admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-06 18:52:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-02-16T21:00:24.395998+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-02-16 21:00:28 +00:00
parent e3f050237e
commit f75593931a
75 changed files with 2937 additions and 403 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
CVE-2003/CVE-2003-03xx/CVE-2003-0356.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2003-0356",
"sourceIdentifier": "cve@mitre.org",
"published": "2003-06-09T04:00:00.000",
"lastModified": "2024-02-14T01:17:43.863",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-02-16T20:39:42.697",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,6 +15,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
@ -48,7 +70,7 @@
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
"value": "CWE-193"
}
]
}
@ -62,9 +84,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ethereal_group:ethereal:*:*:*:*:*:*:*:*",
"versionEndIncluding": "0.9.11",
"matchCriteriaId": "B1B01BC9-2B10-4FC8-9CBE-C5A6F7ECBB3E"
"criteria": "cpe:2.3:a:ethereal:ethereal:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.9.12",
"matchCriteriaId": "8147E775-9C11-43BB-8616-03E92D765F41"
}
]
}
@ -76,6 +98,7 @@
"url": "http://www.debian.org/security/2003/dsa-313",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Patch",
"Vendor Advisory"
]
@ -84,29 +107,39 @@
"url": "http://www.ethereal.com/appnotes/enpa-sa-00009.html",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Patch",
"Vendor Advisory",
"URL Repurposed"
"Vendor Advisory"
]
},
{
"url": "http://www.kb.cert.org/vuls/id/641013",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:067",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2003-077.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A69",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
}
]
}

37
CVE-2003/CVE-2003-08xx/CVE-2003-0844.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2003-0844",
"sourceIdentifier": "cve@mitre.org",
"published": "2003-11-17T05:00:00.000",
"lastModified": "2016-10-18T02:37:54.887",
"vulnStatus": "Modified",
"lastModified": "2024-02-16T20:29:20.857",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,6 +15,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
@ -48,7 +70,7 @@
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
"value": "CWE-59"
}
]
}
@ -62,9 +84,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dag_apt_repository:mod_gzip:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:schroepl:mod_gzip:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.3.26.1a",
"matchCriteriaId": "3F18A4E3-D4C9-48D3-A0EB-C99DABD7C214"
"matchCriteriaId": "A0891F87-B15D-441C-ABF1-6E0328466087"
}
]
}
@ -74,7 +96,10 @@
"references": [
{
"url": "http://marc.info/?l=bugtraq&m=105457180009860&w=2",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List"
]
}
]
}

65
CVE-2003/CVE-2003-12xx/CVE-2003-1233.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2003-1233",
"sourceIdentifier": "cve@mitre.org",
"published": "2003-12-31T05:00:00.000",
"lastModified": "2017-07-11T01:29:50.933",
"vulnStatus": "Modified",
"lastModified": "2024-02-16T19:01:14.807",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
@ -44,7 +66,7 @@
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
"value": "CWE-59"
}
]
}
@ -58,13 +80,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pedestal_software:integrity_protection_driver:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "83F2F0D5-E7E1-4F3D-B766-BC4C599FF247"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pedestal_software:integrity_protection_driver:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A48668E9-B5BB-4844-B3BF-2283BCCF08B9"
"criteria": "cpe:2.3:a:pedestalsoftware:integrity_protection_driver:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.3",
"matchCriteriaId": "66F549F0-2AB8-4E19-B154-5D56939AD6E3"
}
]
}
@ -76,6 +94,7 @@
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-01/0017.html",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Patch"
]
},
@ -83,24 +102,44 @@
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-01/0018.html",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Exploit",
"Patch"
]
},
{
"url": "http://secunia.com/advisories/7816",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://www.phrack.org/show.php?p=59&a=16",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.securityfocus.com/bid/6511",
"source": "cve@mitre.org",
"tags": [
"Patch"
"Broken Link",
"Patch",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10979",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

110
CVE-2004/CVE-2004-00xx/CVE-2004-0005.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2004-0005",
"sourceIdentifier": "cve@mitre.org",
"published": "2004-03-03T05:00:00.000",
"lastModified": "2017-07-11T01:29:51.743",
"vulnStatus": "Modified",
"lastModified": "2024-02-16T20:47:22.607",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,6 +15,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
@ -48,7 +70,7 @@
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
"value": "CWE-193"
}
]
}
@ -61,9 +83,9 @@
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.75:*:*:*:*:*:*:*",
"matchCriteriaId": "42DC59A0-4BD8-42AC-B2E0-BFC32FCE7396"
"vulnerable": true,
"criteria": "cpe:2.3:a:gaim_project:gaim:0.75:*:*:*:*:*:*:*",
"matchCriteriaId": "D76DBB3D-8A92-4CB2-AEEA-13A9F834A36E"
}
]
}
@ -73,20 +95,31 @@
"references": [
{
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-01/0994.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000813",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "http://marc.info/?l=bugtraq&m=107513690306318&w=2",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List"
]
},
{
"url": "http://security.e-matters.de/advisories/012004.html",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Patch",
"Vendor Advisory"
]
@ -95,6 +128,7 @@
"url": "http://www.debian.org/security/2004/dsa-434",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Patch",
"Vendor Advisory"
]
@ -103,6 +137,7 @@
"url": "http://www.kb.cert.org/vuls/id/190366",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
},
@ -110,6 +145,7 @@
"url": "http://www.kb.cert.org/vuls/id/226974",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
},
@ -117,6 +153,7 @@
"url": "http://www.kb.cert.org/vuls/id/404470",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
},
@ -124,40 +161,79 @@
"url": "http://www.kb.cert.org/vuls/id/655974",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
},
{
"url": "http://www.novell.com/linux/security/advisories/2004_04_gaim.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.osvdb.org/3736",
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.securitytracker.com/id?1008850",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.361158",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch"
]
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14935",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14938",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14942",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14944",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://security.gentoo.org/glsa/200401-04",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

120
CVE-2004/CVE-2004-03xx/CVE-2004-0342.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2004-0342",
"sourceIdentifier": "cve@mitre.org",
"published": "2004-11-23T05:00:00.000",
"lastModified": "2017-07-11T01:30:05.197",
"vulnStatus": "Modified",
"lastModified": "2024-02-16T20:44:51.760",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
@ -44,7 +66,7 @@
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
"value": "CWE-193"
}
]
}
@ -58,68 +80,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:texas_imperial_software:wftpd:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "82BD6A19-CDF4-4873-9D1A-BD071DB16540"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:texas_imperial_software:wftpd:3.0:*:pro:*:*:*:*:*",
"matchCriteriaId": "48834DE9-009F-4ADF-882C-731AAE13216C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:texas_imperial_software:wftpd:3.0_0r3:*:*:*:*:*:*:*",
"matchCriteriaId": "24891A6D-A378-4598-BD99-2EB36166EC61"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:texas_imperial_software:wftpd:3.0_0r4:*:*:*:*:*:*:*",
"matchCriteriaId": "EA997791-D567-4F7F-86B2-C17C9DF846B8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:texas_imperial_software:wftpd:3.0_0r4:*:pro:*:*:*:*:*",
"matchCriteriaId": "02CE0404-0A9F-4D9B-BED8-175B91BD43D4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:texas_imperial_software:wftpd:3.0_0r5:*:*:*:*:*:*:*",
"matchCriteriaId": "76D31E58-1956-4462-9808-7C46807B2CDB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:texas_imperial_software:wftpd:3.0_0r5:*:pro:*:*:*:*:*",
"matchCriteriaId": "EDF7F8CF-6679-4F18-9D35-CA5063FC29EC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:texas_imperial_software:wftpd:3.10_r1:*:*:*:*:*:*:*",
"matchCriteriaId": "583AA9AF-279A-4855-B61F-436F2885FEC9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:texas_imperial_software:wftpd:3.20:*:*:*:*:*:*:*",
"matchCriteriaId": "25383662-444A-42D7-827C-A3F7B0C53B21"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:texas_imperial_software:wftpd:3.21:*:*:*:*:*:*:*",
"matchCriteriaId": "B0F19F32-622D-4C1A-932B-B78C4C012530"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:texas_imperial_software:wftpd:pro_3.10_r1:*:*:*:*:*:*:*",
"matchCriteriaId": "D50F437C-091B-4D4B-8D20-C1607520B6E0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:texas_imperial_software:wftpd:pro_3.20:*:*:*:*:*:*:*",
"matchCriteriaId": "9C67B50B-8D68-4BF8-B321-A04456FA0DDA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:texas_imperial_software:wftpd:pro_3.21:*:*:*:*:*:*:*",
"matchCriteriaId": "80212243-DB14-489C-A381-4915FC3C0B28"
"criteria": "cpe:2.3:a:wftpd_pro_server_project:wftpd_pro_server:3.21:r1:*:*:*:*:*:*",
"matchCriteriaId": "CD90BF85-41E3-4C2D-969A-DDA5DB4D7506"
}
]
}
@ -129,20 +91,44 @@
"references": [
{
"url": "http://marc.info/?l=bugtraq&m=107801142924976&w=2",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List"
]
},
{
"url": "http://secunia.com/advisories/11001",
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.osvdb.org/4116",
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.securityfocus.com/bid/9767",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Exploit",
"Patch",
"Third Party Advisory",
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15342",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

