admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-07 11:07:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-03-05T15:00:20.760643+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-03-05 15:03:49 +00:00
parent 22fa98c696
commit d98aa77963
28 changed files with 1861 additions and 159 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

133
CVE-2022/CVE-2022-497xx/CVE-2022-49733.json
View File

@ -2,36 +2,153 @@
"id": "CVE-2022-49733",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-03-02T15:15:11.480",
"lastModified": "2025-03-02T15:15:11.480",
"vulnStatus": "Received",
"lastModified": "2025-03-05T14:05:15.387",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC\n\nThere is a small race window at snd_pcm_oss_sync() that is called from\nOSS PCM SNDCTL_DSP_SYNC ioctl; namely the function calls\nsnd_pcm_oss_make_ready() at first, then takes the params_lock mutex\nfor the rest. When the stream is set up again by another thread\nbetween them, it leads to inconsistency, and may result in unexpected\nresults such as NULL dereference of OSS buffer as a fuzzer spotted\nrecently.\n\nThe fix is simply to cover snd_pcm_oss_make_ready() call into the same\nparams_lock mutex with snd_pcm_oss_make_ready_locked() variant."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ALSA: pcm: oss: Corregir ejecuci\u00f3n en SNDCTL_DSP_SYNC Hay una peque\u00f1a ventana de ejecuci\u00f3n en snd_pcm_oss_sync() que se llama desde IOctl SNDCTL_DSP_SYNC PCM de OSS; es decir, la funci\u00f3n llama a snd_pcm_oss_make_ready() primero, luego toma el mutex params_lock para el resto. Cuando otro hilo configura nuevamente la secuencia entre ellos, esto genera inconsistencia y puede dar como resultado resultados inesperados como la desreferencia NULL del b\u00fafer OSS como un fuzzer detectado recientemente. La soluci\u00f3n es simplemente cubrir la llamada a snd_pcm_oss_make_ready() en el mismo mutex params_lock con la variante snd_pcm_oss_make_ready_locked()."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-362"
},
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.215",
"matchCriteriaId": "C1F13D37-AD51-4E30-9FD7-F6B539CE6CED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.148",
"matchCriteriaId": "A125CF4C-603D-4ED4-AE18-CFC7C8D5CCF1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.68",
"matchCriteriaId": "C440CED2-FE3C-495D-839C-857FFC6F523A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.19.9",
"matchCriteriaId": "B4895A99-6E1B-4C76-A510-FDED00AD7D29"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E8BD11A3-8643-49B6-BADE-5029A0117325"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "5F0AD220-F6A9-4012-8636-155F1B841FAD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "A46498B3-78E1-4623-AAE1-94D29A42BE4E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "F8446E87-F5F6-41CA-8201-BAE0F0CA6DD9"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/4051324a6dafd7053c74c475e80b3ba10ae672b0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/723ac5ab2891b6c10dd6cc78ef5456af593490eb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8015ef9e8a0ee5cecfd0cb6805834d007ab26f86",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8423f0b6d513b259fdab9c9bf4aaa6188d054c2d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/fce793a056c604b41a298317cf704dae255f1b36",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

57
CVE-2023/CVE-2023-503xx/CVE-2023-50316.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-50316",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-01-28T01:15:08.410",
"lastModified": "2025-01-28T01:15:08.410",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-05T14:08:19.020",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -51,10 +71,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:sterling_b2b_integrator:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.0.0.0",
"versionEndIncluding": "6.1.2.5",
"matchCriteriaId": "E2DD03C2-67D3-4BA5-8109-10C84538AC3B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:sterling_b2b_integrator:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2.0.0",
"versionEndIncluding": "6.2.0.1",
"matchCriteriaId": "ECA7E00E-2AD1-4AA7-BAA8-3E8A14F48D21"
}
]
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7176072",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Not Applicable"
]
}
]
}

64
CVE-2024/CVE-2024-112xx/CVE-2024-11216.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-11216",
"sourceIdentifier": "iletisim@usom.gov.tr",
"published": "2025-03-05T13:15:11.493",
"lastModified": "2025-03-05T13:15:11.493",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Authorization Bypass Through User-Controlled Key, Exposure of Private Personal Information to an Unauthorized Actor vulnerability in PozitifIK Pik Online allows Account Footprinting, Session Hijacking.This issue affects Pik Online: through 05.03.2025.\n\n\nNOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "es",
"value": "Vulnerabilidad de omisi\u00f3n de autorizaci\u00f3n mediante clave controlada por el usuario y exposici\u00f3n de informaci\u00f3n personal privada a un actor no autorizado en PozitifIK Pik Online que permite la toma de huellas de cuentas y el secuestro de sesiones. Este problema afecta a Pik Online: hasta el 05.03.2025. NOTA: Se contact\u00f3 al proveedor con anticipaci\u00f3n sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "iletisim@usom.gov.tr",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "iletisim@usom.gov.tr",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-359"
},
{
"lang": "en",
"value": "CWE-639"
}
]
}
],
"references": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-25-0052",
"source": "iletisim@usom.gov.tr"
}
]
}

56
CVE-2024/CVE-2024-120xx/CVE-2024-12097.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-12097",
"sourceIdentifier": "iletisim@usom.gov.tr",
"published": "2025-03-05T14:15:35.280",
"lastModified": "2025-03-05T14:15:35.280",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Boceksoft Informatics E-Travel allows SQL Injection.This issue affects E-Travel: before 15.12.2024."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "iletisim@usom.gov.tr",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "iletisim@usom.gov.tr",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-25-0053",
"source": "iletisim@usom.gov.tr"
}
]
}

56
CVE-2024/CVE-2024-131xx/CVE-2024-13147.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-13147",
"sourceIdentifier": "iletisim@usom.gov.tr",
"published": "2025-03-05T14:15:35.910",
"lastModified": "2025-03-05T14:15:35.910",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Merkur Software B2B Login Panel allows SQL Injection.This issue affects B2B Login Panel: before 15.01.2025."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "iletisim@usom.gov.tr",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "iletisim@usom.gov.tr",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-25-0054",
"source": "iletisim@usom.gov.tr"
}
]
}

74
CVE-2024/CVE-2024-580xx/CVE-2024-58022.json
View File

@ -2,24 +2,88 @@
"id": "CVE-2024-58022",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-27T20:16:02.073",
"lastModified": "2025-02-27T20:16:02.073",
"vulnStatus": "Received",
"lastModified": "2025-03-05T14:05:15.387",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmailbox: th1520: Fix a NULL vs IS_ERR() bug\n\nThe devm_ioremap() function doesn't return error pointers, it returns\nNULL. Update the error checking to match."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mailbox: th1520: Se corrige un error de NULL frente a IS_ERR() La funci\u00f3n devm_ioremap() no devuelve punteros de error, sino NULL. Actualice la comprobaci\u00f3n de errores para que coincida."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.13",
"versionEndExcluding": "6.13.2",
"matchCriteriaId": "6D4116B1-1BFD-4F23-BA84-169CC05FC5A3"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/d0f98e14c010bcf27898b635a54c1994ac4110a8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ecbde88e544ff016fa08bbf2156dc431bb123e9b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

82
CVE-2024/CVE-2024-580xx/CVE-2024-58042.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-58042",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-27T20:16:02.257",
"lastModified": "2025-02-27T20:16:02.257",
"vulnStatus": "Received",
"lastModified": "2025-03-05T14:05:15.387",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,19 +15,89 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: rhashtable: corrige un posible punto muerto moviendo schedule_work fuera del bloqueo Mueva la comprobaci\u00f3n del crecimiento de la tabla hash y la programaci\u00f3n del trabajo fuera del bloqueo rht para evitar una posible dependencia de bloqueo circular. La implementaci\u00f3n original podr\u00eda activar una advertencia de lockdep debido a un posible escenario de punto muerto que involucra bloqueos anidados entre el dep\u00f3sito rhashtable, el bloqueo rq y el bloqueo dsq. Al reubicar la comprobaci\u00f3n del crecimiento y la programaci\u00f3n del trabajo despu\u00e9s de liberar el bloqueo rth, rompemos esta posible cadena de punto muerto. Este cambio expande la flexibilidad de rhashtable al eliminar el bloqueo restrictivo que anteriormente limitaba su uso en contextos de planificador y cola de trabajo. Importe para decir que esto llama a rht_grow_above_75(), que lee desde struct rhashtable sin mantener el bloqueo, si esto es un problema, podemos mover la comprobaci\u00f3n al bloqueo y programar la cola de trabajo despu\u00e9s del bloqueo. Modificado para que atomic_inc tambi\u00e9n se mueva fuera del bloqueo del dep\u00f3sito junto con la verificaci\u00f3n de crecimiento por encima del 75%."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-667"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.12",
"versionEndExcluding": "6.12.13",
"matchCriteriaId": "8507AA00-C52F-4231-94AC-4D0374F5A9F5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.13",
"versionEndExcluding": "6.13.2",
"matchCriteriaId": "6D4116B1-1BFD-4F23-BA84-169CC05FC5A3"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/ced8ce3c83a7150c5f5d371a8c332d7bc7f9b66d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e1d3422c95f003eba241c176adfe593c33e8a8f6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/eb2e58484b838fb4e777ee9721bb9e20e6ca971d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

10
CVE-2025/CVE-2025-02xx/CVE-2025-0285.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-0285",
"sourceIdentifier": "cret@cert.org",
"published": "2025-03-03T17:15:13.430",
"lastModified": "2025-03-04T16:15:36.020",
"lastModified": "2025-03-05T14:15:36.060",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Paragon Partition Manager version 7.9.1 contains an arbitrary kernel memory mapping vulnerability within biontdrv.sys that is caused by a failure to properly validate the length of user supplied data, which can allow an attacker to perform privilege escalation exploits."
},
{
"lang": "es",
"value": "Paragon Partition Manager versi\u00f3n 7.9.1 contiene una vulnerabilidad de mapeo de memoria de kernel arbitraria dentro de biontdrv.sys que es causada por una falla en la validaci\u00f3n adecuada de la longitud de los datos suministrados por el usuario, lo que puede permitir a un atacante realizar ataques de escalada de privilegios."
}
],
"metrics": {
@ -55,6 +59,10 @@
{
"url": "https://www.kb.cert.org/vuls/id/726882",
"source": "cret@cert.org"
},
{
"url": "https://www.paragon-software.com/support/#patches",
"source": "cret@cert.org"
}
]
}

12
CVE-2025/CVE-2025-02xx/CVE-2025-0287.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-0287",
"sourceIdentifier": "cret@cert.org",
"published": "2025-03-03T17:15:13.710",
"lastModified": "2025-03-03T20:15:44.100",
"vulnStatus": "Received",
"lastModified": "2025-03-05T14:15:36.253",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Paragon Partition Manager version 7.9.1 contains a null pointer dereference vulnerability within biontdrv.sys that is caused by a lack of a valid MasterLrp structure in the input buffer, allowing an attacker to execute arbitrary code in the kernel, facilitating privilege escalation."
},
{
"lang": "es",
"value": "Paragon Partition Manager versi\u00f3n 7.9.1 contiene una vulnerabilidad de desreferencia de puntero nulo dentro de biontdrv.sys que es causada por la falta de una estructura MasterLrp v\u00e1lida en el b\u00fafer de entrada, lo que permite a un atacante ejecutar c\u00f3digo arbitrario en el kernel, facilitando la escalada de privilegios."
}
],
"metrics": {
@ -55,6 +59,10 @@
{
"url": "https://www.kb.cert.org/vuls/id/726882",
"source": "cret@cert.org"
},
{
"url": "https://www.paragon-software.com/support/#patches",
"source": "cret@cert.org"
}
]
}

