 CVE-2024-53201,0,0,c711eb722b8f180d53de7616fe5e83ef81c9c735e27696929f70cbb31bb1797d,2025-01-08T21:26:58.670000 CVE-2024-53202,0,0,6dbe997bc5638474adb0491890778fbeedc8cad0594dca99d0aa34c6acab69cf,2025-01-14T16:23:54.130000 -CVE-2024-53203,0,0,5b84b307ac617b2733d67355e11a8602cacf08603e863af6ef90308e193fa443,2024-12-27T14:15:28.083000 +CVE-2024-53203,0,1,791a7eeb626619c33d4596957213cac188fad415ceec1a95a76db7666e7e0bed,2025-01-16T16:46:16.927000 CVE-2024-53204,0,0,253a86a67cc86d83f5b45b7081fcaef8f54aea697a0bb5732c9f1f31c626c086,2025-01-13T19:51:04.787000 CVE-2024-53205,0,0,aad40af383a0fae2dfd165489485b38af4279f086ab2ffc2acc584ef6f7715e5,2025-01-14T15:51:28.677000 CVE-2024-53206,0,0,eadb2208045bb6f339d44a327e3ae332aa152dd3c8833d2e304357ecc93affeb,2025-01-14T17:20:51.140000 CVE-2024-53207,0,0,eb965d61db6125837dce0de6ef3af14c44ea9331488a35d8508a0d1b2053b009,2025-01-08T21:26:42.470000 -CVE-2024-53208,0,0,63742018889492dd1dd5b9e0af113e5a83b85a62bad173e2517dd29f6597d6c4,2024-12-27T14:15:28.677000 +CVE-2024-53208,0,1,bc7e68ca2f003cd79ddc6d7ce610dc12e11f263a6b66fec26ebcb92d92485dc8,2025-01-16T16:46:38.657000 CVE-2024-53209,0,0,250dcad80d4d09ca7de716f0788117fc7d9f3ac4ecadd8b7cf17ab3f32be6e8c,2024-12-27T14:15:28.793000 CVE-2024-5321,0,0,0f218b8b6fcc3fc0b4ccef7040ede5ee801dc8e00258e6450bd3f123b6e73ca4,2024-11-21T09:47:25.283000 CVE-2024-53210,0,0,edb6f6743b39b3d9aaae84e10ec98f8816051f339f526267a629d8a9b382a055,2025-01-14T15:50:32.413000 @@ -271173,7 +271173,7 @@ CVE-2024-53224,0,0,336b7f256f93ca4c42653234db59c438e5694f32d74f85e7f140e28d6a850 CVE-2024-53225,0,0,54a582b699de817df243bd1fa3b72bd7fcc44132f78acb35cb6f8a61ed85e2ca,2024-12-27T14:15:30.687000 CVE-2024-53226,0,0,4afa77721d61d6f8ca05d58b3da0677231dc8df76dc3e76d4b714129740520ab,2025-01-08T16:40:59.597000 CVE-2024-53227,0,0,3cfddcf37cfa4d816aa5c94570d4d81e51ac8bfc04b57975941cc8761ae080f5,2025-01-10T18:06:07.793000 -CVE-2024-53228,0,0,b1ea1e0d5f0693bcf931d26e972c20e7ef3af5cd7c48fd90aa6b16f88a533676,2024-12-27T14:15:31.057000 +CVE-2024-53228,0,1,adaabed34db3bef03609861d2428b61a3892f73322a1dc360e8e72ae32cc740b,2025-01-16T16:46:54.313000 CVE-2024-53229,0,0,a74230d15d8357e8999d91897a965ebf07017f726c655955763713cfc55a9ac9,2024-12-27T14:15:31.163000 CVE-2024-53230,0,0,2cad7114efa78446c9daac9a30bf07a048559700a8f0753a2a15b37c9e820cbf,2025-01-06T17:19:04.183000 CVE-2024-53231,0,0,d17e3bda80b5a7cf1c8301cfd137a4225331a6dbdf23858cf1d31e5b8b86f0db,2025-01-06T17:19:49.817000 @@ -271345,7 +271345,7 @@ CVE-2024-53682,0,0,8fff7fe6ed56d7be9465617e7f5434428ac8e26e2cf3262f7b6c754f47783 CVE-2024-53685,0,0,68992113a27d5e9eac07bc18b4ba67474d35de3ffa32c10bc10229e9401bd594,2025-01-11T13:15:25.997000 CVE-2024-53687,0,0,db69b3a3aa7d0b6527150d997ca94f951ff7fdd68c92c6f81dd6f27f46185a16,2025-01-11T13:15:26.120000 CVE-2024-53688,0,0,19e807e9f218b9a73099ef1ac03cb800eed5ec697cf2f5b2b26094211e5b9782,2024-12-18T07:15:08.233000 -CVE-2024-53689,0,0,d27d45f206745a3b0c13a83bbd5ecfa4fe3e518aa6ddbf44c097ef0438e36105,2025-01-11T13:15:26.313000 +CVE-2024-53689,0,1,fe9d8a3bf209cb2ad2405bd8604640e12f460f2d15f1045beecc250fa01ee7ab,2025-01-16T16:21:09.993000 CVE-2024-5369,0,0,14abdfed4d5003ff16a96b2708e00658833baa1f8166ee56f5ba2dba896b20f5,2024-11-21T09:47:31.020000 CVE-2024-53690,0,0,95f18b7f80f7b65f49ec8c6ba80e039b538a1b86261631e7cd401a89d8976dc6,2025-01-11T13:15:26.470000 CVE-2024-53691,0,0,09846e368cf7a07a1d919202728e77d0589572ed56c2c2f1bb03db07c3ec7fb0,2024-12-06T17:15:10.520000 @@ -271716,7 +271716,7 @@ CVE-2024-5417,0,0,2c092c55b8a1a8c8890a1e4546beb75d8fbd37f20d02cbd8444692608bc255 CVE-2024-5418,0,0,c3b6dacc234cf8a9c6de6913d07caa1810e24ada600d2b1f8edeb26c6b62184b,2024-11-21T09:47:36.970000 CVE-2024-54181,0,0,45bad33d373e7dca4c705e8d7f190d9cc110f08937ef6a2be63d00cdd251ea54,2024-12-30T14:15:05.867000 CVE-2024-5419,0,0,bf78f58706f13dc16fbd00574fc12a2ad63186889150404f7c80cf6aaa4041da,2024-11-21T09:47:37.083000 -CVE-2024-54191,0,0,271005cfb2e7a4adab33c646edcb7d054749fc0a4ec08505685de109af323c72,2025-01-11T13:15:26.667000 +CVE-2024-54191,0,1,247e99cd867b0b816f93e1330170d487e47438a01b1b24e3eb1ed293d8adb8cf,2025-01-16T16:21:27.237000 CVE-2024-54193,0,0,f4cea4758637cbed747248dd7ad4abdf58c30081d62575de71f8dd6b91bb9c23,2025-01-11T13:15:26.840000 CVE-2024-54197,0,0,603709103f05bc7a97f6cde13218f652b68a22f4a935ac881648bcc5cc0bfd99,2024-12-10T01:15:06.573000 CVE-2024-54198,0,0,91bef3f33cfc40b2dc583ea6ba9db99e021097c6399c70366353fc13f33f4ef0,2024-12-10T01:15:06.713000 @@ -271984,7 +271984,7 @@ CVE-2024-54453,0,0,4b38818ec57830d6d15331deb8fc6306f0e91d48c89fb133c6569d5b7d3ea CVE-2024-54454,0,0,d67e1bf29a3aaa483b825ac163d62022e2785b5de9b64863f3bc27235cd67fc7,2024-12-31T19:15:47.310000 CVE-2024-54455,0,0,7b3e247c6f8ee1ab7e460d8d2f79a861df979228217b3f4fff81a5b338b425f7,2025-01-11T13:15:26.970000 CVE-2024-54457,0,0,da0353a7ec7d859fd477580e7c54e31a24aeea86ab2c2ac2e00b7a1eda59c2cf,2024-12-18T07:15:08.377000 -CVE-2024-54460,0,0,4ac93df62b811ec1eda8d55b6ad4df0cd01ba031f49040b335381137847e470d,2025-01-11T13:15:27.157000 +CVE-2024-54460,0,1,46a2824e2a284b445162d596321895979fee49d319c455c9a3391c11ac25744d,2025-01-16T15:15:42.083000 CVE-2024-54465,0,0,3f87a539a20fcac13fcbeaaced058bbe0bd71776e4b4a361d00304853bb61a99,2024-12-16T18:15:11.023000 CVE-2024-54466,0,0,cde2c633b064403c3330cf4e329fab2afdda24c70189b50f9e401743db80aa51,2024-12-18T17:59:28.667000 CVE-2024-5447,0,0,b60e0535b73a6be4da90a7fc1432b0141afa78596c3a5ade6408fe521639c5d0,2024-11-21T09:47:42.057000 @@ -272032,7 +272032,7 @@ CVE-2024-54531,0,0,4ac4afc6f09e7ffcf7b8ffd70d60f30d481febc6558e33c0b30a021721851 CVE-2024-54534,0,0,0a85dec86735f55fea4f61a67c35ec7283b453bf2b186b2f2a85ccae12df64e3,2024-12-13T19:15:09.890000 CVE-2024-54535,0,0,d2d25f0707ec6464e182c375aa360c23a7e7fe3de2397e55c833d496da5c2b5f,2025-01-15T20:15:28.610000 CVE-2024-54538,0,0,7edb6abe162912ee005c390ccfee8e5c4c4cb96a25890eec5d650424cab9c014,2025-01-06T15:11:09.817000 -CVE-2024-54540,0,0,02ab4a7fb5294cf3a3d27e82d5a580359064e7caf122af5b709e03d96a4b1294,2025-01-15T20:15:28.703000 +CVE-2024-54540,0,1,cec5648fa22fe0cc733814d4be0bb9219cc980c202703a2aa5266fee5fe4c719,2025-01-16T15:15:13.697000 CVE-2024-5455,0,0,bb7f0660a3d41dc609cc2469cc15470bc23e52876e20e5d8aaba4695f97fb58a,2024-11-21T09:47:43.050000 CVE-2024-5456,0,0,3a1546469deeff993eb12e81bd13a91014bb8b4c59bc306c05d9d1bfeb03ccf5,2024-11-21T09:47:43.173000 CVE-2024-5457,0,0,5c67880d08a73805d7cd1c17b384d326fd43c5a8887de09123f9750f9092dc92,2024-11-21T09:47:43.290000 @@ -272054,9 +272054,9 @@ CVE-2024-54676,0,0,fb3c4ede0aedd9596af631f852776fd20d36ab3d96b78174bf9e022e3a61f CVE-2024-54677,0,0,7738db23e6dfe0ca7bf4e6721884297e1312bf0f9f87462addf38007bea25d53,2024-12-18T17:15:14.130000 CVE-2024-54679,0,0,381ad7e6890c67d9b6c47b47a43cd175dd5b1319ea7d6b78a90445a532dafd14,2024-12-06T15:15:09.693000 CVE-2024-5468,0,0,83f1a353a5b95b83c36aafd7fb0e880d8454855ef6bbd816a181cff50dcb4279,2024-11-21T09:47:44.527000 -CVE-2024-54680,0,0,ad61972708bbee5067cb0b02bfec2bac37188f1bcb38ae431510ae7b381f3add,2025-01-11T13:15:27.340000 +CVE-2024-54680,0,1,23c42810796888c623043dfa17bf2c05e67e8cb1f0dd95a5d3bb0378d9b39a60,2025-01-16T15:17:54.520000 CVE-2024-54682,0,0,014e168d2df7708ff5f91a3c7e1142a04001293f3734328797e32d8f370d3481,2024-12-16T08:15:05.513000 -CVE-2024-54683,0,0,df238e349e4378311580023a0609c980670d89d3758a7a6c6e3c8f96b5a489e6,2025-01-11T13:15:27.490000 +CVE-2024-54683,0,1,35ec2d70086ae912ff4eae7d82bb097dcf57dbd99c9eaf862ef970893175a37f,2025-01-16T15:18:09.453000 CVE-2024-54687,0,0,edfa64742c2d4dcf37d41c46572e277e022b38f127cbca49510f62103a2ed788,2025-01-13T20:15:28.927000 CVE-2024-5469,0,0,0593227e51e97383649ced684c68d7aaf013a250af5a8e55d437662843299556,2024-11-21T09:47:44.633000 CVE-2024-5470,0,0,b70339f8a022f56de8d4eb030bd8f5d3563ba0fc9c1634fd55ea697aee92ede9,2024-11-21T09:47:44.787000 @@ -272064,7 +272064,7 @@ CVE-2024-5471,0,0,631b7a50303d6f9a193814092037f29379ca6ca2282e0b67207306f8abcc9b CVE-2024-5472,0,0,5e12957cd076edb077638ab18db3a7202837e8fd64948bba00e3365a85b54117,2024-11-21T09:47:45.027000 CVE-2024-54724,0,0,c0f98e987154c550545f744e0a810dc344baf54de510016645ab4b226bb63a3c,2025-01-09T20:15:38.863000 CVE-2024-5473,0,0,fdd6160c6121db618882f16bfc9c17f8c3a2501715cb9519638ef5a1fcd2441d,2024-11-21T09:47:45.190000 -CVE-2024-54730,0,0,868be997ef4e7186063d1e81524ed5db2556457ccb95669d9760bae1393c806f,2025-01-14T23:15:08.837000 +CVE-2024-54730,0,1,471b31c602099b87a149fd7533fc590197f69b0d46c2a5bfdf4028e1cd74fc27,2025-01-16T16:15:31.407000 CVE-2024-54731,0,0,acd86fbebdd274bead6535bf83cf37467581b483235e177fd7e87a697a25d37c,2025-01-08T05:15:11.810000 CVE-2024-5474,0,0,63893131768de13d83eb37c8075bce21b1c0f49d4d852fdf9f27e69aab8b3e48,2024-11-15T17:00:35.697000 CVE-2024-54745,0,0,fa6c31d7a2d0035c561f7b97850c2a530b0e2e38d0e9249ae4c46e230cdcbc34,2024-12-11T17:15:20.460000 @@ -272316,7 +272316,7 @@ CVE-2024-55638,0,0,27d92259e0a78066bb2529c55e1965f2134ea587303667a5ef98e65040557 CVE-2024-55639,0,0,d8888938126e4da74faedefaa4a3bbb465a3e002a6734fe4824599c8bc95bb7f,2025-01-11T13:15:27.663000 CVE-2024-5564,0,0,3aa73f6c6404c243b9f6f394613afc94e063551efa8746acdefa8554437d3ac7,2024-11-21T09:47:56.340000 CVE-2024-55641,0,0,77d9ffc4c02e5ee034bb45f1260529b5a07f960192ca09455d8126eb71569411,2025-01-11T13:15:27.847000 -CVE-2024-55642,0,0,705214fbd15b79938a0a84950cda3db0eb9f3d98b0ff99d6e7f0069c91bfce62,2025-01-11T13:15:27.990000 +CVE-2024-55642,0,1,bebbffc81c84734ded4e32ee6533cd16dfafb72d8736803a1e0946b43f8a229e,2025-01-16T15:18:22.557000 CVE-2024-5565,0,0,d611550f5bcf5e6c3db2413f5bd8aaf6eb30fde2563331d26a9ad58249b7304a,2024-11-25T13:15:07.310000 CVE-2024-55652,0,0,4e4448d6da8b16d3811a29eb55a690e8e4ef0fe299bd552eafd44d61141bd125,2024-12-12T17:15:11.360000 CVE-2024-55653,0,0,6adab931e15ac490e0ece82122d6e070bb38c705c58b8befc0c0aa90aa8fe483,2024-12-10T23:15:06.410000 @@ -272373,7 +272373,7 @@ CVE-2024-55896,0,0,d7dd07510a57c238a16c0fe0788b36dab26d7ddf0b08fae01a783db92ce18 CVE-2024-55897,0,0,86f551f0669482615238eeaffb68bcc56791f5e1b9341f9faf1df69a0f9917a0,2025-01-03T23:15:08.573000 CVE-2024-5590,0,0,61c18480efc672e6d99b43c679013d2693f79c71f53844282e3c898145206740,2024-11-21T09:47:59.020000 CVE-2024-5591,0,0,5b452d13d5bfa9a2af82af55a6427cebed5363226c02cb0163eff6e664b73ee7,2025-01-03T15:15:10.813000 -CVE-2024-55916,0,0,9872d6f0409f9ff4e328d02ac5245f11d6fb899ab88da03bf403c4e0d625bc2b,2025-01-11T13:15:28.353000 +CVE-2024-55916,0,1,7502995a20458315a9946b04859af6b86781c5ddbc0a9a47dd47bfb5e67dec22,2025-01-16T15:18:39.293000 CVE-2024-55917,0,0,c12e2bbc393b15d20fbce1ec995c8d1d26abb7f3ae27ddc186e402fd7d620706,2024-12-31T17:15:09.140000 CVE-2024-55918,0,0,bbfbb68501d5d412b5390769769529160437a59c66144983bc4b57777cd87c8a,2024-12-17T20:15:23.140000 CVE-2024-55920,0,0,c4ece96596ed348898d2aac430befde9f65c48d134928ac02e77a7521a447158,2025-01-14T20:15:29.613000 @@ -272701,7 +272701,7 @@ CVE-2024-56364,0,0,6115dedb84ebd874c4c0a6694d1fb784d8502b3a627aacf7ea4fc74186ea1 CVE-2024-56365,0,0,90b4a8dc5af5c7417ab38949ac69cca0ac19960bffa66a95ede05bfebd2aecb3,2025-01-03T19:15:12.340000 CVE-2024-56366,0,0,5d5050d19e9512349e99560a15ebd241b3438eb4f271b6e29d9ed63f918d5d01,2025-01-03T19:15:12.443000 CVE-2024-56368,0,0,83130770495e059f53d1ccc77eeeea04285810e00c87d0c45bcc66175a524ebf,2025-01-11T13:15:28.530000 -CVE-2024-56369,0,0,c1e9261ae5b789a6873649b97707862a8b8aa38092e40c703dedc5d515d05eb3,2025-01-11T13:15:28.700000 +CVE-2024-56369,0,1,3c8472717567d8bf18ec0d8e83a626d55afe4bbcb99b2a53e44807eb7ad97aa3,2025-01-16T15:18:59.237000 CVE-2024-5637,0,0,a5e32b0dfdcc3b00fa1c534a6efa8caef39b80f083f1c956c246ad8a83c6df00,2024-11-21T09:48:04.030000 CVE-2024-56372,0,0,63a64a6c0142715c4ddc6ec56300de4db39119137bfcc0781143b559cb029ca1,2025-01-11T13:15:28.873000 CVE-2024-56374,0,0,dd473b9830782ed99c32576b0ba31a9e46a075d2e7f08e30817a3b2e91175648,2025-01-14T19:15:32.510000 @@ -272794,7 +272794,7 @@ CVE-2024-56548,0,0,16645d1541312215a4bf3f6392eb289c3edcde3bcdb0f4b6f92d5230f284c CVE-2024-56549,0,0,9ca11094a73d6c045ef338af0ec9ace139ce3e7651f95f997f30515a9e16b544,2025-01-08T16:43:25.180000 CVE-2024-5655,0,0,0fa4e3b504ccc8e08941dc807198e5a29b07306b6e1d02090b484b1570bb08fd,2024-11-21T09:48:06.140000 CVE-2024-56550,0,0,04d74517c386c38c5a8c7b0e1144163e0e9e19fcfd004bb9db0bb6bb64a064cf,2024-12-27T15:15:13.737000 -CVE-2024-56551,0,0,f283601a0e481f41c645275541605f5f3eda11cfd0c4eb480285490826440c96,2024-12-27T15:15:13.850000 +CVE-2024-56551,0,1,bce57691f638d2c3370d389546aada8142eebcd755f4269819037cb6cf6f26f5,2025-01-16T16:47:11.533000 CVE-2024-56552,0,0,a3c48da8b466f06a1443e801f2355b958e7309a0c2bd86f0bd0c1f10746499ed,2024-12-27T15:15:13.970000 CVE-2024-56553,0,0,d73f092fa407a2c4632c4de0d4d2babdb741c99293b819a91977b3209c030fb6,2025-01-15T18:35:51.337000 CVE-2024-56554,0,0,b884f15c072d7b7c5b8943c20b5c34909d0a5ce11e00a5c8eb41b2581b836fdb,2025-01-14T17:23:07.117000 @@ -272842,10 +272842,10 @@ CVE-2024-56591,0,0,4ba918238e3f95ae969f7fc6eb9deb7c2f61d316c31ff9b582499d3d15ae9 CVE-2024-56592,0,0,da483575f709d66f59d5bd6be0ac7fdbfa2fd5f2d9c42677ad036c85af63cd52,2024-12-27T15:15:18.500000 CVE-2024-56593,0,0,faea6b897ded7b7e0d37e707c5c76f3c41457d87821844a4fda3e915f895b60e,2025-01-08T16:44:02.073000 CVE-2024-56594,0,0,95d37c95ffd3c1047558eb918909503f02d3b31daebb50f3acfd3fcc47e3e7ea,2024-12-27T15:15:18.727000 -CVE-2024-56595,0,0,5c739d39a04368864cbc388d8808a97d325a73a29c39f4cccb5f255c6ed55ba8,2024-12-27T15:15:18.843000 -CVE-2024-56596,0,0,f9a03aa1aa88f972ffe6a55ad6e165129f456075471da9dcb4076a6e6b502209,2024-12-27T15:15:18.963000 +CVE-2024-56595,0,1,088271fb4339e654df716d0a5da6cb435b0b1143ef9707924fd8a548d85bffae,2025-01-16T16:47:27.707000 +CVE-2024-56596,0,1,87e77827d51d47e9212cd4e65eae09e36ec3b291d4aac0bc36c03ae8cf5e2777,2025-01-16T16:12:13.840000 CVE-2024-56597,0,0,347c4891ee178d2857b2a9b9b3a59e9ef73cd9d9644a163cb89f5004d70ba847,2024-12-27T15:15:19.080000 -CVE-2024-56598,0,0,a2176885d0091e4f0f4ccf382f6f43c67f59acd5431ed7d070c60a0e375825cf,2024-12-27T15:15:19.200000 +CVE-2024-56598,0,1,9a62eab20435dcd14201a3b5c1d17b0e8de18887338f8e5393a486cfac3d02f7,2025-01-16T16:12:32.320000 CVE-2024-56599,0,0,a95a82bdcf63c0a92d2e3c23853bd64450d2915701e7e1da99973a296313b4a3,2025-01-09T16:16:22.167000 CVE-2024-5660,0,0,185ada92ecf12140397c738113ef0443174eeeea8f301748716001f7b999562c,2024-12-16T14:15:05.123000 CVE-2024-56600,0,0,e4f955c57e82fa7c241e37482a82a820c77934678e809760cd42cbebd92a3544,2025-01-14T15:17:32.717000 @@ -272864,10 +272864,10 @@ CVE-2024-56611,0,0,0d93be71bfd72357cc54d7ccd72b59dc3ffef4c2b81f6098928deb94ac964 CVE-2024-56612,0,0,f02cb9a5a497bab1cc02d2af39cd52bf8fd6d5468613153d1da2ffcfc44c13d1,2025-01-08T16:44:20.777000 CVE-2024-56613,0,0,bcdd018642860eac1962ebef4d87191542f737182e11f4fd8fcddbe437261a94,2025-01-08T16:51:18.680000 CVE-2024-56614,0,0,68b560d72c5c168c49969c3f70ee5419af628f3dbaae23240c69a99286fc507a,2025-01-08T17:10:39.210000 -CVE-2024-56615,0,0,873a568be01f0549a53bba8981a0b7f3ac107b358e5772ad839fb2e60aa2aabc,2024-12-27T15:15:21.013000 +CVE-2024-56615,0,1,e7026b50af509f50daa9e0921c73948d5f5369b38ea1bd5e176adc80838c8c00,2025-01-16T16:12:58.100000 CVE-2024-56616,0,0,795b955d0869309f1344b85e20fb6f6e035fcf5ca884f2b0d2da2f827cdb4744,2025-01-09T16:16:22.620000 -CVE-2024-56617,0,0,fc087c687b8dff99b58f2939f77fa49bf48a0eeffb6a09b1ad34eb87c4b55aa7,2024-12-27T15:15:21.227000 -CVE-2024-56618,0,0,27c2363f772214d155c7ea30b1bb342f6bb2eb036ac771b2dd810e31d927c144,2024-12-27T15:15:21.337000 +CVE-2024-56617,0,1,0ede6037c7244ffbbde7fb0b0be55151b664fc773feafb1e828ef46f7f02d2bb,2025-01-16T16:13:18.913000 +CVE-2024-56618,0,1,24dc69f5038acb81c0d43fb548859cb5ae4a1aa14085271e2faac58cde3bf439,2025-01-16T16:13:52.180000 CVE-2024-56619,0,0,b0c2a960644b177041a995fd8f73f350348bd550dc63bd05c80f5fc52f6df6b2,2024-12-27T15:15:21.437000 CVE-2024-5662,0,0,a32230f368c985ce000177685318420ae12365dafb7b142a133da07f0e3fd986,2024-11-21T09:48:06.860000 CVE-2024-56620,0,0,62b2b96faf1f60cd015b681859229c54b1fe9ce3304d6f6d4b7456590dbf38dd,2025-01-08T16:09:56.403000 @@ -272876,8 +272876,8 @@ CVE-2024-56622,0,0,90dd041f66ad97c8c7e4424d08636d2738bbe8a14292241e2b0155ecb704e CVE-2024-56623,0,0,0e93d745489795428a20c54b35ad52e910e61dcb2158be56884d826399a6b1a3,2025-01-08T21:41:01.397000 CVE-2024-56624,0,0,88799a063f0b005c3843d9067ee2b8e4d19fb1fd500724d525e887a886596206,2024-12-27T15:15:21.933000 