280
CVE-2009/CVE-2009-01xx/CVE-2009-0115.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2009-0115",
"sourceIdentifier": "cve@mitre.org",
"published": "2009-03-30T16:30:00.343",
"lastModified": "2017-09-29T01:33:38.637",
"vulnStatus": "Modified",
"lastModified": "2024-02-16T20:28:12.307",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,6 +15,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
@ -48,7 +70,7 @@
"description": [
{
"lang": "en",
"value": "CWE-264"
"value": "CWE-732"
}
]
}
@ -68,6 +90,149 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:9:*:*:*:*:*:*:*",
"matchCriteriaId": "743CBBB1-C140-4FEF-B40E-FAE4511B1140"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:10:*:*:*:*:*:*:*",
"matchCriteriaId": "7000D33B-F3C7-43E8-8FC7-9B97AADC3E12"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F92AB32-E7DE-43F4-B877-1F41FA162EC7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8C757774-08E7-40AA-B532-6F705C8F7639"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:avaya:intuity_audix_lx:2.0:-:*:*:*:*:*:*",
"matchCriteriaId": "BE386B55-B9FA-41BD-AD00-EB6A6552C34E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:avaya:intuity_audix_lx:2.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "965928CF-FDE4-42F7-9486-CB4D2F011225"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:avaya:intuity_audix_lx:2.0:sp2:*:*:*:*:*:*",
"matchCriteriaId": "1E61EBAF-F034-4070-BFD5-68AD1239CD86"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:avaya:message_networking:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E871348D-8FA1-4C77-BB8E-BECF9CF2FFD9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:avaya:messaging_storage_server:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "34E42226-4F91-4EEB-8151-71BA15E8B7D4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:avaya:messaging_storage_server:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB90E377-B821-4508-B1AB-B10F47975E54"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:avaya:messaging_storage_server:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FBA21139-B8E2-42A8-AC1D-8DA00F230D8B"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:novell:open_enterprise_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C5C0C136-E406-4628-994A-682E8E729B50"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:opensuse:opensuse:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.3",
"versionEndIncluding": "11.0",
"matchCriteriaId": "9A8362BB-5717-4714-BD92-220DDB646D07"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:9:*:*:*:*:*:*:*",
"matchCriteriaId": "68B14008-5E0A-4187-AF93-DE2FF5BA5921"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*",
"matchCriteriaId": "4CD2D897-E321-4CED-92E0-11A98B52053C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:-:*:*:*:*:*:*",
"matchCriteriaId": "38C3AEB0-59E2-400A-8943-60C0A223B680"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:juniper:ctpview:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.1",
"matchCriteriaId": "A2953793-3D79-4128-A841-EDAF50095FF6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:juniper:ctpview:7.1:-:*:*:*:*:*:*",
"matchCriteriaId": "D6B30D89-FF23-4818-A63D-7DE5C3328165"
}
]
}
]
}
],
"references": [
@ -75,56 +240,141 @@
"url": "http://download.opensuse.org/update/10.3-test/repodata/patch-kpartx-6082.xml",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Exploit"
]
},
{
"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10691",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://launchpad.net/bugs/cve/2009-0115",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List"
]
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List"
]
},
{
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000082.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "http://secunia.com/advisories/34418",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Vendor Advisory"
]
},
{
"url": "http://secunia.com/advisories/34642",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Vendor Advisory"
]
},
{
"url": "http://secunia.com/advisories/34694",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Vendor Advisory"
]
},
{
"url": "http://secunia.com/advisories/34710",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Vendor Advisory"
]
},
{
"url": "http://secunia.com/advisories/34759",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Vendor Advisory"
]
},
{
"url": "http://secunia.com/advisories/38794",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Vendor Advisory"
]
},
{
"url": "http://support.avaya.com/elmodocs2/security/ASA-2009-128.htm",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.debian.org/security/2009/dsa-1767",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.vupen.com/english/advisories/2010/0528",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
]
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9214",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00231.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List"
]
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00236.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List"
]
}
]
}

48
CVE-2014/CVE-2014-46xx/CVE-2014-4699.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2014-4699",
"sourceIdentifier": "cve@mitre.org",
"published": "2014-07-09T11:07:03.477",
"lastModified": "2023-11-07T02:20:38.313",
"vulnStatus": "Modified",
"lastModified": "2024-02-16T20:27:25.637",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -63,8 +63,44 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.6.17",
"versionEndExcluding": "3.2.61",
"matchCriteriaId": "0785E0FA-4822-4C68-A887-7DD53AD0A365"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.3",
"versionEndExcluding": "3.4.97",
"matchCriteriaId": "E91C93D6-A77B-4311-8155-786DFD057E9F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.5",
"versionEndExcluding": "3.10.47",
"matchCriteriaId": "AE7834E5-C99F-49F6-A832-525C325C2CF0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.11",
"versionEndExcluding": "3.12.25",
"matchCriteriaId": "2E455173-B4D8-4596-8489-C8C09F40CD75"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.13",
"versionEndExcluding": "3.14.11",
"matchCriteriaId": "B6F0E005-90A0-46D0-884F-2D66FF75F733"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.15",
"versionEndExcluding": "3.15.4",
"matchCriteriaId": "0D5E9AD0-230F-420A-80A8-B9AEB7CA4987"
"matchCriteriaId": "B559DFFD-E517-4BD0-8966-7083A26EB6C4"
}
]
}
@ -119,7 +155,11 @@
"references": [
{
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b9cd18de4db3c9ffa7e17b0dc0ca99ed5aa4d43a",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory"
]
},
{
"url": "http://linux.oracle.com/errata/ELSA-2014-0924.html",

22
CVE-2016/CVE-2016-21xx/CVE-2016-2107.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2016-2107",
"sourceIdentifier": "secalert@redhat.com",
"published": "2016-05-05T01:59:03.200",
"lastModified": "2023-11-07T02:30:55.923",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-02-16T19:19:33.320",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -334,13 +334,13 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hp:helion_openstack:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2BCDFC81-38CF-4116-8B09-071F2AA04A8D"
"criteria": "cpe:2.3:a:hp:helion_openstack:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "46D566AF-D1DE-4EAD-B881-DC40D1DE780C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hp:helion_openstack:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "501479BC-C702-4A12-9AC3-791C7C8B2292"
"criteria": "cpe:2.3:a:hp:helion_openstack:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "81BED703-422A-4937-8BF0-F83C248188F9"
},
{
"vulnerable": true,
@ -781,11 +781,17 @@
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=68595c0c2886e7942a14f98c17a55a88afb6c292",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03726en_us",