10
CVE-2025/CVE-2025-02xx/CVE-2025-0288.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-0288",
"sourceIdentifier": "cret@cert.org",
"published": "2025-03-03T17:15:13.823",
"lastModified": "2025-03-04T16:15:36.317",
"lastModified": "2025-03-05T14:15:36.390",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Paragon Partition Manager version 7.9.1 contains an arbitrary kernel memory vulnerability facilitated by the memmove function, which does not validate or sanitize user controlled input, allowing an attacker the ability to write arbitrary kernel memory and perform privilege escalation."
},
{
"lang": "es",
"value": "Paragon Partition Manager versi\u00f3n 7.9.1 contiene una vulnerabilidad de memoria de kernel arbitraria facilitada por la funci\u00f3n memmove, que no valida ni depura la entrada controlada por el usuario, lo que permite a un atacante escribir memoria de kernel arbitraria y realizar una escalada de privilegios."
}
],
"metrics": {
@ -55,6 +59,10 @@
{
"url": "https://www.kb.cert.org/vuls/id/726882",
"source": "cret@cert.org"
},
{
"url": "https://www.paragon-software.com/support/#patches",
"source": "cret@cert.org"
}
]
}

10
CVE-2025/CVE-2025-02xx/CVE-2025-0289.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-0289",
"sourceIdentifier": "cret@cert.org",
"published": "2025-03-03T17:15:13.943",
"lastModified": "2025-03-04T16:15:36.467",
"lastModified": "2025-03-05T14:15:36.540",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Paragon Partition Manager version 17, both community and Business versions, contain an insecure kernel resource access vulnerability facilitated by the driver not validating the MappedSystemVa pointer before passing it to HalReturnToFirmware, which can allows an attacker the ability to compromise the service."
},
{
"lang": "es",
"value": "La versi\u00f3n 17 de Paragon Partition Manager, tanto la versi\u00f3n comunitaria como la empresarial, contienen una vulnerabilidad de acceso inseguro a los recursos del kernel facilitada por el controlador que no valida el puntero MappedSystemVa antes de pasarlo a HalReturnToFirmware, lo que puede permitir a un atacante comprometer el servicio."
}
],
"metrics": {
@ -55,6 +59,10 @@
{
"url": "https://www.kb.cert.org/vuls/id/726882",
"source": "cret@cert.org"
},
{
"url": "https://www.paragon-software.com/support/#patches",
"source": "cret@cert.org"
}
]
}

4
CVE-2025/CVE-2025-17xx/CVE-2025-1702.json
View File

@ -9,6 +9,10 @@
{
"lang": "en",
"value": "The Ultimate Member \u2013 User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to time-based SQL Injection via the 'search' parameter in all versions up to, and including, 2.10.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."
},
{
"lang": "es",
"value": "El complemento Ultimate Member \u2013 User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin para WordPress es vulnerable a la inyecci\u00f3n SQL basada en tiempo a trav\u00e9s del par\u00e1metro 'search' en todas las versiones hasta la 2.10.0 incluida, debido a un escape insuficiente en el par\u00e1metro proporcionado por el usuario y a la falta de preparaci\u00f3n suficiente en la consulta SQL existente. Esto hace posible que atacantes no autenticados agreguen consultas SQL adicionales a consultas ya existentes que se pueden usar para extraer informaci\u00f3n confidencial de la base de datos."
}
],
"metrics": {

118
CVE-2025/CVE-2025-18xx/CVE-2025-1879.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-1879",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-03T20:15:45.510",
"lastModified": "2025-03-03T20:15:45.510",
"vulnStatus": "Received",
"lastModified": "2025-03-05T14:05:15.387",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in i-Drive i11 and i12 up to 20250227 and classified as problematic. This issue affects some unknown processing of the component APK. The manipulation leads to hard-coded credentials. It is possible to launch the attack on the physical device. It was not possible to identify the current maintainer of the product. It must be assumed that the product is end-of-life."
},
{
"lang": "es",
"value": "Se ha detectado una vulnerabilidad en i-Drive i11 e i12 hasta 20250227 y se ha clasificado como problem\u00e1tica. Este problema afecta a un procesamiento desconocido del componente APK. La manipulaci\u00f3n conduce a credenciales codificadas de forma r\u00edgida. Es posible lanzar el ataque en el dispositivo f\u00edsico. No ha sido posible identificar al responsable actual del mantenimiento del producto. Se debe suponer que el producto ha llegado al final de su vida \u00fatil."
}
],
"metrics": {
@ -59,7 +63,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
@ -76,6 +80,26 @@
},
"exploitabilityScore": 0.9,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -118,24 +142,104 @@
"value": "CWE-798"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-798"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:i-drive:i11_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "20250227",
"matchCriteriaId": "F190E901-E255-488B-8393-25824B55501C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:i-drive:i11:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AC63E40-205E-4842-9C3C-227A37310C37"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:i-drive:i12_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "20250227",
"matchCriteriaId": "0F0904B4-A160-4619-B46A-E399C7C0B339"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:i-drive:i12:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D9B7F71-2A76-4A8F-8474-E21D8529E794"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/geo-chen/i-Drive",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.298193",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?id.298193",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?submit.510950",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

108
CVE-2025/CVE-2025-18xx/CVE-2025-1880.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-1880",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-03T20:15:45.717",
"lastModified": "2025-03-03T20:15:45.717",
"vulnStatus": "Received",
"lastModified": "2025-03-05T14:05:15.387",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in i-Drive i11 and i12 up to 20250227. It has been classified as problematic. Affected is an unknown function of the component Device Pairing. The manipulation leads to authentication bypass by primary weakness. It is possible to launch the attack on the physical device. The complexity of an attack is rather high. The exploitability is told to be difficult. It was not possible to identify the current maintainer of the product. It must be assumed that the product is end-of-life."
},
{
"lang": "es",
"value": "Se ha detectado una vulnerabilidad en i-Drive i11 e i12 hasta 20250227. Se ha clasificado como problem\u00e1tica. Se ve afectada una funci\u00f3n desconocida del componente Device Pairing. La manipulaci\u00f3n conduce a la omisi\u00f3n de la autenticaci\u00f3n mediante una debilidad primaria. Es posible lanzar el ataque en el dispositivo f\u00edsico. La complejidad de un ataque es bastante alta. Se dice que la explotabilidad es dif\u00edcil. No fue posible identificar al mantenedor actual del producto. Se debe asumir que el producto est\u00e1 al final de su vida \u00fatil."
}
],
"metrics": {
@ -59,7 +63,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
@ -76,6 +80,26 @@
},
"exploitabilityScore": 0.5,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
],
"cvssMetricV2": [
@ -120,22 +144,92 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:i-drive:i11_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "20250227",
"matchCriteriaId": "F190E901-E255-488B-8393-25824B55501C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:i-drive:i11:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AC63E40-205E-4842-9C3C-227A37310C37"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:i-drive:i12_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "20250227",
"matchCriteriaId": "0F0904B4-A160-4619-B46A-E399C7C0B339"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:i-drive:i12:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D9B7F71-2A76-4A8F-8474-E21D8529E794"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/geo-chen/i-Drive",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.298194",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?id.298194",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?submit.510951",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Vendor Advisory"
]
}
]
}

96
CVE-2025/CVE-2025-18xx/CVE-2025-1881.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-1881",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-03T21:15:18.097",
"lastModified": "2025-03-03T21:15:18.097",
"vulnStatus": "Received",
"lastModified": "2025-03-05T14:05:15.387",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in i-Drive i11 and i12 up to 20250227. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Video Footage/Live Video Stream. The manipulation leads to improper access controls. The attack can be launched remotely. It was not possible to identify the current maintainer of the product. It must be assumed that the product is end-of-life."
},
{
"lang": "es",
"value": "Se ha detectado una vulnerabilidad en i-Drive i11 e i12 hasta 20250227. Se ha declarado como problem\u00e1tica. Esta vulnerabilidad afecta a una funcionalidad desconocida del componente Video Footage/Live Video Stream. La manipulaci\u00f3n conduce a controles de acceso inadecuados. El ataque puede iniciarse de forma remota. No ha sido posible identificar al responsable actual del mantenimiento del producto. Se debe suponer que el producto ha llegado al final de su vida \u00fatil."
}
],
"metrics": {
@ -118,24 +122,104 @@
"value": "CWE-284"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:i-drive:i11_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "20250227",
"matchCriteriaId": "F190E901-E255-488B-8393-25824B55501C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:i-drive:i11:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AC63E40-205E-4842-9C3C-227A37310C37"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:i-drive:i12_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "20250227",
"matchCriteriaId": "0F0904B4-A160-4619-B46A-E399C7C0B339"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:i-drive:i12:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D9B7F71-2A76-4A8F-8474-E21D8529E794"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/geo-chen/i-Drive",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.298195",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?id.298195",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?submit.510952",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

77
CVE-2025/CVE-2025-18xx/CVE-2025-1890.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-1890",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-04T00:15:31.190",
"lastModified": "2025-03-04T00:15:31.190",
"vulnStatus": "Received",
"lastModified": "2025-03-05T14:05:15.387",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in shishuocms 1.1 and classified as critical. This vulnerability affects the function handleRequest of the file src/main/java/com/shishuo/cms/action/manage/ManageUpLoadAction.java. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad en shishuocms 1.1 y se ha clasificado como cr\u00edtica. Esta vulnerabilidad afecta a la funci\u00f3n handleRequest del archivo src/main/java/com/shishuo/cms/action/manage/ManageUpLoadAction.java. La manipulaci\u00f3n del archivo de argumentos provoca una carga sin restricciones. El ataque se puede iniciar de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse."
}
],
"metrics": {
@ -59,7 +63,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
@ -76,6 +80,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -118,24 +142,63 @@
"value": "CWE-434"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:shishuocms_project:shishuocms:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D1F75228-4B43-4E2A-8D9F-95B3716C3FC9"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/caigo8/CVE-md/blob/main/shishuocms/%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E4%B8%8A%E4%BC%A0.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.298408",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?id.298408",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?submit.505736",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

104
CVE-2025/CVE-2025-217xx/CVE-2025-21793.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-21793",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-27T03:15:20.190",
"lastModified": "2025-02-27T03:15:20.190",
"vulnStatus": "Received",
"lastModified": "2025-03-05T14:05:15.387",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,23 +15,113 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: spi: sn-f-ospi: Corrige la divisi\u00f3n por cero Cuando no hay un ciclo ficticio en los comandos spi-nor, tanto los bytes del ciclo de bus ficticio como el ancho son cero. Debido a la advertencia de la CPU cuando se divide por cero, se debe evitar la advertencia. Devuelve solo cero para evitar dichos c\u00e1lculos."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-369"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.79",
"matchCriteriaId": "B16AADE5-B2FD-4C14-B4E4-85E8EDAFE775"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.12.16",
"matchCriteriaId": "13C8DB18-FC60-425F-84E5-3EDDEC61B2FC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.13",
"versionEndExcluding": "6.13.4",
"matchCriteriaId": "2A2093ED-74A9-43F9-AC72-50030F374EA4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.14:rc1:*:*:*:*:*:*",
"matchCriteriaId": "186716B6-2B66-4BD0-852E-D48E71C0C85F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.14:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0D3E781C-403A-498F-9DA9-ECEE50F41E75"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/3588b1c0fde2f58d166e3f94a5a58d64b893526c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4df6f005bef04a3dd16c028124a1b5684db3922b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7434135553bc03809a55803ee6a8dcaae6240d55",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/966328191b4c389c0f2159fa242915f51cbc1679",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