CVE-2024-56625,0,0,01037372e944818596a9b7f73f6b5c3b9ecad55d8f3378e4d833626252bed489,2024-12-27T15:15:22.033000 -CVE-2024-56626,0,0,0c0fd28fcd34d77d00913b19bdbc85f3f571ce5fc13addf9633f2b54a392192b,2025-01-09T16:16:22.770000 -CVE-2024-56627,0,0,06de92e0b7d50e2cbff9389c0c16e9faaeba64c052d9dee12d2e94a5e4352eed,2025-01-09T16:16:22.907000 +CVE-2024-56626,0,1,d4500ca38a8345814277a2086bba9b42de76652347297780d5ed6db58371e834,2025-01-16T16:18:20.643000 +CVE-2024-56627,0,1,f0c269d347c9db3686c75f4a11ad453960c3762a02468ed241c768f1364df665,2025-01-16T16:18:48.093000 CVE-2024-56628,0,0,d4522d2b8c88fd491d5e221aac0e8a6cb75c6500e0513d30049fbc40976e5500,2024-12-27T15:15:22.357000 CVE-2024-56629,0,0,2adf9597f8fc5747bd12d9ebb00c1f97031334f9c2692b82554ebc40960a1dd4,2025-01-15T18:34:19.937000 CVE-2024-5663,0,0,3d93cfa6260123c05a0fe5dd837778ab353045f85b9b96941dd647b061b7390d,2024-11-21T09:48:06.970000 @@ -272948,7 +272948,7 @@ CVE-2024-56689,0,0,3e1c60c8f3537281f621c8c40f5cabe14289ecb4136001aa4f875d9e5224c CVE-2024-5669,0,0,9cd51c21a0e40ca0880591ec94cc1c064da62242943ba53e10301d0eb8bfe684,2024-11-21T09:48:07.570000 CVE-2024-56690,0,0,2a72c8e6571a5a1d0298311d84636f71e3ae4d29693e80187270d779ac92c120,2024-12-28T10:15:13.537000 CVE-2024-56691,0,0,62c59d5d1a3d371802a9cee1fb0752a9e914735965be638d034aafb90a06960b,2024-12-28T10:15:14.027000 -CVE-2024-56692,0,0,5c33e737c3bcad090ff32f8b13c5bd44758834f65a74f4fa5cab1bf99e0f55b2,2024-12-28T10:15:14.490000 +CVE-2024-56692,0,1,ace0c927c4a341e1aaf5f28ce5750c7447fae74ffcb794dd6309f417fa7701eb,2025-01-16T16:20:06.443000 CVE-2024-56693,0,0,5d463ee65304d8347500c614a6927974a7b867229756c573966b39df25e26e7c,2024-12-28T10:15:14.833000 CVE-2024-56694,0,0,e02696a2af0f8832f551be07eb9f65e5e2b65973a286b33cb8ac8725e89835c5,2025-01-09T16:16:23.053000 CVE-2024-56695,0,0,1049a7ea492b9a468c5631b60a8b10497c8017b3b7122fffb0b919ea0dbcafe0,2024-12-28T10:15:15.533000 @@ -273085,19 +273085,19 @@ CVE-2024-5698,0,0,f82f3ede8f3a0f37db39e7c1594784573d509729718d4233e67322de039466 CVE-2024-5699,0,0,1f6b745154d0c66e136c94c9cf6848fa0ef03de7ad43314ef7aabc398131e7bc,2024-11-21T09:48:11.727000 CVE-2024-5700,0,0,03b60b2b2d02d40bfad068e0335a335857a618ee5b010c631028ca7b55a329d1,2024-11-21T09:48:11.903000 CVE-2024-5701,0,0,9915dfee3e359182f9adc135791d10f705664babe0d2fafe943bf47d66747252,2024-11-21T09:48:12.093000 -CVE-2024-57011,0,0,8e338b651a3bda97fad657bb48d2a565138a1009cfd2b601b6bb1a72fc6d3d6e,2025-01-15T17:15:17.013000 -CVE-2024-57012,0,0,929e41a01321e49fade4e51ed0679cb42e1661c60bb7e4b6956edeea4cbeec99,2025-01-15T17:15:17.113000 -CVE-2024-57013,0,0,3b1f755b06000c5614e65f8014716f317fb5942489664c9229b477bda0b781d5,2025-01-15T17:15:17.213000 -CVE-2024-57014,0,0,8302caea82f6066fe0548de7d829307f7956d4d2b48de9fa7562e687918443f5,2025-01-15T17:15:17.307000 -CVE-2024-57015,0,0,ffecbe4ffaaeea5b153675e2454d1ff7c515ec91195208feaae4a969857d47a7,2025-01-15T17:15:17.403000 -CVE-2024-57016,0,0,98164a545b12073f672d3beeaa595046e9bb5e30f0b80e32d4f6f0658c851291,2025-01-15T17:15:17.500000 -CVE-2024-57017,0,0,de9ad2f9c140057f8582d6b77933ac72e2c2119f0394fe684203577dfef06830,2025-01-15T17:15:17.597000 -CVE-2024-57018,0,0,c279128ed56300459a593c65bdf3bf78efd1697df778c1b1a06f000d0310dcbe,2025-01-15T17:15:17.693000 -CVE-2024-57019,0,0,7b5ce0c674ad0d1b97e32fa3e139ec29c2400cc2604341aadfeb3e33c40b84af,2025-01-15T17:15:17.797000 +CVE-2024-57011,0,1,d1476644cb4bcd610ae648ea949af3e6148b26da86f441d5f343b688eab16c90,2025-01-16T15:15:13.873000 +CVE-2024-57012,0,1,13e5481fd78e657548144b0d919ac4d11f34e8d265937bb48823736c30728a08,2025-01-16T15:15:14.090000 +CVE-2024-57013,0,1,d77a4a351623c21a06669fcf64e7e97cbb6b216e887201f50bb06a02c22190cd,2025-01-16T15:15:14.300000 +CVE-2024-57014,0,1,a1fc97d9ae72842a0c727b87df797a2d7d21b1fd9932a63a89b4a841cfd4be90,2025-01-16T15:15:14.527000 +CVE-2024-57015,0,1,cd7c8e7ea712a3387f47cf24a00fe02718192ca7816cdbccdc136e5ab816cfd9,2025-01-16T15:15:14.733000 +CVE-2024-57016,0,1,5b2dd69829de654783b8bb69f4080488fafa0a6c45a5e5e9cb5908332c9b4d6c,2025-01-16T15:15:14.937000 +CVE-2024-57017,0,1,751c0ff2478ed663bfc97b847cf7f14abf9c905dd4a4d35b46449d88b4563fd4,2025-01-16T16:15:31.640000 +CVE-2024-57018,0,1,7219effc5e4142e152c14b5f1ae3ea1f8f778e3e6753153f316c12a0333836f4,2025-01-16T16:15:31.823000 +CVE-2024-57019,0,1,bf114575bad0a1da693dd95f2db3a0cf75ffbbfdda67be33f2137056cefa3b51,2025-01-16T16:15:31.993000 CVE-2024-5702,0,0,0475f3c0e898a1e0fb13fcae8449da95e6752ec9b4d015e07dac4bfa56be1ef3,2024-11-21T09:48:12.273000 -CVE-2024-57020,0,0,80d431a102606a6cc8112245359c5e7812914b2658e35b0db19fff61fcc1e65f,2025-01-15T17:15:17.890000 -CVE-2024-57021,0,0,1801a8e122bdc8f5ad9c4f99e79a239f82e66923fb0aabe27082b626c4da9fac,2025-01-15T17:15:17.987000 -CVE-2024-57022,0,0,4abe6cde2ce860a7c8f002f8f6305ef775d895233a187ff446e1c30a18d91990,2025-01-15T17:15:18.083000 +CVE-2024-57020,0,1,f9f2e4ba1acd5b558c2383863a5eaf45e367b57cc13a3e12d0e64326ef8ed288,2025-01-16T16:15:32.180000 +CVE-2024-57021,0,1,172766e90f4b1ed59117cb0559fe32c16040ed08dfdaad03fec73582c1832139,2025-01-16T16:15:32.353000 +CVE-2024-57022,0,1,df56a6a73cef79b540d7350326eef1dc5570f342f4360a1325a7defbb2c28668,2025-01-16T16:15:32.530000 CVE-2024-57023,0,0,d41df66e12ee48dea9911b68b69fd3e2dd6413bff89fbe7d5f003eb0363c9a7d,2025-01-15T17:15:18.183000 CVE-2024-57024,0,0,1beec8a751780ae175322494ef7070044d054f1fa5e0ef48a3b87e0391061ef3,2025-01-15T17:15:18.280000 