13
CVE-2018/CVE-2018-152xx/CVE-2018-15203.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2018-15203",
"sourceIdentifier": "cve@mitre.org",
"published": "2018-08-08T04:29:00.367",
"lastModified": "2018-10-09T19:01:17.267",
"lastModified": "2024-02-16T20:56:29.563",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -15,13 +15,13 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
@ -84,9 +84,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ignitedcms_project:ignitedcms:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:ignitedcms:ignitedcms:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2017-02-19",
"matchCriteriaId": "8BC24568-945D-41AD-82A2-86023A57F548"
"matchCriteriaId": "32B96C18-CCC3-44B0-A67E-B2772C8508B3"
}
]
}
@ -98,6 +98,7 @@
"url": "https://github.com/ignitedcms/ignitedcms/issues/4",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Exploit",
"Third Party Advisory"
]

13
CVE-2019/CVE-2019-133xx/CVE-2019-13370.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2019-13370",
"sourceIdentifier": "cve@mitre.org",
"published": "2019-07-06T22:15:09.937",
"lastModified": "2019-07-09T18:32:23.673",
"lastModified": "2024-02-16T20:56:51.980",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -15,13 +15,13 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
@ -84,9 +84,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ignitedcms_project:ignitedcms:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:ignitedcms:ignitedcms:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2017-02-19",
"matchCriteriaId": "8BC24568-945D-41AD-82A2-86023A57F548"
"matchCriteriaId": "32B96C18-CCC3-44B0-A67E-B2772C8508B3"
}
]
}
@ -98,6 +98,7 @@
"url": "https://github.com/ignitedcms/ignitedcms/issues/7",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Exploit",
"Third Party Advisory"
]

7
CVE-2020/CVE-2020-186xx/CVE-2020-18694.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-18694",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-08-06T19:15:06.963",
"lastModified": "2021-08-13T20:06:59.227",
"lastModified": "2024-02-16T20:57:41.817",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -84,8 +84,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ignitedcms_project:ignitedcms:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "34107BBA-7D80-42B7-8BF6-DB1A6CC30994"
"criteria": "cpe:2.3:a:ignitedcms:ignitedcms:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "88126037-FAFF-4FD0-B5E6-C94D23FBB26E"
}
]
}
@ -97,6 +97,7 @@
"url": "https://github.com/ignitedcms/ignitedcms/issues/5",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Exploit",
"Third Party Advisory"
]

55
CVE-2021/CVE-2021-202xx/CVE-2021-20288.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-20288",
"sourceIdentifier": "secalert@redhat.com",
"published": "2021-04-15T15:15:12.257",
"lastModified": "2023-11-07T03:29:04.517",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-02-16T20:33:54.877",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -65,7 +65,7 @@
},
"weaknesses": [
{
"source": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -73,6 +73,16 @@
"value": "CWE-287"
}
]
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"configurations": [
@ -131,6 +141,21 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
}
]
}
]
}
],
"references": [
@ -145,19 +170,35 @@
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00034.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/362CEPPYF3YMJZBEJQUT3KDE2EHYYIYQ/",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5BPIAYTRCWAU4XWCDBK2THEFVXSC4XGK/",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JVWUKUUS5BCIFWRV3JCUQMAPJ4HIWSED/",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://security.gentoo.org/glsa/202105-39",

37
CVE-2021/CVE-2021-294xx/CVE-2021-29473.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-29473",
"sourceIdentifier": "security-advisories@github.com",
"published": "2021-04-26T19:15:08.460",
"lastModified": "2023-12-22T10:15:09.050",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-02-16T19:20:28.487",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -125,8 +125,8 @@
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:3334:*:*:*:*:*:*:*",
"matchCriteriaId": "47264921-C157-472B-812A-05D8C8E8A672"
"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835"
}
]
}
@ -188,23 +188,42 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2XQT5F5IINTDYDAFGVGQZ7PMMLG7I5ZZ/",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWZLDECIXXW3CCZ3RS4A3NG5X5VE4WZM/",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LBKWLTXM7IKZ4PVGKLUQVAVFAYGGF7QR/",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P2A5GMJEXQ5Q76JK6F6VKK5JYCLVFGKN/",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://security.gentoo.org/glsa/202312-06",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.debian.org/security/2021/dsa-4958",

32
CVE-2021/CVE-2021-360xx/CVE-2021-36056.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-36056",
"sourceIdentifier": "psirt@adobe.com",
"published": "2021-09-01T15:15:10.997",
"lastModified": "2023-09-26T01:15:49.810",
"vulnStatus": "Modified",
"lastModified": "2024-02-16T19:17:17.647",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -41,19 +41,19 @@
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"exploitabilityScore": 1.3,
"impactScore": 5.9
}
],
@ -111,6 +111,21 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
}
]
}
]
}
],
"references": [
@ -124,7 +139,10 @@
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00032.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Mailing List"
]
}
]
}

28
CVE-2021/CVE-2021-360xx/CVE-2021-36057.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-36057",
"sourceIdentifier": "psirt@adobe.com",
"published": "2021-09-01T15:15:11.057",
"lastModified": "2023-11-07T03:36:41.760",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-02-16T19:18:04.637",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -39,7 +39,7 @@
],
"cvssMetricV30": [
{
"source": "078d4453-3bcd-4900-85e6-15281da43538",
"source": "psirt@adobe.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
@ -87,7 +87,7 @@
},
"weaknesses": [
{
"source": "078d4453-3bcd-4900-85e6-15281da43538",
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{
@ -113,6 +113,21 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
}
]
}
]
}
],
"references": [
@ -126,7 +141,10 @@
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00032.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Mailing List"
]
}
]
}

33
CVE-2022/CVE-2022-212xx/CVE-2022-21277.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-21277",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2022-01-19T12:15:11.697",
"lastModified": "2023-09-08T00:15:07.800",
"vulnStatus": "Modified",
"lastModified": "2024-02-16T19:22:00.267",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -144,8 +144,28 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:cloud_insights:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26FCA75B-4282-4E0F-95B4-640A82C8E91C"
"criteria": "cpe:2.3:a:netapp:7-mode_transition_tool:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7EF6650C-558D-45C8-AE7D-136EE70CB6D7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*",
"matchCriteriaId": "B55E8D50-99B4-47EC-86F9-699B67D473CE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:cloud_insights_acquisition_unit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCAA4004-9319-478C-9D55-0E8307F872F6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:cloud_secure_agent:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0F202E8-97E6-4BBB-A0B6-4CA3F5803C08"
},
{
"vulnerable": true,
@ -179,6 +199,11 @@
"criteria": "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5735E553-9731-4AAC-BCFF-989377F817B3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:santricity_storage_plugin:-:*:*:*:*:vcenter:*:*",
"matchCriteriaId": "82E94B87-065E-475F-815C-F49978CE22FC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:santricity_unified_manager:-:*:*:*:*:*:*:*",

16
CVE-2022/CVE-2022-253xx/CVE-2022-25332.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-25332",
"sourceIdentifier": "cert@ncsc.nl",
"published": "2023-10-19T10:15:09.683",
"lastModified": "2023-11-07T03:44:46.027",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-02-16T20:30:02.370",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -37,7 +37,7 @@
"impactScore": 3.6
},
{
"source": "cf4a7ff5-dd38-4ede-a530-ffaa7ea59c39",
"source": "cert@ncsc.nl",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -70,7 +70,7 @@
]
},
{
"source": "cf4a7ff5-dd38-4ede-a530-ffaa7ea59c39",
"source": "cert@ncsc.nl",
"type": "Secondary",
"description": [
{
@ -90,8 +90,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ti:omap-l138_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2470A5EA-6ADD-49BC-8094-5C9D0613C259"
"criteria": "cpe:2.3:o:ti:omap_l138_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E099834F-A5EF-4E60-A351-43FEF06E3C07"
}
]
},
@ -101,8 +101,8 @@
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ti:omap-l138:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D233BF22-A3B6-4E74-9418-8732C3E0201F"
"criteria": "cpe:2.3:h:ti:omap_l138:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D453CDD-014F-47EC-B6FD-9CE790450230"
}
]
}