109
CVE-2025/CVE-2025-217xx/CVE-2025-21794.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-21794",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-27T03:15:20.293",
"lastModified": "2025-02-27T03:15:20.293",
"vulnStatus": "Received",
"lastModified": "2025-03-05T14:05:15.387",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,27 +15,120 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: HID: hid-thrustmaster: correcci\u00f3n de lectura fuera de los l\u00edmites de pila en usb_check_int_endpoints() Syzbot[1] ha detectado una lectura fuera de los l\u00edmites de pila de la matriz ep_addr del controlador hid-thrustmaster. Esta matriz se pasa a la funci\u00f3n usb_check_int_endpoints del controlador del n\u00facleo usb.c, que ejecuta un bucle for que itera sobre los elementos de la matriz pasada. Al no encontrar un elemento nulo al final de la matriz, intenta leer el siguiente elemento inexistente, lo que hace que el kernel se bloquee. Para corregir esto, se agreg\u00f3 un elemento 0 al final de la matriz para romper el bucle for. [1] https://syzkaller.appspot.com/bug?extid=9c9179ac46169c56c1ad"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.6.76",
"versionEndExcluding": "6.6.79",
"matchCriteriaId": "D48B56A5-E076-490E-B5A6-F3AB84C22E89"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.12.13",
"versionEndExcluding": "6.12.16",
"matchCriteriaId": "88327018-7D74-4C95-9672-29D99D630F66"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.13.2",
"versionEndExcluding": "6.13.4",
"matchCriteriaId": "25A9DD1C-2E5A-4631-9F6A-B06B38D2D88B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.14:rc1:*:*:*:*:*:*",
"matchCriteriaId": "186716B6-2B66-4BD0-852E-D48E71C0C85F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.14:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0D3E781C-403A-498F-9DA9-ECEE50F41E75"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/0b43d98ff29be3144e86294486b1373b5df74c0e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/436f48c864186e9413d1b7c6e91767cc9e1a65b8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/73e36a699b9f46322ffb81f072a24e64f728dba7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/cdd9a1ea23ff1a272547217100663e8de4eada40",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f3ce05283f6cb6e19c220f5382def43dc5bd56b9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

82
CVE-2025/CVE-2025-217xx/CVE-2025-21798.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-21798",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-27T20:16:02.477",
"lastModified": "2025-02-27T20:16:02.477",
"vulnStatus": "Received",
"lastModified": "2025-03-05T14:05:15.387",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,19 +15,89 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: firewire: test: Se corrige una posible desreferencia nula en la prueba kunit de firewire kunit_kzalloc() puede devolver un puntero NULL, desreferenciarlo sin la comprobaci\u00f3n NULL puede provocar una desreferencia NULL. Se a\u00f1ade una comprobaci\u00f3n NULL para test_state."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.8",
"versionEndExcluding": "6.12.13",
"matchCriteriaId": "90360375-07E4-448D-B423-70059CF084B4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.13",
"versionEndExcluding": "6.13.2",
"matchCriteriaId": "6D4116B1-1BFD-4F23-BA84-169CC05FC5A3"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/352fafe97784e81a10a7c74bd508f71a19b53c2a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/70fcb25472d90dd3b87cbee74b9eb68670b0c7b8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c6896bf4c611c3dd126f3e03685f2360a18b3d6f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

82
CVE-2025/CVE-2025-218xx/CVE-2025-21809.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-21809",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-27T20:16:03.497",
"lastModified": "2025-02-27T20:16:03.497",
"vulnStatus": "Received",
"lastModified": "2025-03-05T14:05:15.387",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,19 +15,89 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: rxrpc, afs: Fix peer hash blocking vs RCU callback En su lista de direcciones, afs ahora retiene punteros y referencias en uno o m\u00e1s objetos rxrpc_peer. La lista de direcciones se libera bajo RCU y en este momento, pone las referencias en esos pares. Ahora, cuando un objeto rxrpc_peer se queda sin referencias, se elimina de la tabla hash de pares y, para eso, rxrpc tiene que tomar un spinlock. Sin embargo, ahora se est\u00e1 llamando desde la limpieza RCU de afs, que tiene lugar en el contexto BH, pero solo est\u00e1 tomando un spinlock ordinario. La put tambi\u00e9n se puede llamar desde un contexto que no sea BH, por lo que existe la posibilidad de un punto muerto si la limpieza RCU basada en BH ocurre mientras se mantiene el spinlock hash. Esto condujo a la queja adjunta lockdep. Solucione esto cambiando los spinlocks de rxnet->peer_hash_lock nuevamente a bloqueos que deshabilitan BH. ================================= ADVERTENCIA: estado de bloqueo inconsistente 6.13.0-rc5-build2+ #1223 Tainted: G E -------------------------------- inconsistent {SOFTIRQ-ON-W} -> {IN-SOFTIRQ-W} usage. swapper/1/0 [HC0[0]:SC1[1]:HE1:SE0] takes: ffff88810babe228 (&rxnet->peer_hash_lock){+.?.}-{3:3}, at: rxrpc_put_peer+0xcb/0x180 {SOFTIRQ-ON-W} state was registered at: mark_usage+0x164/0x180 __lock_acquire+0x544/0x990 lock_acquire.part.0+0x103/0x280 _raw_spin_lock+0x2f/0x40 rxrpc_peer_keepalive_worker+0x144/0x440 process_one_work+0x486/0x7c0 process_scheduled_works+0x73/0x90 worker_thread+0x1c8/0x2a0 kthread+0x19b/0x1b0 ret_from_fork+0x24/0x40 ret_from_fork_asm+0x1a/0x30 irq event stamp: 972402 hardirqs last enabled at (972402): [] _raw_spin_unlock_irqrestore+0x2e/0x50 hardirqs last disabled at (972401): [] _raw_spin_lock_irqsave+0x18/0x60 softirqs last enabled at (972300): [] handle_softirqs+0x3ee/0x430 softirqs last disabled at (972313): [] __irq_exit_rcu+0x44/0x110 other info that might help us debug this: Possible unsafe locking scenario: CPU0 ---- lock(&rxnet->peer_hash_lock); lock(&rxnet->peer_hash_lock); *** DEADLOCK *** 1 lock held by swapper/1/0: #0: ffffffff83576be0 (rcu_callback){....}-{0:0}, at: rcu_lock_acquire+0x7/0x30 stack backtrace: CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G E 6.13.0-rc5-build2+ #1223 Tainted: [E]=UNSIGNED_MODULE Hardware name: ASUS All Series/H97-PLUS, BIOS 2306 10/09/2014 Call Trace: dump_stack_lvl+0x57/0x80 print_usage_bug.part.0+0x227/0x240 valid_state+0x53/0x70 mark_lock_irq+0xa5/0x2f0 mark_lock+0xf7/0x170 mark_usage+0xe1/0x180 __lock_acquire+0x544/0x990 lock_acquire.part.0+0x103/0x280 _raw_spin_lock+0x2f/0x40 rxrpc_put_peer+0xcb/0x180 afs_free_addrlist+0x46/0x90 [kafs] rcu_do_batch+0x2d2/0x640 rcu_core+0x2f7/0x350 handle_softirqs+0x1ee/0x430 __irq_exit_rcu+0x44/0x110 irq_exit_rcu+0xa/0x30 sysvec_apic_timer_interrupt+0x7f/0xa0 "
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-667"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7.3",
"versionEndExcluding": "6.12.13",
"matchCriteriaId": "3E9F5C4F-14D8-4DCE-A228-7F073932D0D0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.13",
"versionEndExcluding": "6.13.2",
"matchCriteriaId": "6D4116B1-1BFD-4F23-BA84-169CC05FC5A3"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/0e77dd41689637ac4e1b8fe0f27541f373640855",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/10ba5a3d57af20e494e0d979d1894260989235dd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/79d458c13056559d49b5e41fbc4b6890e68cf65b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

106
CVE-2025/CVE-2025-218xx/CVE-2025-21814.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-21814",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-27T20:16:03.973",
"lastModified": "2025-02-27T20:16:03.973",
"vulnStatus": "Received",
"lastModified": "2025-03-05T14:05:15.387",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,27 +15,117 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ptp: Aseg\u00farese de que la devoluci\u00f3n de llamada info->enable est\u00e9 siempre establecida Los controladores ioctl y sysfs llaman incondicionalmente a la devoluci\u00f3n de llamada ->enable. No todos los controladores implementan esa devoluci\u00f3n de llamada, lo que lleva a desreferencias NULL. Ejemplo de controladores afectados: ptp_s390.c, ptp_vclock.c y ptp_mock.c. En su lugar, utilice una devoluci\u00f3n de llamada ficticia si el controlador no especific\u00f3 nada mejor."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.0",
"versionEndExcluding": "6.1.129",
"matchCriteriaId": "D12D04F8-8965-4CB6-88C9-E5E15DE32F98"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.78",
"matchCriteriaId": "0C58261F-EDFB-4A12-8CCD-F12101482030"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.12.14",
"matchCriteriaId": "033BB7EE-C9A2-45EA-BAC9-87BB9D951BCD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.13",
"versionEndExcluding": "6.13.3",
"matchCriteriaId": "0E92CEE3-1FC3-4AFC-A513-DEDBA7414F00"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/5d1041c76de656f9f8d5a192218039a9acf9bd00",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/755caf4ee1c615ee5717862e427124370f46b1f3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/81846070cba17125a866e8023c01d3465b153339",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8441aea46445252df5d2eed6deb6d5246fc24002",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/fd53aa40e65f518453115b6f56183b0c201db26b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

106
CVE-2025/CVE-2025-218xx/CVE-2025-21820.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-21820",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-27T20:16:04.520",
"lastModified": "2025-02-27T20:16:04.520",
"vulnStatus": "Received",
"lastModified": "2025-03-05T14:05:15.387",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,27 +15,117 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: tty: xilinx_uartps: la gesti\u00f3n dividido de sysrq lockdep detecta la siguiente dependencia de bloqueo circular: CPU 0 CPU 1 ========================== ============================ cdns_uart_isr() printk() uart_port_lock(port) console_lock() cdns_uart_console_write() if (!port->sysrq) uart_port_lock(port) uart_handle_break() port->sysrq = ... uart_handle_sysrq_char() printk() console_lock() The fixed commit attempts to avoid this situation by only taking the port lock in cdns_uart_console_write if port->sysrq unset. Sin embargo, si (como se muestra arriba) cdns_uart_console_write se ejecuta antes de que port->sysrq est\u00e9 configurado, entonces intentar\u00e1 tomar el bloqueo del puerto de todos modos. Esto puede resultar en un bloqueo. Solucione esto dividiendo la gesti\u00f3n de sysrq en dos partes. Usamos el asistente de preparaci\u00f3n bajo el bloqueo del puerto y posponemos la gesti\u00f3n hasta que liberemos el bloqueo."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-667"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.6",
"versionEndExcluding": "6.1.129",
"matchCriteriaId": "931829B0-EF08-4EA8-A30B-4A6456FC70A0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.78",
"matchCriteriaId": "0C58261F-EDFB-4A12-8CCD-F12101482030"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.12.14",
"matchCriteriaId": "033BB7EE-C9A2-45EA-BAC9-87BB9D951BCD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.13",
"versionEndExcluding": "6.13.3",
"matchCriteriaId": "0E92CEE3-1FC3-4AFC-A513-DEDBA7414F00"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/4410dba9807a17a93f649a9f5870ceaf30a675a3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8ea0e7b3d7b8f2f0fc9db491ff22a0abe120801c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9b88a7c4584ba67267a051069b8abe44fc9595b2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b06f388994500297bb91be60ffaf6825ecfd2afe",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/de5bd24197bd9ee37ec1e379a3d882bbd15c5065",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