CVE-2024-57025,0,0,ffe0150ee7bafc58fb550b4d8a1a7a0168a0884a7f8c6275ccd41663b84022f7,2025-01-15T17:15:18.377000 @@ -273111,7 +273111,11 @@ CVE-2024-5712,0,0,d9053a973766129971458824397812ec1e4acf4c6e0c33b032abc440bd305a CVE-2024-5713,0,0,3391d5de33d01a2f3feb723b6a12c2cc29413174b2bdbe5c4e85347aebdc9be5,2024-11-21T09:48:13.273000 CVE-2024-5714,0,0,849fc94b6902757fdfdae1f78ce00df63ab2c5ba63744e880696de74b0f190ce,2024-11-21T09:48:13.440000 CVE-2024-5715,0,0,8c569768d6a890bf6135b49c7618937c530109ec67dd48fa94109e61c60d211f,2024-11-21T09:48:13.567000 +CVE-2024-57159,1,1,15583a75064e55d87bf75fed70e73d79d360d20391d0e99a0f639f7334a5140e,2025-01-16T16:15:32.700000 CVE-2024-5716,0,0,3d427df7306e5a73dc01967e843a1c8b689a272b3aba62391281a97b5c9d3d70,2024-11-22T20:15:10.100000 +CVE-2024-57160,1,1,cfd418c2294a4aad4ffaf0f6e6c02c6c9c462f90fd047701ea5321fce5ab1453,2025-01-16T16:15:32.817000 +CVE-2024-57161,1,1,7d001b6ede91e7126dba3cd73d4b23f42855fc1336561bd2cb109c174d7ee6df,2025-01-16T16:15:32.937000 +CVE-2024-57162,1,1,b1e0cf18e266cbe55d44930aeeee1d897cfa1bcb86f690acd1626cef8a0545f2,2025-01-16T16:15:33.063000 CVE-2024-5717,0,0,fb2d4ea07d345b00fdb2b42ddabd6660deece1c7e8bb1f887295d0c9d91575e3,2024-11-22T20:15:10.227000 CVE-2024-5718,0,0,5319c47b63a6835fedbdcd43dc1fd8b869ba81977081921f790378b370cee719,2024-11-22T20:15:10.340000 CVE-2024-5719,0,0,3d2db656c5d1f0a79b62bae36bd1cd10161f3160ac0d855266c2bbd4d021243f,2024-11-22T20:15:10.450000 @@ -273152,11 +273156,11 @@ CVE-2024-5744,0,0,f08529b05aa9992ca46f071419027f83a7c3d97cd6c27e854ef9ed714ed839 CVE-2024-5745,0,0,f5c2e0226ff1c47168df0c237981cdbe9e1838dc0b6144c20848884be5dc91bf,2024-11-21T09:48:16.423000 CVE-2024-5746,0,0,983f92b35d2851c40a6d833edd298ce544be182f3cbb073e4d5723a172283607,2024-11-21T09:48:16.580000 CVE-2024-57471,0,0,145fbc3b96e42a3173f3b55f1aad8841303816fe57dc70045a074e6b22fc6982,2025-01-14T22:15:28.250000 -CVE-2024-57473,0,0,301ac8f59cbb3b4d0ab814982dba58bd9ae9140719e1192f5240f523d3614ecf,2025-01-14T23:15:08.953000 -CVE-2024-57479,0,0,b3e56ec6d27d2801a0f799ec1f97a13c2c7c2d80bcc3c4facbc378271e29acd3,2025-01-14T22:15:28.377000 -CVE-2024-57480,0,0,2c2ae3fcb1650c02201c3365696d9c8424a82ff9ba4db145608db30338566765,2025-01-14T22:15:28.510000 +CVE-2024-57473,0,1,4a06c351ec4197093875235f4e4e13625d8ca2f2c014e27311d357d6ec947011,2025-01-16T16:15:33.183000 +CVE-2024-57479,0,1,6416e6efdf0ec6f7279b069a88a5f2d939db89704d80d9b571b5e5c8307ef185,2025-01-16T16:15:33.360000 +CVE-2024-57480,0,1,ae550c150edeff2d75d93b8c880b84ac2ff14590c3607fa6a41f8d09d7155b8f,2025-01-16T16:15:33.530000 CVE-2024-57482,0,0,e55bc843860f398351ad31fd6ef63a269964fccfafe0015a0cd579c60f5d74e7,2025-01-14T22:15:28.627000 -CVE-2024-57483,0,0,251c9fee8d2754332cb9ffaa81c9c107412339afb329346627b5e1cafdb0f93a,2025-01-14T23:15:09.060000 +CVE-2024-57483,0,1,aa52744906feba9d896ee7890e1fb7bf22df892381b4c0db41db475d58b23bd8,2025-01-16T16:15:33.710000 CVE-2024-57487,0,0,0807b290efd6cc8f6e7e6b31de66036ade21e0044433af00698c818fcbb278ba,2025-01-13T20:15:29.090000 CVE-2024-57488,0,0,d19c2052fbaefedd169eceeb76f3704e3b884097b8c5ff84fd1ae0a72fa1e299,2025-01-13T20:15:29.240000 CVE-2024-5749,0,0,36203d1040051e343d9d050a3c2e3f863a807627eb7d14e1470ca394531f4751,2024-10-16T16:38:43.170000 @@ -273171,6 +273175,7 @@ CVE-2024-5758,0,0,c078716fbf80b259c8ceac06415d3d039d4ef773f8ae701649c6b0b1483ee9 CVE-2024-5759,0,0,7a62530c172037696b680530af67b7622649644977afb4734ee0d6d8975bff51,2024-11-21T09:48:17.467000 CVE-2024-5760,0,0,fdcabe1f95ff5e6dbce832204c1f64827ff6fe6277e57163fb295e96d7b29093,2024-09-13T16:28:43.077000 CVE-2024-5761,0,0,1fdad964c86313b412878f67fac5999c9a1ea015b844614bc58b000414661a53,2024-06-07T19:15:24.467000 +CVE-2024-57611,1,1,6fae1f378c2de7211d8601642d793b718892b838d45e3641195667b838c7ac2a,2025-01-16T16:15:33.893000 CVE-2024-57615,0,0,3b154d15d9d342606b70482eb9cc2d6a4cc130a8065aa7d0da89540a1bd1ede9,2025-01-14T01:15:09.833000 CVE-2024-57616,0,0,7470c60d8605d9c063b37e649a0109bc38842816df47856772ca2131f8a175f6,2025-01-14T01:15:09.947000 CVE-2024-57617,0,0,216302b4e1a3d5a8c021085fb6cfebcd9359b852e85ad845706a7528c42cb425,2025-01-14T01:15:10.060000 @@ -273202,7 +273207,7 @@ CVE-2024-5764,0,0,b7612214e0b4c36a7adafd04d08b4fff0bd1bfea33c567d6f09d0bd1359046 CVE-2024-57640,0,0,823f369a4e2512904de0df496d9844ebefb1caff102a1b29f5249371b8eb5e9b,2025-01-15T16:15:30.570000 CVE-2024-57641,0,0,6e122f8000b5036a35ba9684cd03b685662827038107eaaf29a6c154497ed980,2025-01-15T16:15:30.750000 CVE-2024-57642,0,0,5d41527b8eba6a05efbeb7957f944b909619e65db0c2a503a1ffa7feaae96b0d,2025-01-14T01:15:12.873000 -CVE-2024-57643,0,0,ef17b3970caa8916968622e34ddc0ab66c3e3d55be5f34b6d989cecfe8e3376d,2025-01-14T01:15:12.980000 +CVE-2024-57643,0,1,ba698b452eaa8706043a8e92fd8ea179cc020ce88d0d466280f0183a4e4e911c,2025-01-16T16:15:34.030000 CVE-2024-57644,0,0,914574fe0b7a114777c2567fd96e73785d33e0046c4e449438fad7358a5594a5,2025-01-15T16:15:30.943000 CVE-2024-57645,0,0,e6113a0ab42f5baeb6ef1e12e65104eacf5948c5f09dd54b54f3011c787894d1,2025-01-15T16:15:31.120000 CVE-2024-57646,0,0,c296ef72c3c2135d014b6d1d2cac1bac339d2bfb5cc198d7a150d1c1c33b4f3b,2025-01-15T16:15:31.293000 @@ -273215,13 +273220,13 @@ CVE-2024-57651,0,0,5e8dc54af74efb76238cdd0ddf66365828c5c6ae77832d24a8a6fc6b71203 CVE-2024-57652,0,0,d73e7be12017c8f1cd68a94beba6a947fa401580f763e064115069718c3a2579,2025-01-15T15:15:13.130000 CVE-2024-57653,0,0,f0844ba7fc5fe95e0da3ff7a326d26b9ddffb3823051fc053b91d42777536052,2025-01-15T15:15:13.280000 