16
CVE-2022/CVE-2022-483xx/CVE-2022-48328.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-48328",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-20T04:15:11.147",
"lastModified": "2023-10-30T22:15:09.787",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-02-16T19:10:18.267",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -88,11 +88,19 @@
},
{
"url": "https://zigrin.com/advisories/misp-sql-injection-in-crud-component/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://zigrin.com/cakephp-application-cybersecurity-research-hiding-in-plain-sight-the-hidden-danger-of-sql-injection-in-input-field-names/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
]
}
]
}

20
CVE-2023/CVE-2023-211xx/CVE-2023-21165.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21165",
"sourceIdentifier": "security@android.com",
"published": "2024-02-16T19:15:08.007",
"lastModified": "2024-02-16T20:15:47.257",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In DevmemIntUnmapPMR of devicemem_server.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/security/bulletin/2024-01-01",
"source": "security@android.com"
}
]
}

60
CVE-2023/CVE-2023-220xx/CVE-2023-22049.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22049",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2023-07-18T21:15:14.567",
"lastModified": "2023-09-19T11:16:14.407",
"vulnStatus": "Modified",
"lastModified": "2024-02-16T19:22:12.227",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -53,6 +53,11 @@
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
@ -151,12 +156,56 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:7-mode_transition_tool:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7EF6650C-558D-45C8-AE7D-136EE70CB6D7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*",
"matchCriteriaId": "B55E8D50-99B4-47EC-86F9-699B67D473CE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:cloud_insights_acquisition_unit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCAA4004-9319-478C-9D55-0E8307F872F6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:cloud_insights_storage_workload_security_agent:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B199052-5732-4726-B06B-A12C70DFB891"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5"
}
]
}
]
}
],
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20230725-0006/",
@ -174,7 +223,10 @@
},
{
"url": "https://www.debian.org/security/2023/dsa-5478",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2023.html",

44
CVE-2023/CVE-2023-249xx/CVE-2023-24998.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-24998",
"sourceIdentifier": "security@apache.org",
"published": "2023-02-20T16:15:10.423",
"lastModified": "2023-10-13T16:15:10.930",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-02-16T19:11:10.163",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -68,12 +68,35 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
}
]
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/05/22/1",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.apache.org/thread/4xl4l09mhwg4vgsk7dxqogcjrobrrdoy",
@ -85,15 +108,24 @@
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://security.gentoo.org/glsa/202305-37",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5522",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
]
}
]
}

6
CVE-2023/CVE-2023-310xx/CVE-2023-31072.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-31072",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-08-17T15:15:09.527",
"lastModified": "2023-08-23T13:18:35.667",
"lastModified": "2024-02-16T20:54:36.987",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -75,9 +75,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:advanced_category_template_project:advanced_category_template:*:*:*:*:*:wordpress:*:*",
"criteria": "cpe:2.3:a:praveengoswami:advanced_category_template:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "0.1",
"matchCriteriaId": "A128A7EC-C5AC-40B8-8E2F-47EC46672939"
"matchCriteriaId": "F7D3F9E1-CC48-4D3E-9606-F2E9F4C12457"
}
]
}

26
CVE-2023/CVE-2023-330xx/CVE-2023-33014.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-33014",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2024-01-02T06:15:08.763",
"lastModified": "2024-01-09T14:53:06.180",
"lastModified": "2024-02-16T20:46:08.317",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -107,8 +107,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:fastconnect6700_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB1AF0A-B274-4A81-BF6E-5B44A2732424"
"criteria": "cpe:2.3:h:qualcomm:fastconnect_6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "419A132E-E42C-4395-B74B-788A39DF1D13"
}
]
},
@ -118,8 +118,8 @@
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:fastconnect6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "04615EA2-76F4-472D-B21B-F6573F47F2F5"
"criteria": "cpe:2.3:o:qualcomm:fastconnect_6700_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82B82E87-F3F4-466F-A76B-C8809121FF6F"
}
]
}
@ -134,8 +134,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:fastconnect6900_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "930300D1-8D8B-42CA-8A95-58C05AB67CC7"
"criteria": "cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E670F500-9B71-4BBE-B5DA-221D35803C89"
}
]
},
@ -145,8 +145,8 @@
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:fastconnect6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA227A51-54D9-47AE-AD82-6D5B307BE71D"
"criteria": "cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9ADEB5C5-B79A-4F45-B7D3-75945B38DB6C"
}
]
}
@ -161,8 +161,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:fastconnect7800_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F12B646-6748-44F8-926B-BF093C2E8233"
"criteria": "cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3053D68-C5D8-4D47-A4F0-9F3AF2289E1D"
}
]
},
@ -172,8 +172,8 @@
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:fastconnect7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA294D6D-DD9D-4639-A351-59216AB7026C"
"criteria": "cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "638DBC7F-456F-487D-BED2-2214DFF8BEE2"
}
]
}

14
CVE-2023/CVE-2023-336xx/CVE-2023-33684.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-33684",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-06T20:15:14.217",
"lastModified": "2023-06-16T16:28:40.277",
"lastModified": "2024-02-16T20:34:46.687",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -56,13 +56,13 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dbbroadcast:spa_sft_dab_600\\/c_bios:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C7B20C43-44AE-4AC7-BD84-D1B4867FE739"
"criteria": "cpe:2.3:o:dbbroadcast:sft_dab_600\\/c_bios:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F00C4582-06AF-4589-ADB7-8F727E513E44"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dbbroadcast:spa_sft_dab_600\\/c_firmware:1.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "30294753-DFC1-4151-ADAF-70FF9A5EE594"
"criteria": "cpe:2.3:o:dbbroadcast:sft_dab_600\\/c_firmware:1.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B51EAD42-9B3F-44D5-973A-4758498D1339"
}
]
},
@ -72,8 +72,8 @@
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dbbroadcast:spa_sft_dab_600\\/c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3FCB434E-9CA7-43C7-9B43-71E4CB0A6712"
"criteria": "cpe:2.3:h:dbbroadcast:sft_dab_600\\/c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97E91C9F-B55C-4B1A-BE03-D1F03AC90FE5"
}
]
}

12
CVE-2023/CVE-2023-34xx/CVE-2023-3457.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-3457",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-06-29T14:15:09.807",
"lastModified": "2023-11-07T04:18:45.807",
"lastModified": "2024-02-16T19:42:24.760",
"vulnStatus": "Modified",
"descriptions": [
{
@ -33,7 +33,7 @@
"impactScore": 5.9
},
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -55,7 +55,7 @@
],
"cvssMetricV2": [
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
@ -81,7 +81,7 @@
},
"weaknesses": [
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
@ -100,8 +100,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:shopping_website_project:shopping_website:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB6F7B9D-35F5-4821-AA80-9942B5553734"
"criteria": "cpe:2.3:a:sanchitkmr:shopping_website:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F153EFA2-57C7-4DD0-8ED0-6DDE9D48AEA0"
}
]
}

12
CVE-2023/CVE-2023-34xx/CVE-2023-3458.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-3458",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-06-29T14:15:09.887",
"lastModified": "2023-11-07T04:18:46.130",
"lastModified": "2024-02-16T19:42:24.760",
"vulnStatus": "Modified",
"descriptions": [
{
@ -33,7 +33,7 @@
"impactScore": 5.9
},
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -55,7 +55,7 @@
],
"cvssMetricV2": [
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
@ -81,7 +81,7 @@
},
"weaknesses": [
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
@ -100,8 +100,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:shopping_website_project:shopping_website:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB6F7B9D-35F5-4821-AA80-9942B5553734"
"criteria": "cpe:2.3:a:sanchitkmr:shopping_website:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F153EFA2-57C7-4DD0-8ED0-6DDE9D48AEA0"
}
]
}