97
CVE-2025/CVE-2025-218xx/CVE-2025-21824.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-21824",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-27T20:16:04.890",
"lastModified": "2025-02-27T20:16:04.890",
"vulnStatus": "Received",
"lastModified": "2025-03-05T14:05:15.387",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,19 +15,104 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: gpu: host1x: Fix a use of uninitialized mutex commit c8347f915e67 (\"gpu: host1x: Fix boot regression for Tegra\") provoc\u00f3 el uso de un mutex no inicializado que gener\u00f3 la siguiente advertencia cuando CONFIG_DEBUG_MUTEXES y CONFIG_DEBUG_LOCK_ALLOC est\u00e1n habilitados. [ 41.662843] ------------[ cortar aqu\u00ed ]------------ [ 41.663012] DEBUG_LOCKS_WARN_ON(lock->magic != lock) [ 41.663035] WARNING: CPU: 4 PID: 794 at kernel/locking/mutex.c:587 __mutex_lock+0x670/0x878 [ 41.663458] Modules linked in: rtw88_8822c(+) bluetooth(+) rtw88_pci rtw88_core mac80211 aquantia libarc4 crc_itu_t cfg80211 tegra194_cpufreq dwmac_tegra(+) arm_dsu_pmu stmmac_platform stmmac pcs_xpcs rfkill at24 host1x(+) tegra_bpmp_thermal ramoops reed_solomon fuse loop nfnetlink xfs mmc_block rpmb_core ucsi_ccg ina3221 crct10dif_ce xhci_tegra ghash_ce lm90 sha2_ce sha256_arm64 sha1_ce sdhci_tegra pwm_fan sdhci_pltfm sdhci gpio_keys rtc_tegra cqhci mmc_core phy_tegra_xusb i2c_tegra tegra186_gpc_dma i2c_tegra_bpmp spi_tegra114 dm_mirror dm_region_hash dm_log dm_mod [ 41.665078] CPU: 4 UID: 0 PID: 794 Comm: (udev-worker) Not tainted 6.11.0-29.31_1538613708.el10.aarch64+debug #1 [ 41.665838] Hardware name: NVIDIA NVIDIA Jetson AGX Orin Developer Kit/Jetson, BIOS 36.3.0-gcid-35594366 02/26/2024 [ 41.672555] pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 41.679636] pc : __mutex_lock+0x670/0x878 [ 41.683834] lr : __mutex_lock+0x670/0x878 [ 41.688035] sp : ffff800084b77090 [ 41.691446] x29: ffff800084b77160 x28: ffffdd4bebf7b000 x27: ffffdd4be96b1000 [ 41.698799] x26: 1fffe0002308361c x25: 1ffff0001096ee18 x24: 0000000000000000 [ 41.706149] x23: 0000000000000000 x22: 0000000000000002 x21: ffffdd4be6e3c7a0 [ 41.713500] x20: ffff800084b770f0 x19: ffff00011841b1e8 x18: 0000000000000000 [ 41.720675] x17: 0000000000000000 x16: 0000000000000000 x15: 0720072007200720 [ 41.728023] x14: 0000000000000000 x13: 0000000000000001 x12: ffff6001a96eaab3 [ 41.735375] x11: 1fffe001a96eaab2 x10: ffff6001a96eaab2 x9 : ffffdd4be4838bbc [ 41.742723] x8 : 00009ffe5691554e x7 : ffff000d4b755593 x6 : 0000000000000001 [ 41.749985] x5 : ffff000d4b755590 x4 : 1fffe0001d88f001 x3 : dfff800000000000 [ 41.756988] x2 : 0000000000000000 x1 : 0000000000000000 x0 : ffff0000ec478000 [ 41.764251] Call trace: [ 41.766695] __mutex_lock+0x670/0x878 [ 41.770373] mutex_lock_nested+0x2c/0x40 [ 41.774134] host1x_intr_start+0x54/0xf8 [host1x] [ 41.778863] host1x_runtime_resume+0x150/0x228 [host1x] [ 41.783935] pm_generic_runtime_resume+0x84/0xc8 [ 41.788485] __rpm_callback+0xa0/0x478 [ 41.792422] rpm_callback+0x15c/0x1a8 [ 41.795922] rpm_resume+0x698/0xc08 [ 41.799597] __pm_runtime_resume+0xa8/0x140 [ 41.803621] host1x_probe+0x810/0xbc0 [host1x] [ 41.807909] platform_probe+0xcc/0x1a8 [ 41.811845] really_probe+0x188/0x800 [ 41.815347] __driver_probe_device+0x164/0x360 [ 41.819810] driver_probe_device+0x64/0x1a8 [ 41.823834] __driver_attach+0x180/0x490 [ 41.827773] bus_for_each_dev+0x104/0x1a0 [ 41.831797] driver_attach+0x44/0x68 [ 41.835296] bus_add_driver+0x23c/0x4e8 [ 41.839235] driver_register+0x15c/0x3a8 [ 41.843170] __platform_register_drivers+0xa4/0x208 [ 41.848159] tegra_host1x_init+0x4c/0xff8 [host1x] [ 41.853147] do_one_initcall+0xd4/0x380 [ 41.856997] do_init_module+0x1dc/0x698 [ 41.860758] load_module+0xc70/0x1300 [ 41.864435] __do_sys_init_module+0x1a8/0x1d0 [ 41.868721] __arm64_sys_init_module+0x74/0xb0 [ 41.873183] invoke_syscall.constprop.0+0xdc/0x1e8 [ 41.877997] do_el0_svc+0x154/0x1d0 [ 41.881671] el0_svc+0x54/0x140 [ 41.884820] el0t_64_sync_handler+0x120/0x130 [ 41.889285] el0t_64_sync+0x1a4/0x1a8 [ 41.892960] irq event stamp: 69737 [ 41.896370] hardirqs last enabled at (69737): [] _raw_spin_unlock_irqrestore+0x44/0xe8 [ 41.905739] hardirqs last disabled at (69736): ---truncated--- "
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-908"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.12",
"versionEndExcluding": "6.12.16",
"matchCriteriaId": "537F3B42-2EC5-47FB-8166-5ACF0353AFEC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.13",
"versionEndExcluding": "6.13.4",
"matchCriteriaId": "2A2093ED-74A9-43F9-AC72-50030F374EA4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.14:rc1:*:*:*:*:*:*",
"matchCriteriaId": "186716B6-2B66-4BD0-852E-D48E71C0C85F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.14:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0D3E781C-403A-498F-9DA9-ECEE50F41E75"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.14:rc3:*:*:*:*:*:*",
"matchCriteriaId": "66619FB8-0AAF-4166-B2CF-67B24143261D"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/02458fbfaa0170aabf8506f7d4ed054f02414251",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/127e91638ddcd02b80de92fec2240609a9f90426",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/396d8e5136b4476672bc15b83ba312486bb4bf76",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

78
CVE-2025/CVE-2025-272xx/CVE-2025-27219.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-27219",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-04T00:15:31.550",
"lastModified": "2025-03-04T00:15:31.550",
"vulnStatus": "Received",
"lastModified": "2025-03-05T14:05:15.387",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the CGI gem before 0.4.2 for Ruby, the CGI::Cookie.parse method in the CGI library contains a potential Denial of Service (DoS) vulnerability. The method does not impose any limit on the length of the raw cookie value it processes. This oversight can lead to excessive resource consumption when parsing extremely large cookies."
},
{
"lang": "es",
"value": "En la gema CGI anterior a la versi\u00f3n 0.4.2 para Ruby, el m\u00e9todo CGI::Cookie.parse de la librer\u00eda CGI contiene una posible vulnerabilidad de denegaci\u00f3n de servicio (DoS). El m\u00e9todo no impone ning\u00fan l\u00edmite en la longitud del valor de cookie sin procesar que procesa. Este descuido puede provocar un consumo excesivo de recursos al analizar cookies extremadamente grandes."
}
],
"metrics": {
@ -32,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -45,16 +69,62 @@
"value": "CWE-770"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ruby-lang:cgi:*:*:*:*:*:ruby:*:*",
"versionEndExcluding": "0.3.5.1",
"matchCriteriaId": "E7161F63-FEE1-4803-A460-FE87E323B05D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ruby-lang:cgi:*:*:*:*:*:ruby:*:*",
"versionStartIncluding": "0.4.0",
"versionEndExcluding": "0.4.2",
"matchCriteriaId": "A30117BA-C46E-44BB-A581-86E43F37D6E4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ruby-lang:cgi:0.3.6:*:*:*:*:ruby:*:*",
"matchCriteriaId": "8AE1C5F9-0743-49A2-8292-0018FEEF81E0"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/cgi/CVE-2025-27219.yml",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://hackerone.com/reports/2936778",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
]
}
]
}

95
CVE-2025/CVE-2025-272xx/CVE-2025-27220.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-27220",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-04T00:15:31.693",
"lastModified": "2025-03-04T00:15:31.693",
"vulnStatus": "Received",
"lastModified": "2025-03-05T14:05:49.230",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the CGI gem before 0.4.2 for Ruby, a Regular Expression Denial of Service (ReDoS) vulnerability exists in the Util#escapeElement method."
},
{
"lang": "es",
"value": "En la gema CGI anterior a 0.4.2 para Ruby, existe una vulnerabilidad de denegaci\u00f3n de servicio de expresi\u00f3n regular (ReDoS) en el m\u00e9todo Util#escapeElement."
}
],
"metrics": {
@ -32,6 +36,26 @@
},
"exploitabilityScore": 2.2,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -45,16 +69,79 @@
"value": "CWE-1333"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1333"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ruby-lang:cgi:*:*:*:*:*:ruby:*:*",
"versionEndExcluding": "0.3.5.1",
"matchCriteriaId": "E7161F63-FEE1-4803-A460-FE87E323B05D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ruby-lang:cgi:*:*:*:*:*:ruby:*:*",
"versionStartIncluding": "0.4.0",
"versionEndExcluding": "0.4.2",
"matchCriteriaId": "A30117BA-C46E-44BB-A581-86E43F37D6E4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ruby-lang:cgi:0.3.6:*:*:*:*:ruby:*:*",
"matchCriteriaId": "8AE1C5F9-0743-49A2-8292-0018FEEF81E0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:a:ruby-lang:ruby:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DD748C02-1E5E-4D92-9C41-2BF953874C32"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:a:ruby-lang:ruby:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8850AECE-0966-403B-A0D8-694C3ECE39D4"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/cgi/CVE-2025-27220.yml",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://hackerone.com/reports/2890322",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
]
}
]
}