CVE-2024-57654,0,0,1f36c570d3c73ce0b10c8e01c3bdd9d98940d2fa1bf0651ab84ccddd6ae64969,2025-01-14T17:15:20.233000 -CVE-2024-57655,0,0,691ee1a91270f5c6488159d29edd9e7715d5dcf1ab727d51ea7d9037105efc78,2025-01-14T01:15:14.317000 -CVE-2024-57656,0,0,ae1b961019dc04a8fa9c8dd41e519506398d64936121827adc62d40a86c10b54,2025-01-14T01:15:14.417000 -CVE-2024-57657,0,0,fadf39ea1eb461a548ec7002540c8ab052de8dca2850c6471a19f65e887e7c7f,2025-01-14T01:15:14.530000 -CVE-2024-57658,0,0,fc4d4312db6af4e1791edf3ebaa822e9d21c40fe7ce7a23fa6eea77c9693415e,2025-01-14T01:15:14.650000 +CVE-2024-57655,0,1,6ae80ede19f84bfc2d837a6696f1a2dc10564bd3b6fca17e0cef6270b9ace48e,2025-01-16T16:15:34.243000 +CVE-2024-57656,0,1,a6ec84858b960f44a1db9ea182c5a6a8e009fc3bb4ad680569afeb4b39021c63,2025-01-16T16:15:34.417000 +CVE-2024-57657,0,1,a27eb7c740910d603d2da6e8216356c55267a515c0c0f5f41ecaab0db65288db,2025-01-16T16:15:34.600000 +CVE-2024-57658,0,1,7ba79731ac6516d08c5b7a7d567ffa13c8af56b1cb49724aebc5463b51ea08b5,2025-01-16T16:15:34.770000 CVE-2024-57659,0,0,f32b1ab826823776ca0c8a17c8694a17edb2ecd676fd6e2f2814340b2ca52fc0,2025-01-15T15:15:13.450000 CVE-2024-5766,0,0,cdfccc92ec2c159269346acd4c1a0ac28434fd31fc36fe70d66da845920ad03f,2024-11-21T09:48:18.263000 -CVE-2024-57660,0,0,cbbb826cafb01263df1610c8fc40d471e3aeca339a1d20617568439d516efc65,2025-01-14T01:15:14.860000 +CVE-2024-57660,0,1,c7c5b4211c716ae36757bbc03c5947aebf289f8ce358d716e4b1fe5714c0608c,2025-01-16T16:15:34.947000 CVE-2024-57661,0,0,e8f5225c0a5f8c30ef676d9af05bfb14131ce33fccc8e1730da1ca222cad480e,2025-01-14T16:15:34.240000 CVE-2024-57662,0,0,82223b4f40f12b96f5423e36ea8f649d2dfea4cbf0a26f28016781049d041217,2025-01-14T01:15:15.087000 CVE-2024-57663,0,0,10f1486df8c3f5a82c4f86c80f328ec8760cb83f380bd29bfd86da9af10ac259,2025-01-14T01:15:15.187000 @@ -273258,7 +273263,7 @@ CVE-2024-57792,0,0,6e269b164ed4b92d7ee67a16ce4bb2b798116be1f2f74c49e5fe7106cf774 CVE-2024-57793,0,0,ddff963b18d692955008250e9218f73e3d5ef63f700adbda8c83ad04b140649d,2025-01-11T13:15:29.593000 CVE-2024-57795,0,0,c2a5063c8f1801ea9df88f89cc652569c28f5949d414c2d9e0f838251918046f,2025-01-15T13:15:11.563000 CVE-2024-57798,0,0,c0ed58e8d48adaf3dc7d7b1d21c34c9a829d25d23c734c3cd4da62041dc5e18f,2025-01-11T13:15:29.743000 -CVE-2024-57799,0,0,806bc1a2725b73c5cb209c3231145868e8823776f6ca2780abd38b713e26a618,2025-01-11T13:15:29.910000 +CVE-2024-57799,0,1,629fd8bffc1c970081661553b3588a57b03911cce9c0036c62f31188e3006930,2025-01-16T15:19:18.117000 CVE-2024-5780,0,0,8f257920278f73ebde8da2f9da9c11fb9d019685aae47ae6d2026dc053194989,2024-06-12T08:15:51.300000 CVE-2024-57800,0,0,c5c42b2c1b3842383a35b5f8d69b8ba4f954a1a479092b7d8b0ba19a17185b1c,2025-01-11T13:15:30.073000 CVE-2024-57801,0,0,b678c653b3040716f0728d34f9877080bb6c97565222e300a13b3753b95364f6,2025-01-15T13:15:11.713000 @@ -273266,7 +273271,7 @@ CVE-2024-57802,0,0,60e12d524b3841786218547e3064394971f60c328ca3e8a023f3f8608fd7d CVE-2024-57804,0,0,03a655c7bbcb3c9fd29c388335cd9c43ce0dad312096483bb7f62c252b182ba1,2025-01-11T13:15:30.233000 CVE-2024-57805,0,0,c0fa1218e16605062717599d97c87173c53c7e6ec913d615ebb3e2b0e18c8587,2025-01-11T13:15:30.420000 CVE-2024-57806,0,0,019cc1f303b977f37ee697aea77eacdcb7c64dccefa2a11f2e9b2f2ac1ba30eb,2025-01-11T13:15:30.597000 -CVE-2024-57807,0,0,3fc22681d87d16c2f19292446ad4881acc5df9d656db30c12de7c2ccac921519,2025-01-11T13:15:30.790000 +CVE-2024-57807,0,1,7c167a71bf4213c73b2f4023fdde2c2f3e50104e65076319414a8227aa52f9f3,2025-01-16T15:19:34.147000 CVE-2024-57809,0,0,de2e3d10a38eb17297e0b63db428739f373043b7a0a3a88c9dcbf5bb2a5c6fb9,2025-01-11T14:15:25.080000 CVE-2024-5781,0,0,69395241527fa89308022b467956bfc8d570e92d8c337ad970260c71cef498ec,2024-06-12T08:15:51.363000 CVE-2024-57811,0,0,25a07d52d3f573a20e55639de1f885338ba67f14e6b934637fad768d698acfee,2025-01-13T22:15:14.597000 @@ -273286,7 +273291,7 @@ CVE-2024-57850,0,0,9a81fc0a298973cadd8035bd9ef5a52d4350cca966d13539c02d81dbf6614 CVE-2024-57857,0,0,87a69076e18c898d29feb4f9ba18aaf14bdd5b721cb93d3f817a29d27d67e0d8,2025-01-15T13:15:12.403000 CVE-2024-5786,0,0,8f234ab6daf42312db402cec6a9780e6a0a03ed9070824749daf6f62affc4884,2024-11-21T09:48:19.897000 CVE-2024-5787,0,0,1d58b2484cfc2497ce3be8bc315153e4937b24852bc87d95aee088e2aedc7438,2024-11-21T09:48:20.010000 -CVE-2024-57872,0,0,eb74c3e83416c6f9d2d05799bff7f272badc720745295a18772702d9456c9170,2025-01-11T15:15:07.560000 +CVE-2024-57872,0,1,c3ffa0e155e2ac44fac8a82673746753e090198753fbd02da0ed8386c1ecfa6e,2025-01-16T15:19:51.637000 CVE-2024-57874,0,0,fb7bf8e334f98602ef537ee1fff4a394e3778274e92bdaf9be82f3357123b9e3,2025-01-11T15:15:07.680000 CVE-2024-57875,0,0,f3dcb83145c83305accff33176d8c6888ebdc6e8e8dd674dec8648327cacf2fa,2025-01-11T15:15:07.803000 CVE-2024-57876,0,0,17df6ee7b8eefc67d5b8d8002ec729347e35d22e1eb6f1ad8cf3fc55eb250f8a,2025-01-11T15:15:07.930000 @@ -273295,7 +273300,7 @@ CVE-2024-57878,0,0,fe97f3ee2690c7f72f90773e6d1b82389119debe0cbd7bd628845864a7ea5 CVE-2024-57879,0,0,feb067f3861c707c292881016bf990e111102c27bae99249c671b639a4c0298c,2025-01-11T15:15:08.317000 CVE-2024-5788,0,0,26eba16faf8bba170e4c4924cd3861a76450b8d63d3d592b315f9dc173dd2a7c,2024-11-21T09:48:20.137000 CVE-2024-57880,0,0,f940af194262151ac7da7d4cb3e1ddf4b34bcf4a3d024e7fca35a39078d977cf,2025-01-11T15:15:08.440000 -CVE-2024-57881,0,0,b8bec70ff711b577966b6caa009bd593813ec4cd360ee66163b5df240bb10d63,2025-01-11T16:15:24.307000 +CVE-2024-57881,0,1,6354b126b83992bf0d04724a87e51050df036e4588251687e71e2b731ced1e07,2025-01-16T15:20:10.900000 