12
CVE-2023/CVE-2023-35xx/CVE-2023-3502.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-3502",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-04T14:15:09.573",
"lastModified": "2023-11-07T04:18:51.437",
"lastModified": "2024-02-16T19:42:24.760",
"vulnStatus": "Modified",
"descriptions": [
{
@ -33,7 +33,7 @@
"impactScore": 3.6
},
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -55,7 +55,7 @@
],
"cvssMetricV2": [
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
@ -81,7 +81,7 @@
},
"weaknesses": [
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
@ -100,8 +100,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:shopping_website_project:shopping_website:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB6F7B9D-35F5-4821-AA80-9942B5553734"
"criteria": "cpe:2.3:a:sanchitkmr:shopping_website:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F153EFA2-57C7-4DD0-8ED0-6DDE9D48AEA0"
}
]
}

12
CVE-2023/CVE-2023-35xx/CVE-2023-3503.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-3503",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-04T15:15:09.177",
"lastModified": "2023-11-07T04:18:51.807",
"lastModified": "2024-02-16T19:42:24.760",
"vulnStatus": "Modified",
"descriptions": [
{
@ -33,7 +33,7 @@
"impactScore": 5.9
},
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -55,7 +55,7 @@
],
"cvssMetricV2": [
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
@ -81,7 +81,7 @@
},
"weaknesses": [
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
@ -100,8 +100,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:shopping_website_project:shopping_website:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB6F7B9D-35F5-4821-AA80-9942B5553734"
"criteria": "cpe:2.3:a:sanchitkmr:shopping_website:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F153EFA2-57C7-4DD0-8ED0-6DDE9D48AEA0"
}
]
}

12
CVE-2023/CVE-2023-35xx/CVE-2023-3534.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-3534",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-07T12:15:09.447",
"lastModified": "2023-11-07T04:18:55.553",
"lastModified": "2024-02-16T19:42:24.760",
"vulnStatus": "Modified",
"descriptions": [
{
@ -33,7 +33,7 @@
"impactScore": 3.6
},
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -55,7 +55,7 @@
],
"cvssMetricV2": [
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
@ -81,7 +81,7 @@
},
"weaknesses": [
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
@ -100,8 +100,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:shopping_website_project:shopping_website:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB6F7B9D-35F5-4821-AA80-9942B5553734"
"criteria": "cpe:2.3:a:sanchitkmr:shopping_website:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F153EFA2-57C7-4DD0-8ED0-6DDE9D48AEA0"
}
]
}

59
CVE-2023/CVE-2023-391xx/CVE-2023-39196.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-39196",
"sourceIdentifier": "security@apache.org",
"published": "2024-02-07T13:15:07.933",
"lastModified": "2024-02-07T14:15:52.623",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-16T20:57:44.050",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Improper Authentication vulnerability in Apache Ozone.\n\nThe vulnerability allows an attacker to download metadata internal to the Storage Container Manager service without proper authentication.\nThe attacker is not allowed to do any modification within the Ozone Storage Container Manager service using this vulnerability.\nThe accessible metadata does not contain sensitive information that can be used to exploit the system later on, and the accessible data does not make it possible to gain access to actual user data within Ozone.\nThis issue affects Apache Ozone: 1.2.0 and subsequent releases up until 1.3.0.\n\nUsers are recommended to upgrade to version 1.4.0, which fixes the issue.\n\n"
},
{
"lang": "es",
"value": "Vulnerabilidad de autenticaci\u00f3n incorrecta en Apache Ozone. La vulnerabilidad permite a un atacante descargar metadatos internos del servicio Storage Container Manager sin la autenticaci\u00f3n adecuada. El atacante no puede realizar ninguna modificaci\u00f3n dentro del servicio Ozone Storage Container Manager utilizando esta vulnerabilidad. Los metadatos accesibles no contienen informaci\u00f3n confidencial que pueda usarse para explotar el sistema m\u00e1s adelante, y los datos accesibles no permiten acceder a los datos reales del usuario dentro de Ozone. Este problema afecta a Apache Ozone: 1.2.0 y versiones posteriores hasta la 1.3.0. Se recomienda a los usuarios actualizar a la versi\u00f3n 1.4.0, que soluciona el problema."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "security@apache.org",
"type": "Secondary",
@ -46,14 +70,41 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:ozone:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.2.0",
"versionEndIncluding": "1.3.0",
"matchCriteriaId": "CD060C34-1DDB-4018-AD60-A99B1306477D"
}
]
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/02/07/2",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread/o96ct5t7kj5cgrmmfc6756m931t08nky",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
}
]
}

24
CVE-2023/CVE-2023-400xx/CVE-2023-40085.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-40085",
"sourceIdentifier": "security@android.com",
"published": "2024-02-16T19:15:08.093",
"lastModified": "2024-02-16T19:26:55.393",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In convertSubgraphFromHAL of ShimConverter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://android.googlesource.com/platform/packages/modules/NeuralNetworks/+/ed6ee1f7eca7b33160e36ac6d730a9ef395ca4f1",
"source": "security@android.com"
},
{
"url": "https://source.android.com/security/bulletin/2024-01-01",
"source": "security@android.com"
}
]
}

68
CVE-2023/CVE-2023-402xx/CVE-2023-40264.json
View File

@ -2,19 +2,79 @@
"id": "CVE-2023-40264",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-08T23:15:09.773",
"lastModified": "2024-02-09T01:37:59.330",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-16T20:56:44.780",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Atos Unify OpenScape Voice Trace Manager V8 before V8 R0.9.11. It allows authenticated path traversal in the user interface."
},
{
"lang": "es",
"value": "Se descubri\u00f3 un problema en Atos Unify OpenScape Voice Trace Manager V8 anterior a V8 R0.9.11. Permite path traversal autenticado en la interfaz de usuario."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:unify:openscape_voice_trace_manager_v8:*:*:*:*:*:*:*:*",
"versionEndExcluding": "r0.9.11",
"matchCriteriaId": "7E89D865-6067-4452-B1D0-FBA3C917D153"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://networks.unify.com/security/advisories/OBSO-2305-02.pdf",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-424xx/CVE-2023-42450.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42450",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-19T16:15:12.897",
"lastModified": "2023-09-25T15:15:10.267",
"vulnStatus": "Modified",
"lastModified": "2024-02-16T20:35:15.717",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",

58
CVE-2023/CVE-2023-475xx/CVE-2023-47526.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-47526",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-02-12T07:15:07.650",
"lastModified": "2024-02-12T14:20:03.287",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-16T19:29:21.007",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -40,7 +60,7 @@
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -48,12 +68,42 @@
"value": "CWE-79"
}
]
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ays-pro:chartify:2.0.6:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "6BBA455C-9F4C-4894-8ED2-0DF9BC1819C3"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/chart-builder/wordpress-chartify-plugin-2-0-6-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

6
CVE-2023/CVE-2023-503xx/CVE-2023-50387.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-50387",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-14T16:15:45.300",
"lastModified": "2024-02-15T19:15:14.640",
"lastModified": "2024-02-16T20:15:47.323",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -16,6 +16,10 @@
],
"metrics": {},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/02/16/2",
"source": "cve@mitre.org"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-50387",
"source": "cve@mitre.org"