87
CVE-2025/CVE-2025-272xx/CVE-2025-27221.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-27221",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-03-04T00:15:31.847",
"lastModified": "2025-03-04T00:15:31.847",
"vulnStatus": "Received",
"lastModified": "2025-03-05T14:05:49.230",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the URI gem before 1.0.3 for Ruby, the URI handling methods (URI.join, URI#merge, URI#+) have an inadvertent leakage of authentication credentials because userinfo is retained even after changing the host."
},
{
"lang": "es",
"value": "En la gema URI anterior a 1.0.3 para Ruby, los m\u00e9todos de gesti\u00f3n de URI (URI.join, URI#merge, URI#+) tienen una fuga involuntaria de credenciales de autenticaci\u00f3n porque la informaci\u00f3n del usuario se conserva incluso despu\u00e9s de cambiar el host."
}
],
"metrics": {
@ -32,6 +36,26 @@
},
"exploitabilityScore": 1.4,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
@ -45,16 +69,71 @@
"value": "CWE-212"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-212"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tal:url:*:*:*:*:*:ruby:*:*",
"versionEndExcluding": "0.11.3",
"matchCriteriaId": "C655E620-3EA7-4A4E-B744-76F0A04A3417"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tal:url:*:*:*:*:*:ruby:*:*",
"versionStartIncluding": "0.12.0",
"versionEndExcluding": "0.12.4",
"matchCriteriaId": "81DF3903-2BF5-46F8-8EE4-0C6CEF6179B6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tal:url:*:*:*:*:*:ruby:*:*",
"versionStartIncluding": "0.13.0",
"versionEndExcluding": "0.13.2",
"matchCriteriaId": "650C2267-9E99-4CC3-9252-C4B20DB7A27C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tal:url:*:*:*:*:*:ruby:*:*",
"versionStartIncluding": "1.0.0",
"versionEndExcluding": "1.0.3",
"matchCriteriaId": "338FD493-9163-4B7F-AD4C-34DE29B6423A"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/uri/CVE-2025-27221.yml",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://hackerone.com/reports/2957667",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
]
}
]
}

44
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2025-03-05T13:00:19.691050+00:00
2025-03-05T15:00:20.760643+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2025-03-05T12:15:35.420000+00:00
2025-03-05T14:15:36.540000+00:00
```
### Last Data Feed Release
@ -33,27 +33,45 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
284229
284232
```
### CVEs added in the last Commit
Recently added CVEs: `8`
Recently added CVEs: `3`
- [CVE-2024-11153](CVE-2024/CVE-2024-111xx/CVE-2024-11153.json) (`2025-03-05T12:15:33.287`)
- [CVE-2024-11951](CVE-2024/CVE-2024-119xx/CVE-2024-11951.json) (`2025-03-05T12:15:34.510`)
- [CVE-2024-12281](CVE-2024/CVE-2024-122xx/CVE-2024-12281.json) (`2025-03-05T12:15:34.657`)
- [CVE-2024-12650](CVE-2024/CVE-2024-126xx/CVE-2024-12650.json) (`2025-03-05T12:15:34.803`)
- [CVE-2024-13423](CVE-2024/CVE-2024-134xx/CVE-2024-13423.json) (`2025-03-05T12:15:34.960`)
- [CVE-2024-13471](CVE-2024/CVE-2024-134xx/CVE-2024-13471.json) (`2025-03-05T12:15:35.110`)
- [CVE-2025-1463](CVE-2025/CVE-2025-14xx/CVE-2025-1463.json) (`2025-03-05T12:15:35.270`)
- [CVE-2025-1702](CVE-2025/CVE-2025-17xx/CVE-2025-1702.json) (`2025-03-05T12:15:35.420`)
- [CVE-2024-11216](CVE-2024/CVE-2024-112xx/CVE-2024-11216.json) (`2025-03-05T13:15:11.493`)
- [CVE-2024-12097](CVE-2024/CVE-2024-120xx/CVE-2024-12097.json) (`2025-03-05T14:15:35.280`)
- [CVE-2024-13147](CVE-2024/CVE-2024-131xx/CVE-2024-13147.json) (`2025-03-05T14:15:35.910`)
### CVEs modified in the last Commit
Recently modified CVEs: `0`
Recently modified CVEs: `23`
- [CVE-2022-49733](CVE-2022/CVE-2022-497xx/CVE-2022-49733.json) (`2025-03-05T14:05:15.387`)
- [CVE-2023-50316](CVE-2023/CVE-2023-503xx/CVE-2023-50316.json) (`2025-03-05T14:08:19.020`)
- [CVE-2024-58022](CVE-2024/CVE-2024-580xx/CVE-2024-58022.json) (`2025-03-05T14:05:15.387`)
- [CVE-2024-58042](CVE-2024/CVE-2024-580xx/CVE-2024-58042.json) (`2025-03-05T14:05:15.387`)
- [CVE-2025-0285](CVE-2025/CVE-2025-02xx/CVE-2025-0285.json) (`2025-03-05T14:15:36.060`)
- [CVE-2025-0287](CVE-2025/CVE-2025-02xx/CVE-2025-0287.json) (`2025-03-05T14:15:36.253`)
- [CVE-2025-0288](CVE-2025/CVE-2025-02xx/CVE-2025-0288.json) (`2025-03-05T14:15:36.390`)
- [CVE-2025-0289](CVE-2025/CVE-2025-02xx/CVE-2025-0289.json) (`2025-03-05T14:15:36.540`)
- [CVE-2025-1702](CVE-2025/CVE-2025-17xx/CVE-2025-1702.json) (`2025-03-05T12:15:35.420`)
- [CVE-2025-1879](CVE-2025/CVE-2025-18xx/CVE-2025-1879.json) (`2025-03-05T14:05:15.387`)
- [CVE-2025-1880](CVE-2025/CVE-2025-18xx/CVE-2025-1880.json) (`2025-03-05T14:05:15.387`)
- [CVE-2025-1881](CVE-2025/CVE-2025-18xx/CVE-2025-1881.json) (`2025-03-05T14:05:15.387`)
- [CVE-2025-1890](CVE-2025/CVE-2025-18xx/CVE-2025-1890.json) (`2025-03-05T14:05:15.387`)
- [CVE-2025-21793](CVE-2025/CVE-2025-217xx/CVE-2025-21793.json) (`2025-03-05T14:05:15.387`)
- [CVE-2025-21794](CVE-2025/CVE-2025-217xx/CVE-2025-21794.json) (`2025-03-05T14:05:15.387`)
- [CVE-2025-21798](CVE-2025/CVE-2025-217xx/CVE-2025-21798.json) (`2025-03-05T14:05:15.387`)
- [CVE-2025-21809](CVE-2025/CVE-2025-218xx/CVE-2025-21809.json) (`2025-03-05T14:05:15.387`)
- [CVE-2025-21814](CVE-2025/CVE-2025-218xx/CVE-2025-21814.json) (`2025-03-05T14:05:15.387`)
- [CVE-2025-21820](CVE-2025/CVE-2025-218xx/CVE-2025-21820.json) (`2025-03-05T14:05:15.387`)
- [CVE-2025-21824](CVE-2025/CVE-2025-218xx/CVE-2025-21824.json) (`2025-03-05T14:05:15.387`)
- [CVE-2025-27219](CVE-2025/CVE-2025-272xx/CVE-2025-27219.json) (`2025-03-05T14:05:15.387`)
- [CVE-2025-27220](CVE-2025/CVE-2025-272xx/CVE-2025-27220.json) (`2025-03-05T14:05:49.230`)
- [CVE-2025-27221](CVE-2025/CVE-2025-272xx/CVE-2025-27221.json) (`2025-03-05T14:05:49.230`)
## Download and Usage