CVE-2024-57882,0,0,418a40aa76f79445d7b2a146f6ad30da79438bc996c185e0e91d4d5dc424cf5c,2025-01-15T13:15:12.510000 CVE-2024-57883,0,0,3c736ea91c8242cb5145115f1d11b61e7fbe5f7a6203b23c80176a525b4c82ac,2025-01-15T13:15:12.637000 CVE-2024-57884,0,0,ed30abf4c955d47564886e0a04d265af02e2566356eff3e6b149390a84ed401b,2025-01-15T13:15:12.757000 @@ -273333,7 +273338,7 @@ CVE-2024-5802,0,0,19fff604014c9cef9e0f8bc6a62b84f7523f1797653eafe6700c36b3d03bd7 CVE-2024-5803,0,0,9f82593b4c57457c96daef99978d68eaca19c8db6ce80dfb437501b3b95974d3,2024-10-04T13:50:43.727000 CVE-2024-5804,0,0,2f00fd3e9947e9e26596c3d44370745abf63c8732a08c44c5ab0acfd9a8ea957,2024-11-21T09:48:21.677000 CVE-2024-5805,0,0,fce2cd9169116102e5375089f5975fe2795253d6c4b763ab35cc7d32ac26b7a6,2024-11-21T09:48:21.803000 -CVE-2024-5806,0,0,0a8941bef6d2332e6925c1864657025063eca654088d0924f290bd795ad6ca60,2024-11-21T09:48:21.940000 +CVE-2024-5806,0,1,5ac9637d8c764ba881b38672e3b3265f75ae0c44c191480b6554928fc9eb1283,2025-01-16T16:57:19.660000 CVE-2024-5807,0,0,bcd7f1773756c308216942ed74fe8b63dad936ebebf2c4e22c08a44714f2e7fd,2024-11-21T09:48:22.057000 CVE-2024-5808,0,0,8544bff4c0ab9040235b040d590c0013468843f3e678f1770e3c92d0e5bbd73b,2024-11-21T09:48:22.213000 CVE-2024-5809,0,0,d3a3cb96d02b3d9c2efd17f0531d777c80fde692d386c7f6a56c47f2ca5601d8,2024-11-21T09:48:22.387000 @@ -273933,7 +273938,7 @@ CVE-2024-6450,0,0,129d871814629a7cddb324339637df447e68f40bc0723fa290d8da0a080a2b CVE-2024-6451,0,0,ad4b1e274cf5e55616c2825e0b1216e616baac97399f5ecbf3d9a45ca112bda2,2024-08-19T17:35:23.417000 CVE-2024-6452,0,0,e24656c32ccbd8968b6aac97aee47a86148f9ee0a50ec2b3c04bd84f0156f473,2024-11-21T09:49:40.920000 CVE-2024-6453,0,0,57a9df5f41ae7388668d8ec6040750362fe611e9b50665bc5d80f3861222e581,2024-11-21T09:49:41.063000 -CVE-2024-6455,0,0,5964ec257efc6f1e9f93983137d600c8d264e4ec03f91fb8d7da9cd02ece2a69,2024-11-21T09:49:41.223000 +CVE-2024-6455,0,1,3290b0ab46bb396e0c01d851b26f3b36e4ab705134f12ff3cb4518aafe9833ed,2025-01-16T15:06:56.973000 CVE-2024-6456,0,0,b01715bddc5940978540d9848d20c3e52a2d359587b604967ff013be610ed6e1,2024-08-19T13:00:23.117000 CVE-2024-6457,0,0,9fd7207180c09f39d2da8b48b95fa822cfa4ef21e4a0f2e04ef9fa9c667cf66b,2024-11-21T09:49:41.470000 CVE-2024-6458,0,0,858f6ace8391e1cf19a4a6a250b02f5c9589f8ce11554d6251524a25fae04099,2024-11-21T09:49:41.607000 @@ -276025,7 +276030,7 @@ CVE-2024-8897,0,0,0fdfc9f71cfefedb0c7a5c55250fccd8899f2bafda1fe770d540ced5f92374 CVE-2024-8899,0,0,d4d2e6da4e618e821cb5129e519082f71d663f816a3adbdb6b5ea787e5713422,2025-01-09T20:28:09.003000 CVE-2024-8900,0,0,d3f4089befe66027b0f1c31c786919fba68b80f7363185072eb03d6b6da1b262,2024-10-30T15:35:26.207000 CVE-2024-8901,0,0,16179fb8da6b3691e42eb050c6acdbb5e9f1051b767f4e4a93bcfac530038965,2024-10-23T21:15:14.950000 -CVE-2024-8902,0,0,562a2a8b6b19d45ced54e0584113549612b1e122270fd069c6c63552fab4593c,2024-10-15T12:57:46.880000 +CVE-2024-8902,0,1,c8b7e316edeae342d2f2134ae93f92bf3de3ed0d6281d19517a393df01751e61,2025-01-16T15:23:21.513000 CVE-2024-8903,0,0,d77424f8f0e77666574fc785d3fa32d82e1fb3930db964a4acb479d703a0b410,2024-09-26T13:32:55.343000 CVE-2024-8904,0,0,230a3c4bc4a2b98c5279b4e2562edca77461165447fdb40a76515a2bbde02e41,2025-01-02T17:34:12.570000 CVE-2024-8905,0,0,9dd464b1263cb58eb9a04bacf3bec96ac31555806b4cfda8053df5a9abab713d,2025-01-02T17:33:01.020000 @@ -277072,9 +277077,9 @@ CVE-2025-0462,0,0,91ebd265d9f4b4a8609372c2b8ed60c3013eb48b8066da851324b4541dfdb7 CVE-2025-0463,0,0,042529bee5619cab4c0caec0903541a1e907aaf00516bec15ac9a74d5f64267d,2025-01-14T17:15:21.210000 CVE-2025-0464,0,0,80c2bc95d50c713972edec6dc7d153c62488d8880041d16d73f1c9db54dac997,2025-01-14T17:15:21.387000 CVE-2025-0465,0,0,6bbd81e7422bebba96c70ce0da9cdbb0423e61273c917a50ebc77b69676af96e,2025-01-14T18:15:29.883000 -CVE-2025-0471,1,1,5f089d238aa93eb77e7a83ddaf8879744fa24cef05bb2da4c110089af4cde236,2025-01-16T13:15:06.973000 -CVE-2025-0472,1,1,59a6947073fccbb91de356be2d0ce5c4b81cc89c211292ee828d31d3d865d81f,2025-01-16T13:15:07.353000 -CVE-2025-0473,1,1,673552e9170396a25fe05497fb932e4bf5857a3a0b866ac4bee1f09976cea019,2025-01-16T13:15:07.540000 +CVE-2025-0471,0,0,5f089d238aa93eb77e7a83ddaf8879744fa24cef05bb2da4c110089af4cde236,2025-01-16T13:15:06.973000 +CVE-2025-0472,0,0,59a6947073fccbb91de356be2d0ce5c4b81cc89c211292ee828d31d3d865d81f,2025-01-16T13:15:07.353000 +CVE-2025-0473,0,0,673552e9170396a25fe05497fb932e4bf5857a3a0b866ac4bee1f09976cea019,2025-01-16T13:15:07.540000 CVE-2025-0474,0,0,469f826f4845a259aa881ad42b8eacd95b41d69c527a4acd303e5e0c3ed0c4b7,2025-01-14T19:15:32.930000 CVE-2025-0476,0,0,5cf89dbc48f126dc941ccdc658ff72cf7ae3856b9cb1005f07cc2f9dcf852c1f,2025-01-16T00:15:25.217000 CVE-2025-0480,0,0,e092b69b17ce664f29d203f06bde29cda1f01654d85548b205c10efb41a0322f,2025-01-15T18:15:24.457000 @@ -277085,9 +277090,9 @@ CVE-2025-0484,0,0,b013cc873755fa671111ee9676cdbc5d83472f586ce91385aff0b6bd336451 CVE-2025-0485,0,0,f73ea3212d3f8bb57645a5a3186a67a483153769046e197e77cb0f8fbcca7e26,2025-01-15T20:15:29.400000 CVE-2025-0486,0,0,46acd9214cd963a88ec9311c0e6dfcfe4a6ea1db37785856bda1f0ccaad6f2ca,2025-01-15T21:15:14.960000 CVE-2025-0487,0,0,f254ff4eba12361ad33cafe695d950724dc64dda0c40f08cdaac336df89bb15b,2025-01-15T21:15:15.160000 -CVE-2025-0488,0,0,4f2575fa6aa0cf7363321d631c18e4f9ac623004f31f2ef8f8fa5a8c5d269f6a,2025-01-15T21:15:15.380000 -CVE-2025-0489,0,0,ad4e2da0114a89e77b7dea82312a8af94ea05d675feeb045e76378e98e362df3,2025-01-15T22:15:26.660000 -CVE-2025-0490,0,0,4875fbbfdfa23fa3ba99b879faaf8bd9ec6141b7db8e4bc5b2d2384256d9aba0,2025-01-15T22:15:26.820000 +CVE-2025-0488,0,1,9be963ad82fec8f83798d8b0fa32da724001a3dc9b24735d83f53a773d58b3bd,2025-01-16T16:15:35.347000 +CVE-2025-0489,0,1,8f94857ceb6b7aac464cda56d55b3ffd3a260fe592b0690d982994fe0513f523,2025-01-16T16:15:35.517000 +CVE-2025-0490,0,1,a264f3de6b2f9060bb1641bb4dda25c4d6261e0fcfd2f30ed64dcd21860eb528,2025-01-16T16:15:35.653000 CVE-2025-0491,0,0,e2c578f6867a872596ea91113158697f19532a63f0930ed0dee8793b679ca3c5,2025-01-15T22:15:26.990000 CVE-2025-0492,0,0,8a17b017a98a002e0eca45e84c80fdbdf21fc23599e7b8c3264d472e99151077,2025-01-15T22:15:27.157000 CVE-2025-0500,0,0,7c3466d64b8c8ab9f735aa3c3f46ce64626b7310542fe424f3c28d5da1451b7e,2025-01-15T19:15:27.003000 @@ -277587,23 +277592,23 @@ CVE-2025-22826,0,0,36b6e140cfbfa94ee1e1f9414c9bba12f6b84f8e81d4c4eb37d1cc60556b5 CVE-2025-22827,0,0,3baed988c384781b752e63a63aac2d02b4618a6f769d736ff71142b8ba1a8f98,2025-01-09T16:16:33.200000 CVE-2025-22828,0,0,146919e8038c633aebea97dab991ef56f9be23b958183120e0167c3ba087763b,2025-01-13T19:15:11.373000 CVE-2025-22904,0,0,0d689dab7d93efe5e3619f41b65ed2e226865052631c380e622bfad8a4d89cc2,2025-01-16T03:15:06.313000 -CVE-2025-22905,0,0,7ce0ff9256a4854fc352d077f3f0c739a33a0a92874bf3c98059151498413642,2025-01-16T03:15:06.430000 -CVE-2025-22906,0,0,b430df8a6e6400aee0d0b5dedcfd1ceca5ac91f1415ad22a738e6b90d9215435,2025-01-16T03:15:06.530000 -CVE-2025-22907,0,0,3a606e36c0c8fbf9d55b43d449cfe35e7f71d0a76ec87887dc5c5630771d2b0f,2025-01-16T03:15:06.630000 -CVE-2025-22912,0,0,9bdac6d997fb4afcd0ffdb49cf15bb2a6d4a40fead5179445a0f3cc7227fc94c,2025-01-16T03:15:06.723000 -CVE-2025-22913,0,0,43a94f497f840a978d8316cb659d9517bb656ec1d12ffe55ff10808892909274,2025-01-16T03:15:06.850000 -CVE-2025-22916,0,0,49672c014458a546bd5e8ed40fbb9d744fa61afd0b8f15aa50934354bd803c8d,2025-01-16T03:15:06.970000 +CVE-2025-22905,0,1,abc87a85c7bc7d9d749537f6e4185a3608bb9fb9938aa6d93312fdeb15cc69d3,2025-01-16T15:15:15.180000 +CVE-2025-22906,0,1,c442b828ae2bdbc2d39f15b231587f53bcedbd794c904b4144293ba283dc2985,2025-01-16T15:15:15.357000 +CVE-2025-22907,0,1,afe94c593034a06a548c8df5f439a7a34ed21665762277eb367e4b3ea8c24c00,2025-01-16T15:15:15.547000 +CVE-2025-22912,0,1,766f040be3df03b040356c69b2efd09905e002e58e9533a9231fa2503e62df36,2025-01-16T15:15:15.717000 +CVE-2025-22913,0,1,f239c8371b8d3437623235654e9889410bf3102a7c3bba6b0cdc259cb15be933,2025-01-16T15:15:15.903000 +CVE-2025-22916,0,1,d04fdd5ab17cd7ad4479340bde8debf906714d99a9d8f5873b258c0ba700819d,2025-01-16T15:15:16.113000 CVE-2025-22946,0,0,7db37666dfbf9142b1788db2e9c9ed7b839c8fa56ddb82a64c0b003e5a2cac22,2025-01-14T15:15:28.480000 CVE-2025-22949,0,0,9276342af8ee37607a1ffae2d3f1aeab3d942e0b55b28a72d519f8d3d1707262,2025-01-14T15:15:28.637000 CVE-2025-22963,0,0,ddb005db611e43367f0caf5873d662acfb7b90267f1a87ba259499e665e1b39e,2025-01-13T16:15:19.367000 CVE-2025-22964,0,0,a90086eb39175894fd8a6f5a5a2d3d26692d372646feda1a5970b8ceedca9205,2025-01-15T23:15:10.650000 -CVE-2025-22968,0,0,0227576564b7383d871235f2ed489b932c841789538b8cb6aa1f3b95038879f5,2025-01-15T16:15:42.657000 +CVE-2025-22968,0,1,57a69808ab0990561b0328d97b2c8de740ae46feda81744f1a799a0ff4b4728e,2025-01-16T16:15:35.917000 CVE-2025-22976,0,0,be87cf5daa830b3fd7b6b45b4ae729caebe4fca6715c7a1a0f6c966a078f7afb,2025-01-15T23:15:10.783000 CVE-2025-22983,0,0,818f0a40d17098ac93c0b9b96dbd9489c7b8bd9e521ddba6a0116d1bc14ba669,2025-01-14T16:15:35.603000 CVE-2025-22984,0,0,1a545998f559ee7e76b6e0da26fd2ee7d20b16b478982f1cd328aa26a28e86f8,2025-01-14T16:15:35.710000 CVE-2025-22996,0,0,8353f71e1021a99be2843ee26c19df5f4da352df92661e6ab1f14b6f88fb0dd3,2025-01-15T17:15:21.837000 CVE-2025-22997,0,0,784fa7ead53bc349c92561866d97c2fb20b9fab0d953b0c5445a13195ff35fef,2025-01-15T17:15:22.193000 -CVE-2025-23013,0,1,a29081d4edb0c576a2d77b4ea2bc4f7ff7b11edc6be78b0629afe5a34242f91b,2025-01-16T13:15:07.723000 +CVE-2025-23013,0,0,a29081d4edb0c576a2d77b4ea2bc4f7ff7b11edc6be78b0629afe5a34242f91b,2025-01-16T13:15:07.723000 CVE-2025-23016,0,0,31a93833611c1f04fca5216d55a04a7c92375e0aedfa95a405475196dac4f70b,2025-01-10T12:15:25.480000 CVE-2025-23018,0,0,04057ebd16387f0035876264d984029a54f25d41dceb84c91b788d3f78ef776b,2025-01-14T20:15:32.440000 CVE-2025-23019,0,0,2441b4edcc7db27f67ae614720ac0c1927e9c7e1651443ff935f830ebd7e09ee,2025-01-14T20:15:32.577000 @@ -277632,7 +277637,7 @@ CVE-2025-23074,0,0,3bd54e8aff6e0667e581df8dc64519113334429e2ff9b1a1f41a90fdedea5 CVE-2025-23078,0,0,6e2234483d99611921814b7d4b760ef5cfe8faae35f477da1f41cf4c536bce4f,2025-01-13T19:15:11.540000 CVE-2025-23079,0,0,688568487a54a31b09fc20fca3268a4665f027f5a20c0e7845588469ec59e859,2025-01-13T18:15:22.470000 CVE-2025-23080,0,0,7f79bf8f3b921f5e2fcc3bfea99fb1a5c67fc1f5c6452fc22f7c45ab38cb19d5,2025-01-14T18:16:06.110000 -CVE-2025-23081,0,0,7d242b61c375c55dc463651ab53775b1b147517666cff4bd56341e5a62603d09,2025-01-14T17:15:21.750000 +CVE-2025-23081,0,1,8e8adb61025ad816e7ca7d3f543c46c43aae9a6ff6f38d8ecfef81ad769cb146,2025-01-16T16:15:36.090000 CVE-2025-23082,0,0,bc34747e12b52ad3683d82cd426e550c84713f2181fb67b0b2397b0a5a87d8fb,2025-01-14T16:15:36.200000 CVE-2025-23108,0,0,bf7d5127026a7b3e24519e57e5514e9c8f61188c4fc8ae46ad1a8e414e8fd737,2025-01-13T18:15:22.680000 CVE-2025-23109,0,0,b22a40d0cd6f5709ff1c9b97ba4e1adbf7087ff55aed713db176344e389fb640,2025-01-13T18:15:22.903000