10
CVE-2023/CVE-2023-508xx/CVE-2023-50868.json
View File

@ -2,16 +2,24 @@
"id": "CVE-2023-50868",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-14T16:15:45.377",
"lastModified": "2024-02-15T01:15:08.047",
"lastModified": "2024-02-16T20:15:47.397",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is skipped) allows remote attackers to cause a denial of service (CPU consumption for SHA-1 computations) via DNSSEC responses in a random subdomain attack, aka the \"NSEC3\" issue. The RFC 5155 specification implies that an algorithm must perform thousands of iterations of a hash function in certain situations."
},
{
"lang": "es",
"value": "El aspecto Closest Encloser Proof del protocolo DNS (en RFC 5155 cuando se omite la gu\u00eda RFC 9276) permite a atacantes remotos provocar una denegaci\u00f3n de servicio (consumo de CPU para c\u00e1lculos SHA-1) a trav\u00e9s de respuestas DNSSEC en un ataque de subdominio aleatorio, tambi\u00e9n conocido como \" Problema NSEC3\". La especificaci\u00f3n RFC 5155 implica que un algoritmo debe realizar miles de iteraciones de una funci\u00f3n hash en determinadas situaciones."
}
],
"metrics": {},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/02/16/2",
"source": "cve@mitre.org"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-50868",
"source": "cve@mitre.org"

59
CVE-2023/CVE-2023-508xx/CVE-2023-50875.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-50875",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-02-12T07:15:08.920",
"lastModified": "2024-02-12T14:20:03.287",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-16T19:28:59.943",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -40,7 +60,7 @@
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -48,12 +68,43 @@
"value": "CWE-79"
}
]
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:automattic:sensei_lms:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "4.17.0",
"matchCriteriaId": "A05BC313-8908-44C5-81C9-593D890E0890"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/sensei-lms/wordpress-sensei-lms-plugin-4-17-0-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

24
CVE-2024/CVE-2024-00xx/CVE-2024-0015.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2024-0015",
"sourceIdentifier": "security@android.com",
"published": "2024-02-16T19:15:08.153",
"lastModified": "2024-02-16T19:26:55.393",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In convertToComponentName of DreamService.java, there is a possible way to launch arbitrary protected activities due to intent redirection. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://android.googlesource.com/platform/frameworks/base/+/2ce1b7fd37273ea19fbbb6daeeaa6212357b9a70",
"source": "security@android.com"
},
{
"url": "https://source.android.com/security/bulletin/2024-01-01",
"source": "security@android.com"
}
]
}

24
CVE-2024/CVE-2024-00xx/CVE-2024-0016.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2024-0016",
"sourceIdentifier": "security@android.com",
"published": "2024-02-16T20:15:47.460",
"lastModified": "2024-02-16T20:15:47.460",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In multiple locations, there is a possible out of bounds read due to a missing bounds check. This could lead to paired device information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/1d7ba7c8a205522f384e8d5c7c9f26a421cab5f1",
"source": "security@android.com"
},
{
"url": "https://source.android.com/security/bulletin/2024-01-01",
"source": "security@android.com"
}
]
}

24
CVE-2024/CVE-2024-00xx/CVE-2024-0017.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2024-0017",
"sourceIdentifier": "security@android.com",
"published": "2024-02-16T20:15:47.513",
"lastModified": "2024-02-16T20:15:47.513",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In shouldUseNoOpLocation of CameraActivity.java, there is a possible confused deputy due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://android.googlesource.com/platform/packages/apps/Camera2/+/5c4c4b35754eef319dcd69c422f0b1ac0c823f6e",
"source": "security@android.com"
},
{
"url": "https://source.android.com/security/bulletin/2024-01-01",
"source": "security@android.com"
}
]
}

24
CVE-2024/CVE-2024-00xx/CVE-2024-0018.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2024-0018",
"sourceIdentifier": "security@android.com",
"published": "2024-02-16T20:15:47.560",
"lastModified": "2024-02-16T20:15:47.560",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In convertYUV420Planar16ToY410 of ColorConverter.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://android.googlesource.com/platform/frameworks/av/+/bf6406041919f67219fd1829438dda28845d4c23",
"source": "security@android.com"
},
{
"url": "https://source.android.com/security/bulletin/2024-01-01",
"source": "security@android.com"
}
]
}

24
CVE-2024/CVE-2024-00xx/CVE-2024-0019.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2024-0019",
"sourceIdentifier": "security@android.com",
"published": "2024-02-16T20:15:47.610",
"lastModified": "2024-02-16T20:15:47.610",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In setListening of AppOpsControllerImpl.java, there is a possible way to hide the microphone privacy indicator when restarting systemUI due to a missing check for active recordings. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://android.googlesource.com/platform/frameworks/base/+/707fc94ec3df4cf6b985e6d06c2588690d1a025a",
"source": "security@android.com"
},
{
"url": "https://source.android.com/security/bulletin/2024-01-01",
"source": "security@android.com"
}
]
}

24
CVE-2024/CVE-2024-00xx/CVE-2024-0020.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2024-0020",
"sourceIdentifier": "security@android.com",
"published": "2024-02-16T20:15:47.667",
"lastModified": "2024-02-16T20:15:47.667",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In onActivityResult of NotificationSoundPreference.java, there is a possible way to hear audio files belonging to a different user due to a confused deputy. This could lead to local information disclosure across users of a device with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://android.googlesource.com/platform/packages/apps/Settings/+/87f791f2351e366f842a0fd6fcb744069160d9a1",
"source": "security@android.com"
},
{
"url": "https://source.android.com/security/bulletin/2024-01-01",
"source": "security@android.com"
}
]
}

24
CVE-2024/CVE-2024-00xx/CVE-2024-0021.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2024-0021",
"sourceIdentifier": "security@android.com",
"published": "2024-02-16T20:15:47.717",
"lastModified": "2024-02-16T20:15:47.717",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In onCreate of NotificationAccessConfirmationActivity.java, there is a possible way for an app in the work profile to enable notification listener services due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://android.googlesource.com/platform/packages/apps/Settings/+/53ea491d276f9a7c586c7983c08105a9bb7051f1",
"source": "security@android.com"
},
{
"url": "https://source.android.com/security/bulletin/2024-01-01",
"source": "security@android.com"
}
]
}

24
CVE-2024/CVE-2024-00xx/CVE-2024-0023.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2024-0023",
"sourceIdentifier": "security@android.com",
"published": "2024-02-16T20:15:47.767",
"lastModified": "2024-02-16T20:15:47.767",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In ConvertRGBToPlanarYUV of Codec2BufferUtils.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://android.googlesource.com/platform/frameworks/av/+/30b1b34cfd5abfcfee759e7d13167d368ac6c268",
"source": "security@android.com"
},
{
"url": "https://source.android.com/security/bulletin/2024-01-01",
"source": "security@android.com"
}
]
}

20
CVE-2024/CVE-2024-12xx/CVE-2024-1253.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-1253",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-02-06T17:15:10.507",
"lastModified": "2024-02-13T20:17:32.273",
"lastModified": "2024-02-16T20:56:02.073",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -97,6 +97,7 @@
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -104,9 +105,20 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:beijingbaichuo:smart_s40_management_platform:*:*:*:*:*:*:*:*",
"versionEndIncluding": "20240126",
"matchCriteriaId": "7058CBEF-1801-45BA-9BF7-B46062231B3A"
"criteria": "cpe:2.3:o:byzoro:smart_s40_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2024-01-26",
"matchCriteriaId": "43ADB69F-599C-417D-9204-0187EB658718"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:byzoro:smart_s40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12AC3A3A-A2FD-4D51-BB84-3D033A83D38B"
}
]
}

20
CVE-2024/CVE-2024-12xx/CVE-2024-1254.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-1254",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-02-06T19:15:09.747",
"lastModified": "2024-02-13T21:25:34.593",
"lastModified": "2024-02-16T20:54:41.887",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -107,6 +107,7 @@
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -114,9 +115,20 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:beijingbaichuo:smart_s20_management_platform:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2023.11.20",
"matchCriteriaId": "37C18E4B-ACCE-4104-8473-C6A371DF07DA"
"criteria": "cpe:2.3:o:byzoro:smart_s20_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2023-11-20",
"matchCriteriaId": "893E539E-830E-4DE7-B23D-D6531B2C7254"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:byzoro:smart_s20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "140F023D-7675-4CD6-8BDB-73C25EA541C4"
}
]
}