63
_state.csv
View File

@ -213917,7 +213917,7 @@ CVE-2022-4973,0,0,3f7bb8af7d8ad41d4b8c2b6df6303f0dad9415526c1ebfae5140748d302176
CVE-2022-49730,0,0,2bfdce97189f4294a4f5bd9bb6fb8ea7daf4ec20279fe3e8023054ddc72e2701,2025-02-27T19:15:47.153000
CVE-2022-49731,0,0,3087aebf92cbb510ce471fc8272df920f283560767e2c40c990611543a35c126,2025-02-26T07:01:48.710000
CVE-2022-49732,0,0,91e898c8ed487c200545020bc19ca94e34172dbee027d967192fdde21cd00234,2025-02-26T15:15:17.843000
CVE-2022-49733,0,0,00f2b16464e767d64334286585f8472692130288e9ce1355e7473b1b47f21c8d,2025-03-02T15:15:11.480000
CVE-2022-49733,0,1,fc0c6252bda4004b2b7a07aea99702f475ab06667c4f4e935e922bfbdec22966,2025-03-05T14:05:15.387000
CVE-2022-4974,0,0,b3c59950ee3eade0f74a15ade2edad03cf700537d377a12415779325d85e4da4,2024-10-16T16:38:14.557000
CVE-2022-4975,0,0,f3499ac468d9abe551aab7c55d7d6df29ba7ff95cc64d5206edf5add6a87fbd5,2025-01-27T14:15:27.210000
CVE-2023-0001,0,0,2dfbf6dbe59b530ec18f5af443ba14cd4d2a5b201d3a1ffcc25574a8da444091,2024-11-21T07:36:22.050000
@ -239495,7 +239495,7 @@ CVE-2023-50312,0,0,1e67563904324223fd079dcc66d3aab87e6451abcc03afbf697386cae3c09
CVE-2023-50313,0,0,a83e416401577e94df6dfe4b1b998ddd0a8952164aaa6f5ea90e36bebd23e193,2024-11-21T08:36:50.540000
CVE-2023-50314,0,0,ce35340ffb0568ccdcb723e50bf9507ce76dc59cc4416bfa4739778b544bd02c,2024-08-23T19:20:22.473000
CVE-2023-50315,0,0,625341a76fda8905bc70b73219527e00e0b32c20581d112bacaee69e8b51c52a,2024-09-11T13:38:26.370000
CVE-2023-50316,0,0,738fa1fe1c0ac05fb59cb3adbd5eb1b053b621a6374a1a29bd6c1cda5bdd4292,2025-01-28T01:15:08.410000
CVE-2023-50316,0,1,d2a6fa563d8c7c4f2ca779aa41670344d5eee71be8ccf35a8b979a86c4517fe1,2025-03-05T14:08:19.020000
CVE-2023-5032,0,0,4ede5b17693a04ef49d59f95a825f1eb5b57b0f4b8cfa1778c1a2dc8be2d09df,2024-11-21T08:40:55.963000
CVE-2023-50324,0,0,000a39c6d0a06cbde348ac025e564c5cce355db8654aef4cbde2d0d01df1d4ed,2024-11-21T08:36:50.840000
CVE-2023-50326,0,0,bd3bc6fce1ffc5491df4da766864b97e8ced1cbb50bba99d705adb05a7f7ceb3,2024-11-21T08:36:50.950000
@ -245287,7 +245287,7 @@ CVE-2024-11148,0,0,f1a9b14e986a1cdbe7196e88d3aefe9d741f79a0512dc67842ac7d7556ea6
CVE-2024-11149,0,0,8ad93fc62008b87e3a1f42f9b1f7c4174a7c4102476e1865f181fd8fd630ab52,2024-12-06T02:15:18.127000
CVE-2024-1115,0,0,dd875c679e12a582e34ee954cd3620e780335d232c345f8362745b6ecc6a1bb8,2024-11-21T08:49:49.887000
CVE-2024-11150,0,0,ee08facb687c71e0758a3f80ca5be44dd7cddce83b66eb6f473227f03ba9086e,2024-11-19T16:57:05.407000
CVE-2024-11153,1,1,11f526a66842234fb7480415b0e2ca7bbb8c158ecfa0ce80b582af047f25caf6,2025-03-05T12:15:33.287000
CVE-2024-11153,0,0,11f526a66842234fb7480415b0e2ca7bbb8c158ecfa0ce80b582af047f25caf6,2025-03-05T12:15:33.287000
CVE-2024-11154,0,0,1d007c9319ffd27da392e9be5bae93f9e0fe9120d11601f0387b6b03bc9f2945,2024-11-21T13:57:24.187000
CVE-2024-11155,0,0,b7062c0b399995063fe2a625442bd6626c60aa76fcb13e89717b66c8ebee721d,2024-12-06T19:15:10.730000
CVE-2024-11156,0,0,ea1fe2a973d15fdece4824e57dc16a1bcfe810ffcf2d9b4d711f82a25c787244,2024-12-17T15:52:01.670000
@ -245340,6 +245340,7 @@ CVE-2024-11212,0,0,dad420a6e86f99c5e67692991f0bb8597771bef4a10b7a730d646b52f4f41
CVE-2024-11213,0,0,0a835f1f24f19dbff91d96d3a6351088ad7320e11ffd8b9112fe1d7f03522e6f,2024-11-19T15:48:58.680000
CVE-2024-11214,0,0,ce293b49fa3792aed1bdef0278728de22346b7c8c6fd060fecdb1a211d7c2a56,2024-11-19T15:38:59.060000
CVE-2024-11215,0,0,649934bde3315408f935571e43aced9541face2e1cac41750a3378db1c35aaf3,2024-11-15T13:58:08.913000
CVE-2024-11216,1,1,a6c74f3e9ab35e562debd77e74e353f728b8647e91c626d40439216aac83aa2a,2025-03-05T13:15:11.493000
CVE-2024-11217,0,0,cb24a1bdb987ee2ebd888113abdd2cecfb9cb2fe9a3dca74044179030beb620c,2024-11-18T17:11:56.587000
CVE-2024-11218,0,0,875e6819ebb5635213862f7e98526a8a05a16cd878e41e397f3a02b1ffd8c4e0,2025-03-05T06:15:33.043000
CVE-2024-11219,0,0,e0425cf1f1ca40cc6d95ef04e03e17b5776d09d72a88fcf5abbcb2ac00f59570,2024-11-27T06:15:18.110000
@ -246061,7 +246062,7 @@ CVE-2024-11948,0,0,63c29d57ca2d54a9012c75c22d15bb5abf864d6477c7fa55fde21714e103a
CVE-2024-11949,0,0,8c8ca0b9d255f5a6445ed2a115142b5d13432f7081db7ee9affe350ed098a50e,2024-12-13T19:28:30.873000
CVE-2024-1195,0,0,3368bf518c27a729a23598a4bc9bc8456794ebbc8ed421e1b9fb54311a27af0c,2024-11-21T08:50:00.723000
CVE-2024-11950,0,0,df36014500ed7b6f7946ef04cfd4a777d6bd62d2ab461c18fe6d382ea2d08354,2024-12-12T01:40:21.820000
CVE-2024-11951,1,1,e9883c17437e660660b4a15b0609483f54271d2d34fa6ff9c1f8df9c2fbd0648,2025-03-05T12:15:34.510000
CVE-2024-11951,0,0,e9883c17437e660660b4a15b0609483f54271d2d34fa6ff9c1f8df9c2fbd0648,2025-03-05T12:15:34.510000
CVE-2024-11952,0,0,8be0c69e3107fa6f3273f59b11ff511450df70a157d0236a300dd71a0356b941,2024-12-04T09:15:04.637000
CVE-2024-11954,0,0,4285770ed381cd7f5197033d510494069e724ce14634f9774d473591316f5acd,2025-01-28T15:15:11.130000
CVE-2024-11955,0,0,2af5adda5da26b6323fd1ffc39c86bb8d22bbc8895e47ad587f94331f0b10e55,2025-03-04T13:49:18.880000
@ -246187,6 +246188,7 @@ CVE-2024-12092,0,0,6cedbb52bdc4fd872b35781acb98ac9a9b54d520c5d29f314ba4235099726
CVE-2024-12094,0,0,6dd85a9b2557f08ee364682e83ba2b4a96df650121716b26f85951e9de06f6f5,2024-12-05T13:15:05.923000
CVE-2024-12095,0,0,266981a4f802a4e630b12ac2741c69386abcb730aae3bae3718e0ed36165b300,2025-02-11T02:15:33.547000
CVE-2024-12096,0,0,a0b37dcc639d983cbff8481184c987ae3b7851e6c867f94b52bee5fdf38bc784,2024-12-24T17:15:07.497000
CVE-2024-12097,1,1,f0fbc9cab5ca704ee3f0fcbeb9df9f3077c0ffb3abbe086aa053df92f7b5e220,2025-03-05T14:15:35.280000
CVE-2024-12098,0,0,cfa03906537e6957dc74f6fb1d7564d835cb1a36c16bba952c18f41c644686c9,2025-01-07T04:15:07.837000
CVE-2024-12099,0,0,82c97da21165b875b9d77b9a11ed031ee03fad8a14b90d2e80c74afeac6e262d,2024-12-04T04:15:04.287000
CVE-2024-1210,0,0,f5a9389cac94cbfcfa3f0d961d1ea27115bf7afa331ce2988db15dbaf2efdf76,2024-11-21T08:50:02.867000
@ -246357,7 +246359,7 @@ CVE-2024-12276,0,0,e5bd927071e71d6948c4a1baa287eb37d95c029623029cf811ef1986567a1
CVE-2024-12279,0,0,28f926ab6f57c2b10bee59d6914cc0152fa6a23fa0d172ad6d11e3d9d407b5c2,2025-01-04T12:15:24.453000
CVE-2024-1228,0,0,d9ad08a0c1348634a61421c1ad7147deaf6d1d0acee23e78628f7298f108b1d0,2024-11-21T08:50:06.280000
CVE-2024-12280,0,0,877a1ef9090370a5789c2e7362afe046232f3567d1b51a01b5cd894549fa6293,2025-01-28T21:15:16.317000
CVE-2024-12281,1,1,69dd31685f0952daaba34ef0bc28dc9dff9bcbebbbb3027cc1f38a03e65ec354,2025-03-05T12:15:34.657000
CVE-2024-12281,0,0,69dd31685f0952daaba34ef0bc28dc9dff9bcbebbbb3027cc1f38a03e65ec354,2025-03-05T12:15:34.657000
CVE-2024-12283,0,0,27e00fa0bc574ce5113c52cfd02ee2100414eb1f36a7d99001797949356bf37d,2024-12-11T09:15:05.697000
CVE-2024-12284,0,0,58f0822b9c3e54960af89f6bf167625557218b7bd5211a87b1cc3ca0764a5320,2025-02-20T00:15:19.360000
CVE-2024-12285,0,0,a4a2b41992c880fc476ecd11de1a7b15521385b3ddf2ced01c35545193640e43,2025-01-09T11:15:12.883000
@ -246695,7 +246697,7 @@ CVE-2024-12647,0,0,097229fbc22a476768b6d005bd091a1df5d7c888609e99d7b0178db2af7e0
CVE-2024-12648,0,0,f7105fbfd47374a1794df860725a9911e48791c9ed50a1aba7744dbecb1d01d1,2025-01-28T01:15:08.700000
CVE-2024-12649,0,0,e7a3943e3bdcf0ae90e97fc59e152e3a3496d0b67d2aae6d30f2c730ae8aee45,2025-01-28T01:15:08.823000
CVE-2024-1265,0,0,b39c324e3936d2b2eba136bb9fb37e8f905e9dd3fbb95d7d724d951e7512509f,2024-11-21T08:50:11.610000
CVE-2024-12650,1,1,d053b6261299479d23db53f81d49d03fe3c0125bb240ae71049339dcc113149b,2025-03-05T12:15:34.803000
CVE-2024-12650,0,0,d053b6261299479d23db53f81d49d03fe3c0125bb240ae71049339dcc113149b,2025-03-05T12:15:34.803000
CVE-2024-12651,0,0,837aacbe578de000aea5728f06a396783e15fde3692a8a521fed4e89c370dbc1,2025-02-14T14:15:31.487000
CVE-2024-12652,0,0,7f5cf7f8bad74d2992fb68b5b70492ca046a7d5637ddd855697e567c2221bb7f,2024-12-26T04:15:05.660000
CVE-2024-12653,0,0,5da61cf03f4157427ca9b9c8435df3b2d30c5b41ddc62a189ca0d7a75c1c8975,2024-12-18T13:53:28.700000
@ -247112,6 +247114,7 @@ CVE-2024-13142,0,0,83cd0ec82f1a2b8cb6c41841e46d0299ee030474dc8bce00e898bf7c3451e
CVE-2024-13143,0,0,2d1d64f3642c4512a91652d1c43c226acaba3a89d87b58cf23cbe6f5d959b82f,2025-01-06T00:15:05.460000