4
CVE-2024/CVE-2024-13xx/CVE-2024-1342.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1342",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-02-16T16:15:57.543",
"lastModified": "2024-02-16T16:15:57.543",
"vulnStatus": "Received",
"lastModified": "2024-02-16T19:26:55.393",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

55
CVE-2024/CVE-2024-15xx/CVE-2024-1591.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-1591",
"sourceIdentifier": "13061848-ea10-403d-bd75-c83a022c2891",
"published": "2024-02-16T19:15:08.207",
"lastModified": "2024-02-16T19:26:55.393",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Prior to version 24.1, a local authenticated attacker can view Sysvol when Privilege Management for Windows is configured to use a GPO policy. This allows them to view the policy and potentially find configuration issues."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "13061848-ea10-403d-bd75-c83a022c2891",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "13061848-ea10-403d-bd75-c83a022c2891",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://www.beyondtrust.com/trust-center/security-advisories/bt24-02",
"source": "13061848-ea10-403d-bd75-c83a022c2891"
}
]
}

110
CVE-2024/CVE-2024-207xx/CVE-2024-20716.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-20716",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-02-15T14:15:45.463",
"lastModified": "2024-02-15T14:28:20.067",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-16T20:43:24.443",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Adobe Commerce versions 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to an application denial-of-service. A high-privileged attacker could leverage this vulnerability to exhaust system resources, causing the application to slow down or crash. Exploitation of this issue does not require user interaction."
},
{
"lang": "es",
"value": "Las versiones 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 y anteriores de Adobe Commerce se ven afectadas por una vulnerabilidad de consumo incontrolado de recursos que podr\u00eda provocar una denegaci\u00f3n de servicio de la aplicaci\u00f3n. Un atacante con muchos privilegios podr\u00eda aprovechar esta vulnerabilidad para agotar los recursos del sistema, provocando que la aplicaci\u00f3n se ralentice o falle. La explotaci\u00f3n de este problema no requiere la interacci\u00f3n del usuario."
}
],
"metrics": {
@ -46,10 +50,110 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:-:*:*:*:*:*:*",
"matchCriteriaId": "D258D9EF-94FB-41F0-A7A5-7F66FA7A0055"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p1:*:*:*:*:*:*",
"matchCriteriaId": "4E5CF6F0-2388-4D3F-8FE1-43B8AF148564"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p2:*:*:*:*:*:*",
"matchCriteriaId": "D6D6F1A7-ABB5-4EDC-9EA8-98B74518847A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p3:*:*:*:*:*:*",
"matchCriteriaId": "CFEBDDF2-6443-4482-83B2-3CD272CF599F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p4:*:*:*:*:*:*",
"matchCriteriaId": "6661093F-8D22-450F-BC6C-A8894A52E6A9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p5:*:*:*:*:*:*",
"matchCriteriaId": "2515DA6D-2E74-4A05-BD29-FEEF3322BCB6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p6:*:*:*:*:*:*",
"matchCriteriaId": "69A1F1F7-E53C-40F3-B3D9-DC011FC353BF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:-:*:*:*:*:*:*",
"matchCriteriaId": "9B07F7B2-E915-4EFF-8FFC-91143CEF082E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p1:*:*:*:*:*:*",
"matchCriteriaId": "7F5E9DB6-1386-4274-8270-2FE0F0CAF7FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p2:*:*:*:*:*:*",
"matchCriteriaId": "8605E4E6-0F7D-42C8-B35B-2349A0BEFC69"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p3:*:*:*:*:*:*",
"matchCriteriaId": "B6318F97-E59A-4425-8DC7-045C78A644F8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p4:*:*:*:*:*:*",
"matchCriteriaId": "324A573E-DBC8-42A0-8CB8-EDD8FBAB7115"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p5:*:*:*:*:*:*",
"matchCriteriaId": "54151A00-CFB8-4E6A-8E74-497CB67BF7E2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.6:-:*:*:*:*:*:*",
"matchCriteriaId": "7C7AFBB1-F9C9-4BDE-BCEF-94C9F0AC6798"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.6:p1:*:*:*:*:*:*",
"matchCriteriaId": "D6086841-C175-46A1-8414-71C6163A0E7A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.6:p2:*:*:*:*:*:*",
"matchCriteriaId": "D2E0DDD1-0F4A-4F96-B25D-40A39A1A535A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.6:p3:*:*:*:*:*:*",
"matchCriteriaId": "A576B1B5-73A2-431E-998F-7E5458B51D6A"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/magento/apsb24-03.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

130
CVE-2024/CVE-2024-207xx/CVE-2024-20717.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-20717",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-02-15T14:15:45.663",
"lastModified": "2024-02-15T14:28:20.067",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-16T20:43:07.097",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Adobe Commerce versions 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field."
},
{
"lang": "es",
"value": "Las versiones 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 y anteriores de Adobe Commerce se ven afectadas por una vulnerabilidad de Cross-Site Scripting (XSS) Almacenado que podr\u00eda ser aprovechada por un atacante con pocos privilegios para inyectar scripts maliciosos en campos de formulario vulnerables. Se puede ejecutar JavaScript malicioso en el navegador de la v\u00edctima cuando navega a la p\u00e1gina que contiene el campo vulnerable."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "psirt@adobe.com",
"type": "Secondary",
@ -46,10 +70,110 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:-:*:*:*:*:*:*",
"matchCriteriaId": "D258D9EF-94FB-41F0-A7A5-7F66FA7A0055"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p1:*:*:*:*:*:*",
"matchCriteriaId": "4E5CF6F0-2388-4D3F-8FE1-43B8AF148564"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p2:*:*:*:*:*:*",
"matchCriteriaId": "D6D6F1A7-ABB5-4EDC-9EA8-98B74518847A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p3:*:*:*:*:*:*",
"matchCriteriaId": "CFEBDDF2-6443-4482-83B2-3CD272CF599F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p4:*:*:*:*:*:*",
"matchCriteriaId": "6661093F-8D22-450F-BC6C-A8894A52E6A9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p5:*:*:*:*:*:*",
"matchCriteriaId": "2515DA6D-2E74-4A05-BD29-FEEF3322BCB6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p6:*:*:*:*:*:*",
"matchCriteriaId": "69A1F1F7-E53C-40F3-B3D9-DC011FC353BF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:-:*:*:*:*:*:*",
"matchCriteriaId": "9B07F7B2-E915-4EFF-8FFC-91143CEF082E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p1:*:*:*:*:*:*",
"matchCriteriaId": "7F5E9DB6-1386-4274-8270-2FE0F0CAF7FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p2:*:*:*:*:*:*",
"matchCriteriaId": "8605E4E6-0F7D-42C8-B35B-2349A0BEFC69"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p3:*:*:*:*:*:*",
"matchCriteriaId": "B6318F97-E59A-4425-8DC7-045C78A644F8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p4:*:*:*:*:*:*",
"matchCriteriaId": "324A573E-DBC8-42A0-8CB8-EDD8FBAB7115"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p5:*:*:*:*:*:*",
"matchCriteriaId": "54151A00-CFB8-4E6A-8E74-497CB67BF7E2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.6:-:*:*:*:*:*:*",
"matchCriteriaId": "7C7AFBB1-F9C9-4BDE-BCEF-94C9F0AC6798"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.6:p1:*:*:*:*:*:*",
"matchCriteriaId": "D6086841-C175-46A1-8414-71C6163A0E7A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.6:p2:*:*:*:*:*:*",
"matchCriteriaId": "D2E0DDD1-0F4A-4F96-B25D-40A39A1A535A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.6:p3:*:*:*:*:*:*",
"matchCriteriaId": "A576B1B5-73A2-431E-998F-7E5458B51D6A"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/magento/apsb24-03.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