CVE-2024-13144,0,0,cbdedf0ba314069fc9465dd283b23b5b130c41c32e40b222fa368abcc66db722,2025-01-06T00:15:05.633000
CVE-2024-13145,0,0,5c365a974659bd41337fcb8adb2d8fbc8e9cd8f5a39411bbe19577a7fc11a4ee,2025-01-06T01:15:06.253000
CVE-2024-13147,1,1,343038e0e5fda9e074575f80d86a2f71b9de0f3dde5b2b0c00e3413bd06794a9,2025-03-05T14:15:35.910000
CVE-2024-13148,0,0,5e62731777939a6cccea414e3b22f75ba2217f43648f57abb338beb059e81dd8,2025-02-27T15:15:38.583000
CVE-2024-1315,0,0,ae67b7f13a317bdc1be64b4fdf580a08492423f203ba37c909a5dc9e35687d4a,2025-01-17T17:30:38.363000
CVE-2024-13152,0,0,122264645183d9f888de428d629fb2ba29cf302edc1f968441a9e42307fca5f1,2025-02-14T13:15:42.170000
@ -247378,7 +247381,7 @@ CVE-2024-13417,0,0,8cab866664bb2b3a861f8a2fd2fcba4e1325fa44575c36d479d147ebcdc09
CVE-2024-1342,0,0,2f41e6eac1e33a309fc72543d371a67df7cdf22eae12449849cd3aab8e438d93,2024-10-14T22:15:03.180000
CVE-2024-13421,0,0,dff352970d11f97bef9f2004dfd5104aef40893ad488e84401453d94e51e2f24,2025-02-25T04:00:16.123000
CVE-2024-13422,0,0,edac0508b914957f5223777fa87a143f36eeebdc6522d4663ecb13bbee620189,2025-01-23T12:15:28.163000
CVE-2024-13423,1,1,ad013cf7063530c189cad33688cbc60e935d1ca37076a9be20295ddb2eaec2f4,2025-03-05T12:15:34.960000
CVE-2024-13423,0,0,ad013cf7063530c189cad33688cbc60e935d1ca37076a9be20295ddb2eaec2f4,2025-03-05T12:15:34.960000
CVE-2024-13424,0,0,370975f1d5c5dbca69325f5ce6d38bab2ed23e0268961523b76c7b51bd5cfd1d,2025-01-31T06:15:29.443000
CVE-2024-13425,0,0,237ea5cb491f715b975686bb5ff57420b8d04b440f81d846e123cb2cd3c6bc41,2025-02-05T16:08:25.610000
CVE-2024-13426,0,0,86fab2a47173ecbfa78b3dbc75ac72da294fc64d34b2b04366fafee0f3e9a13d,2025-01-24T18:37:38.503000
@ -247423,7 +247426,7 @@ CVE-2024-13468,0,0,b48d1fa3d35721ccb47a1fb4394610e679bd03891ed40ec26ea0d83834fe3
CVE-2024-13469,0,0,59dce6c462c5a88a80921bfc05a3a5bb68a1971f53d52b089cd62613870d0a02,2025-02-28T09:15:09.823000
CVE-2024-1347,0,0,b12a4cbf8e4f285872bf9a248874204d9208208e515ae74de2299237bb6626ad,2024-12-11T19:24:26.643000
CVE-2024-13470,0,0,62d62489ae69e29df63f8eb0190e3d2c26ee16e4de50a68486e1e17ce16780e9,2025-02-04T18:51:38.467000
CVE-2024-13471,1,1,c2b3475b8b9340ee7eafc3015ca60d311a7a71d13802743276d03f35c7f296e9,2025-03-05T12:15:35.110000
CVE-2024-13471,0,0,c2b3475b8b9340ee7eafc3015ca60d311a7a71d13802743276d03f35c7f296e9,2025-03-05T12:15:35.110000
CVE-2024-13472,0,0,78a083d4b9b0a592d2a2cc443e9c6a93e0d6fbb4d284dd5848fb1a89da8cee59,2025-02-11T21:06:13.237000
CVE-2024-13473,0,0,373b88cb5ad56591f1b1770e530e918a12459beb69655014b2f5d50cfdfcd511,2025-02-18T18:15:18.990000
CVE-2024-13474,0,0,119b2bcc9f6d7ee06993a83df97481ecb1d6f18c67fd910f35088fb4eaa5cb22,2025-02-22T05:15:12.410000
@ -276333,11 +276336,11 @@ CVE-2024-58019,0,0,ebe852acb58145e0f515ee4e65d8d88d1691b0b856363c64f164142eb938a
CVE-2024-5802,0,0,19fff604014c9cef9e0f8bc6a62b84f7523f1797653eafe6700c36b3d03bd7a8,2024-11-21T09:48:21.447000
CVE-2024-58020,0,0,c6dd37c1ce19d533a907eee523d03dd86887dec00b10f065b1660bbe7fc7135b,2025-02-27T03:15:12.997000
CVE-2024-58021,0,0,228350909b9f49e0925cb16d6fff6890df30f86ad805ed469980f5769f553c12,2025-02-27T03:15:13.110000
CVE-2024-58022,0,0,c59187fdd2099f2dec586001ea4c6972a210587752ee11248ba233a172fffa01,2025-02-27T20:16:02.073000
CVE-2024-58022,0,1,fa469b1694a27ff9f3883dfbb31bb0fb81728568f162205ac4ad417c587e1c4b,2025-03-05T14:05:15.387000
CVE-2024-5803,0,0,9f82593b4c57457c96daef99978d68eaca19c8db6ce80dfb437501b3b95974d3,2024-10-04T13:50:43.727000
CVE-2024-58034,0,0,a58d20858f51668ab0e30ae7e40910f616321f1f89fdedf57b44aac4e3186045,2025-03-04T18:15:24.617000
CVE-2024-5804,0,0,2f00fd3e9947e9e26596c3d44370745abf63c8732a08c44c5ab0acfd9a8ea957,2024-11-21T09:48:21.677000
CVE-2024-58042,0,0,502331969ce94ccf5daf60fc8f541250357b1f650adae06328d2ee8a405cb343,2025-02-27T20:16:02.257000
CVE-2024-58042,0,1,913d82d5746eaf56dcb73a81d4d4f1fa1f2df917e4048e31415852279ac58b5c,2025-03-05T14:05:15.387000
CVE-2024-58043,0,0,6c9910f151efabab9fe50138adf0da55634410981bc17ef17a1c0db9e0e3064e,2025-03-04T08:15:34.480000
CVE-2024-58044,0,0,8e00020c0a23f91d16935df02123388ecc92dafd7e3584b75e082f22487dd0da,2025-03-04T08:15:34.750000
CVE-2024-58045,0,0,3f471ef259c7022a6a0a348332711cb0922f730d2612ffd76edbb88143589def,2025-03-04T08:15:34.973000
@ -280136,11 +280139,11 @@ CVE-2025-0246,0,0,c39f5bdf37092ddacf9510ed2d75cd9204291d6d9bc9dd6c5bd8168e56e080
CVE-2025-0247,0,0,0125f498ef227ebc436135b5d9339a763bd05ec1f3a6e4d4fb60e8d0a9524607,2025-01-14T17:15:20.547000
CVE-2025-0282,0,0,193a86684d492a70f8035af4d9672f451f74d0f498147e63c150db661e49e756,2025-02-20T23:15:11.950000
CVE-2025-0283,0,0,170559952a9515dd5478b031ee87167014dac9ea49e5e0d222b13defbaf7dddd,2025-01-14T15:58:55.813000
CVE-2025-0285,0,0,8bef17d3f85cba40ca0c2d7eb2962a0b4098c9c2a2ea291e3924377e2de2a5c0,2025-03-04T16:15:36.020000
CVE-2025-0285,0,1,4831dfb88edfaad15d3b159af89ca8e4b44eba800428b41a9fa527cf07435932,2025-03-05T14:15:36.060000
CVE-2025-0286,0,0,31a9fcd6eceae0e8ab746102c51a8f90d8bdbebc7d503dcf99fb542761883442,2025-03-04T16:15:36.167000
CVE-2025-0287,0,0,99b2806e0b914384724b92a9eeda355dfeaeb1f153364014a4accbba6bc06de4,2025-03-03T20:15:44.100000
CVE-2025-0288,0,0,5535019b67c8186a5a2a2f66909842decaee326bbc7e615060a66e0dcdf41d37,2025-03-04T16:15:36.317000
CVE-2025-0289,0,0,bde669fd45186b8a31a5a0375129ab340a8c051d355c15c4807dca5af7b187de,2025-03-04T16:15:36.467000
CVE-2025-0287,0,1,4dcb5dd88c8e60224b4c9a209ee5974c1a6c00db395b72c96cdce748b13a63dd,2025-03-05T14:15:36.253000
CVE-2025-0288,0,1,0b1e2365b27ccfce1154f46e7d56ca5437e3871eb5ed29ae989f0655fe49bfbe,2025-03-05T14:15:36.390000
CVE-2025-0289,0,1,b048b066c322e6746f9d2ad3d9569f0fb36c1ec7366376297a2bfd2dce508d49,2025-03-05T14:15:36.540000
CVE-2025-0290,0,0,1b0af77f22124c7fd21050a24684089c59772f145263e66a578112620b4a0b4d,2025-01-28T09:15:09.363000
CVE-2025-0291,0,0,c1c3893d4e09f9e0204fc40192dba70b3c3378a020c5622ef22757e5df4fb545,2025-02-11T15:16:03.447000
CVE-2025-0294,0,0,c9b2fc3087b74017273fe9485890135d0ff2bb52c4c2bc9ab42cdccd09c8f44c,2025-01-07T15:15:12.113000
@ -280850,7 +280853,7 @@ CVE-2025-1448,0,0,dcd55b821241f3fcd52c60ec5d939cca30ac2e0644079f21a4efc2df8a0c8c
CVE-2025-1450,0,0,49a816e7c5a69e24720ab368bac5ce58ec4ef269578dc55c279521400fe5c40f,2025-02-27T10:15:10.677000
CVE-2025-1459,0,0,d4ba0fca00fb1394af6261aef7e66ea4aa76dab54f464d17b8cd4c337f3e2ffd,2025-03-01T07:15:10.980000
CVE-2025-1460,0,0,a5c8e5382cd35abbaca03691402634777bdd210b53f824eaa70027825fcc1ff3,2025-02-26T23:15:10.193000
CVE-2025-1463,1,1,d248ef273a3b5e888e172d8fd07cc9fd97f2fb7f97e8edd42c6b6898096b1d0e,2025-03-05T12:15:35.270000
CVE-2025-1463,0,0,d248ef273a3b5e888e172d8fd07cc9fd97f2fb7f97e8edd42c6b6898096b1d0e,2025-03-05T12:15:35.270000
CVE-2025-1464,0,0,ea6fca9902a8d66594a81d7b3846b2dc6106ea09c92a543daddd03a001b2d75e,2025-02-19T14:15:30.337000
CVE-2025-1465,0,0,41a404e0122a844f3dcf572de60d74f1a85e1ffddfa3b480532531f09012cc4f,2025-02-25T21:07:23.137000
CVE-2025-1467,0,0,f546a361731baa7bcb46e4389211cb2202d736c84cdfe0fcff550dc198f81f26,2025-02-23T16:15:08.400000
@ -280955,7 +280958,7 @@ CVE-2025-1691,0,0,fa342911d8aff1f1c916fab2606c8daed81ceb012a2ca7f67eb6c905e0ec58
CVE-2025-1692,0,0,ada4fe9963e6bfb9428a6effda149b259cc8c8d330fa71a5cddb43ce0441e458,2025-02-27T13:15:11.413000
CVE-2025-1693,0,0,78bee8ea11b0f84269d8265b773d2949284a15da89c9262684dc7b4564686390,2025-02-27T13:15:11.563000
CVE-2025-1695,0,0,357cfe78a2c92e1c865a0bb908329007d0ab26040698f97311ebba02a25bd231,2025-03-04T01:15:10.063000
CVE-2025-1702,1,1,a6760250977384f237a2063ccd808fd8627b14562a8964bf2c4c378b796fc78e,2025-03-05T12:15:35.420000
CVE-2025-1702,0,1,41f2b6913f8c8180797afd2cc2f175ceac2f74f281e62e10b6b473a6add44571,2025-03-05T12:15:35.420000
CVE-2025-1716,0,0,db3aecae26e7981ab8a106cfd43bc335b9dad5cbc10d04d2c9d637c981434378,2025-03-03T16:15:39.520000
CVE-2025-1717,0,0,531ae6ccf2948d3fb4bab20d73b08fd6766b8bf8893677c6840dec6217d1f072,2025-02-27T08:15:31.130000
CVE-2025-1723,0,0,bd3dc44ce79d918f1eca963344abea138edda86e5a9253ac44f547b43e3ab229,2025-03-03T08:15:15.717000
@ -281047,12 +281050,12 @@ CVE-2025-1875,0,0,05a3bf51a95148d04bc21a250ccef05a1148e7afa6764429679a636a04f327
CVE-2025-1876,0,0,b0ccd9a3c40b94458651917984a63f6cfe9c27f4d03f238f5e27495b9a9a3392,2025-03-04T17:15:14.313000
CVE-2025-1877,0,0,4b3ca9eb38fe13d61b6a5fe1999238787def06e15c7cfb4ade6a5110ae7008d1,2025-03-03T19:15:34.180000
CVE-2025-1878,0,0,ec23e88b569005bf7d3c4526d077acc62c590ae5f6c22422ff423486f2dbc798,2025-03-03T19:15:34.387000
CVE-2025-1879,0,0,acc64ec8d5a295a37fd36d2847aa407b8c77ad841f38a076dbb5ebaf330d518d,2025-03-03T20:15:45.510000
CVE-2025-1880,0,0,226f0629ce5edc5a5e9b1fc0edae802ea4130e5a975c21f8005cf570735a0f71,2025-03-03T20:15:45.717000
CVE-2025-1881,0,0,f200a1b35fa04fb1cf756c59d318883b14b2ed22445032eb6d28b374aaf8378d,2025-03-03T21:15:18.097000
CVE-2025-1879,0,1,8dfd2646c676c3ece0a7cdb47902f86b3104dd08987a88251e5f89a02963e9ad,2025-03-05T14:05:15.387000
CVE-2025-1880,0,1,c72d611e03bec1601138d23f870cd9f7c0e1da9ae20c7fdea23df40cce84c0ac,2025-03-05T14:05:15.387000
CVE-2025-1881,0,1,30af475aa1857a9549937ceaba0a5a810af94b0854718b918bcc65af8247966d,2025-03-05T14:05:15.387000
CVE-2025-1882,0,0,258c65b462c2d3330a44589b1e6146be14f4578339a6a130d959fe1a0c619c59,2025-03-03T21:15:18.267000
CVE-2025-1889,0,0,f7cf73293a0ccf1008c443a59d3e7d9e6c3eafe2a69cacf7dd719e71afcc42d7,2025-03-04T12:15:32.370000
CVE-2025-1890,0,0,fb180de0a5553a034ff78b5b5a313fe552ef117fe5eb133cd304c74c41bebb8e,2025-03-04T00:15:31.190000
CVE-2025-1890,0,1,c1d47d4a4aeac7a335593000ae0438d3423e1a99470e82a526c70a2e79722b6e,2025-03-05T14:05:15.387000
CVE-2025-1891,0,0,48564a83b01094f027d40be0fc2e0faa1b03fdb1978bf68de11e33632eeefdd9,2025-03-04T17:15:14.510000
CVE-2025-1892,0,0,2fa96864979ccd34da4a094f4e313760a12e68561a0843aec1e575c6ac276b4a,2025-03-04T17:15:15.700000
CVE-2025-1893,0,0,9be412d2514b9be0790e5a4193b6955597746daf900e90c81d514cf9ccc312d7,2025-03-04T17:15:15.890000
@ -281776,12 +281779,12 @@ CVE-2025-21789,0,0,e477523ebf1c25bff34233693c1301cb500a0cc650ece9680b705605ac450
CVE-2025-21790,0,0,c20bf732c4cb238a8dedc4b5703caa71b82947fa16283e41cd9ceb2902ed25d4,2025-02-27T03:15:19.870000
CVE-2025-21791,0,0,8cd3044e2974ddbe5ec4d845888ae202de59370c264d374cccc339066a7a4834,2025-02-27T18:15:30.053000
CVE-2025-21792,0,0,30ce74f4157cc4d72041564941a761e9bab427028f9dbc41bf824055385783d0,2025-02-27T03:15:20.080000
CVE-2025-21793,0,0,f4785f6c704a229d9b97e9d469c9b51a2da61527fc3ee94d769b513745ab1c4f,2025-02-27T03:15:20.190000
CVE-2025-21794,0,0,eefab8a8b8cfcd9f6c0e290df00a77981b8d8af7ec7d5766ef3cc22f752f819d,2025-02-27T03:15:20.293000
CVE-2025-21793,0,1,9a7861c245a7b4cd4548bb2065778b0ee3c1b4414d4337450e9ba3cca6d8f72c,2025-03-05T14:05:15.387000
CVE-2025-21794,0,1,f6647e49bb9908d17a4c6de9f144258688ff3128fb4a245ba073f55b15aa9f22,2025-03-05T14:05:15.387000
CVE-2025-21795,0,0,815676136ff167ea211ac85d264a3129527371a209d25217b76d438c3f52fe9e,2025-02-27T03:15:20.390000
CVE-2025-21796,0,0,cec6654841982f5711d9d5a48f2c05b5c7cd88ea8da091f7dfce5e709904e74c,2025-02-27T18:15:30.210000
CVE-2025-21797,0,0,88445ee18da910ef5bfc7791d96ceef61083d17beebbb47d3aa8d3a13e039286,2025-02-27T19:15:50.807000
CVE-2025-21798,0,0,167a68326b948b5b7b175392cde3991a647689f6219c4640aab3fa38bdac3929,2025-02-27T20:16:02.477000
CVE-2025-21798,0,1,9fc961c2dc8a958e3699d87d565c8d3ee8d8054c582027e79f5a5b359595ecf4,2025-03-05T14:05:15.387000
CVE-2025-21799,0,0,3b8abdf6a148f43cbe7e5379c90405bbe9907485b65e459fe464395b6e077c85,2025-02-27T20:16:02.563000
CVE-2025-21800,0,0,b85c240f364818c80483c72d4d3b4ccf3c37b4c6eb0ab94e0c189b5f91261cfa,2025-02-27T20:16:02.660000
CVE-2025-21801,0,0,b2091f0a15d88754e84fef2b4a29fc94ad76a536a4b85fa75af7b434f485c543,2025-02-27T20:16:02.753000
@ -281792,22 +281795,22 @@ CVE-2025-21805,0,0,130755634bdbdf0e26144dc48e041cd2d3c9091da9f673a936a266c576aee
CVE-2025-21806,0,0,4b9664d0226df4067eaf096dd2e1d1d56c6473f10b7d359a25481dd598c88e9e,2025-02-27T20:16:03.220000
CVE-2025-21807,0,0,839061c416ed53205346020cb397a0da118a6b3431eca5e326eaa2d635936dde,2025-02-27T20:16:03.317000
CVE-2025-21808,0,0,84bce3df420f8d3db785caf233d71bd40ee3985bd8337dd2a9b820e6bd0a408e,2025-02-27T20:16:03.410000
CVE-2025-21809,0,0,f644127e42d3636b36c81e6c30dccdadcda85ab653c3bf8d10540ba5b3f11e26,2025-02-27T20:16:03.497000
CVE-2025-21809,0,1,2f4cb5efc653aac40b44d3818284785d3141db6e56217af95575ded45f9f2b5c,2025-03-05T14:05:15.387000
CVE-2025-21810,0,0,a6c30e94287c9c8d86b20b52c523e8b0de4fba5b3ecf6bbcb1e02bf3205e74bd,2025-02-27T20:16:03.587000
CVE-2025-21811,0,0,f4cf837d733fe9c7f89ff20c50a9b1b21bfae5f9fa68f7560bb7735d2ba8c602,2025-03-04T18:15:24.840000
CVE-2025-21812,0,0,7ab1e2667db13e9301bf6dc8371a94bc370eac4d101187c6481cc0bd898c0a20,2025-03-04T18:15:25.100000
CVE-2025-21813,0,0,796169d7100b9f68cc3cae340072c0f90bd1f5da53f6ec3d5de4f6f96ffe2fff,2025-02-27T20:16:03.883000
CVE-2025-21814,0,0,d61e6a6604289a43928f9985281c7eaadc09d460fef0080c1f10b34fdf9b65b2,2025-02-27T20:16:03.973000
CVE-2025-21814,0,1,03224a2dbb88c92b5106851fa0282460b832d59a0233255531097ac847c68eda,2025-03-05T14:05:15.387000
CVE-2025-21815,0,0,505081b931ce8b8c7648642e1759e5d2b9d854ed396415c4f32376b2124b935f,2025-02-27T20:16:04.063000
CVE-2025-21816,0,0,c528fc8128c19bc0bd15f68d6d374b8163180d99f68610bfa350a8bd45cfeffe,2025-02-27T20:16:04.150000
CVE-2025-21817,0,0,fb75e4ad84b34fea43e1625612ef1f6ef9314f907dcd5da0b3430bf5a489cbce,2025-02-27T20:16:04.243000
CVE-2025-21818,0,0,68cb1db63634248e0d05be36e88289887b47df3d3a20d0885cc9e5401cfe2ddb,2025-03-02T15:15:12.043000
CVE-2025-21819,0,0,94bfba28f3d8b661ffc0c813899c721c943da294e0b08f1f347068f2b89e6225,2025-02-27T20:16:04.430000
CVE-2025-21820,0,0,928b3fdbe42fa69be133f26d3b8d8ffc038a4e05f115c6d98b017372c42ef2d7,2025-02-27T20:16:04.520000
CVE-2025-21820,0,1,23c9cab68146fb0b910784e5d7f00192179f8dd92cced412d25a48d0e33f3c7b,2025-03-05T14:05:15.387000
CVE-2025-21821,0,0,fd6efc5d1ffad2a00aa09e345a704277d9daeb9e6fddc1a42c293b6132b6a1e2,2025-02-27T20:16:04.613000
CVE-2025-21822,0,0,20ef27da51fd71ed1bc2f3085ac0746fabc8aa34de630fd5cf985e239376c55c,2025-02-27T20:16:04.707000
CVE-2025-21823,0,0,3efea7bac95b4dbad864718b239ff2d7650371b6562540e3b6bd50e2065204cc,2025-02-27T20:16:04.793000
CVE-2025-21824,0,0,d431cf82e05c4a96a8a468793ca50b6e410f195e55525e3fb03ada321c9296cd,2025-02-27T20:16:04.890000
CVE-2025-21824,0,1,33d9372ff5aeb8119ad7223eccd8dac7a53a751809ee1b0f1514d0ff91718cbe,2025-03-05T14:05:15.387000
CVE-2025-22129,0,0,d84466451eb5813ecdb45d579943a91ad86a0d891b836c8fd8053b0ece067119,2025-02-04T19:15:33.360000
CVE-2025-22130,0,0,fe16d9f63e9545f97bce7adcca434385cbaf054f6f17003be6f1b5abf3fc1663,2025-01-08T16:15:38.543000
CVE-2025-22131,0,0,209f0b09db7969ce0de8827739da84ae754f62e53b6787f1c269b033ae39f483,2025-01-20T16:15:27.880000
@ -284080,9 +284083,9 @@ CVE-2025-27155,0,0,8a0e601ceb27497cf7a66896d5e2c5f04b5e8b322c82c3595db95b037f519
CVE-2025-27156,0,0,1485b83b5322898adfd8e07dd039704042cc58265ec55120e3be69d8d2592fdc,2025-03-04T17:15:18.997000
CVE-2025-27157,0,0,d1dc9b4dc7f892f66b40d5a59eaf35f745dad910762a74c52136c3d66f64265b,2025-02-27T17:15:16.867000
CVE-2025-27218,0,0,a1f84aab7c20671025069586dc6eda2e424af576b61d56df1ec2458e5aa40a25,2025-02-20T21:15:26.510000
CVE-2025-27219,0,0,295fec405d19b897ec81e7396e3eb1cc1e33ecd15786ce88f5ec798acd7a75e1,2025-03-04T00:15:31.550000
CVE-2025-27220,0,0,44e9dafce39ca09aa91341ea2f02b0e9ed3077ac7005dad9a16747e065f8a171,2025-03-04T00:15:31.693000
CVE-2025-27221,0,0,9b5fad18d406a25e6b5c92830928fe678ca83b72f0bce9be41cb10041ff9b2bf,2025-03-04T00:15:31.847000
CVE-2025-27219,0,1,26edee725f061a3765542776ac788c3175c25b1ef75e4fb56599c36f84b19b30,2025-03-05T14:05:15.387000
CVE-2025-27220,0,1,a02d37616d39b53901b34b45fe17d833959193f3655f17498861fe751a8ed44e,2025-03-05T14:05:49.230000
CVE-2025-27221,0,1,a77e2ee5b7be7126d70eb1fc9ecc3c0c9965218d6caa5649ef94dfa24ec52f83,2025-03-05T14:05:49.230000
CVE-2025-27263,0,0,bb2fb5fbdd50586632b45bcd28ca8d1b94cc0c3d678d9350164209de7a3a7d9c,2025-03-03T14:15:57.980000
CVE-2025-27264,0,0,3266982b454bfda336470c942e22fa435d9ddfb60b41319a7c42000b556f0d3c,2025-03-03T14:15:58.123000
CVE-2025-27265,0,0,064ce13be3b2caa339c06df0a9bbd275da3bf393870e4191cf15429558044c93,2025-02-24T15:15:14.310000

Can't render this file because it is too large.