132
CVE-2024/CVE-2024-207xx/CVE-2024-20718.json
View File

@ -2,19 +2,43 @@
"id": "CVE-2024-20718",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-02-15T14:15:45.870",
"lastModified": "2024-02-15T14:28:20.067",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-16T20:42:56.020",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Adobe Commerce versions 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to trick a victim into performing actions they did not intend to do, which could be used to bypass security measures and gain unauthorized access. Exploitation of this issue requires user interaction, typically in the form of the victim clicking a link or visiting a malicious website."
},
{
"lang": "es",
"value": "Las versiones 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 y anteriores de Adobe Commerce se ven afectadas por una vulnerabilidad de Cross-Site Request Forgery (CSRF) que podr\u00eda provocar la omisi\u00f3n de una funci\u00f3n de seguridad. Un atacante podr\u00eda aprovechar esta vulnerabilidad para enga\u00f1ar a una v\u00edctima para que realice acciones que no ten\u00eda intenci\u00f3n de realizar, lo que podr\u00eda utilizarse para eludir las medidas de seguridad y obtener acceso no autorizado. La explotaci\u00f3n de este problema requiere la interacci\u00f3n del usuario, generalmente cuando la v\u00edctima hace clic en un enlace o visita un sitio web malicioso."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "psirt@adobe.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
@ -46,10 +70,110 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:-:*:*:*:*:*:*",
"matchCriteriaId": "D258D9EF-94FB-41F0-A7A5-7F66FA7A0055"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p1:*:*:*:*:*:*",
"matchCriteriaId": "4E5CF6F0-2388-4D3F-8FE1-43B8AF148564"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p2:*:*:*:*:*:*",
"matchCriteriaId": "D6D6F1A7-ABB5-4EDC-9EA8-98B74518847A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p3:*:*:*:*:*:*",
"matchCriteriaId": "CFEBDDF2-6443-4482-83B2-3CD272CF599F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p4:*:*:*:*:*:*",
"matchCriteriaId": "6661093F-8D22-450F-BC6C-A8894A52E6A9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p5:*:*:*:*:*:*",
"matchCriteriaId": "2515DA6D-2E74-4A05-BD29-FEEF3322BCB6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p6:*:*:*:*:*:*",
"matchCriteriaId": "69A1F1F7-E53C-40F3-B3D9-DC011FC353BF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:-:*:*:*:*:*:*",
"matchCriteriaId": "9B07F7B2-E915-4EFF-8FFC-91143CEF082E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p1:*:*:*:*:*:*",
"matchCriteriaId": "7F5E9DB6-1386-4274-8270-2FE0F0CAF7FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p2:*:*:*:*:*:*",
"matchCriteriaId": "8605E4E6-0F7D-42C8-B35B-2349A0BEFC69"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p3:*:*:*:*:*:*",
"matchCriteriaId": "B6318F97-E59A-4425-8DC7-045C78A644F8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p4:*:*:*:*:*:*",
"matchCriteriaId": "324A573E-DBC8-42A0-8CB8-EDD8FBAB7115"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p5:*:*:*:*:*:*",
"matchCriteriaId": "54151A00-CFB8-4E6A-8E74-497CB67BF7E2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.6:-:*:*:*:*:*:*",
"matchCriteriaId": "7C7AFBB1-F9C9-4BDE-BCEF-94C9F0AC6798"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.6:p1:*:*:*:*:*:*",
"matchCriteriaId": "D6086841-C175-46A1-8414-71C6163A0E7A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.6:p2:*:*:*:*:*:*",
"matchCriteriaId": "D2E0DDD1-0F4A-4F96-B25D-40A39A1A535A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.6:p3:*:*:*:*:*:*",
"matchCriteriaId": "A576B1B5-73A2-431E-998F-7E5458B51D6A"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/magento/apsb24-03.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

140
CVE-2024/CVE-2024-207xx/CVE-2024-20719.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-20719",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-02-15T14:15:46.077",
"lastModified": "2024-02-15T14:28:20.067",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-16T20:30:40.470",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Adobe Commerce versions 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an admin attacker to inject malicious scripts into every admin page. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field, that could be leveraged to gain admin access. "
},
{
"lang": "es",
"value": "Las versiones 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 y anteriores de Adobe Commerce se ven afectadas por una vulnerabilidad de Cross-Site Scripting (XSS) Almacenado que podr\u00eda ser aprovechada por un atacante administrador para inyectar secuencias de comandos maliciosas en cada p\u00e1gina administrada. Se puede ejecutar JavaScript malicioso en el navegador de la v\u00edctima cuando navega a la p\u00e1gina que contiene el campo vulnerable, que podr\u00eda aprovecharse para obtener acceso de administrador."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0
},
{
"source": "psirt@adobe.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "psirt@adobe.com",
"type": "Secondary",
@ -46,10 +80,110 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:-:*:*:*:*:*:*",
"matchCriteriaId": "D258D9EF-94FB-41F0-A7A5-7F66FA7A0055"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p1:*:*:*:*:*:*",
"matchCriteriaId": "4E5CF6F0-2388-4D3F-8FE1-43B8AF148564"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p2:*:*:*:*:*:*",
"matchCriteriaId": "D6D6F1A7-ABB5-4EDC-9EA8-98B74518847A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p3:*:*:*:*:*:*",
"matchCriteriaId": "CFEBDDF2-6443-4482-83B2-3CD272CF599F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p4:*:*:*:*:*:*",
"matchCriteriaId": "6661093F-8D22-450F-BC6C-A8894A52E6A9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p5:*:*:*:*:*:*",
"matchCriteriaId": "2515DA6D-2E74-4A05-BD29-FEEF3322BCB6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p6:*:*:*:*:*:*",
"matchCriteriaId": "69A1F1F7-E53C-40F3-B3D9-DC011FC353BF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:-:*:*:*:*:*:*",
"matchCriteriaId": "9B07F7B2-E915-4EFF-8FFC-91143CEF082E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p1:*:*:*:*:*:*",
"matchCriteriaId": "7F5E9DB6-1386-4274-8270-2FE0F0CAF7FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p2:*:*:*:*:*:*",
"matchCriteriaId": "8605E4E6-0F7D-42C8-B35B-2349A0BEFC69"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p3:*:*:*:*:*:*",
"matchCriteriaId": "B6318F97-E59A-4425-8DC7-045C78A644F8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p4:*:*:*:*:*:*",
"matchCriteriaId": "324A573E-DBC8-42A0-8CB8-EDD8FBAB7115"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p5:*:*:*:*:*:*",
"matchCriteriaId": "54151A00-CFB8-4E6A-8E74-497CB67BF7E2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.6:-:*:*:*:*:*:*",
"matchCriteriaId": "7C7AFBB1-F9C9-4BDE-BCEF-94C9F0AC6798"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.6:p1:*:*:*:*:*:*",
"matchCriteriaId": "D6086841-C175-46A1-8414-71C6163A0E7A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.6:p2:*:*:*:*:*:*",
"matchCriteriaId": "D2E0DDD1-0F4A-4F96-B25D-40A39A1A535A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.6:p3:*:*:*:*:*:*",
"matchCriteriaId": "A576B1B5-73A2-431E-998F-7E5458B51D6A"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/magento/apsb24-03.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

110
CVE-2024/CVE-2024-207xx/CVE-2024-20720.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-20720",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-02-15T14:15:46.283",
"lastModified": "2024-02-15T14:28:20.067",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-16T20:14:23.457",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Adobe Commerce versions 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by an attacker. Exploitation of this issue does not require user interaction."
},
{
"lang": "es",
"value": "Las versiones 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 y anteriores de Adobe Commerce se ven afectadas por una neutralizaci\u00f3n inadecuada de elementos especiales utilizados en una vulnerabilidad de comando del sistema operativo ('inyecci\u00f3n de comando del sistema operativo') eso podr\u00eda provocar la ejecuci\u00f3n de c\u00f3digo arbitrario por parte de un atacante. La explotaci\u00f3n de este problema no requiere la interacci\u00f3n del usuario."
}
],
"metrics": {
@ -46,10 +50,110 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:-:*:*:*:*:*:*",
"matchCriteriaId": "D258D9EF-94FB-41F0-A7A5-7F66FA7A0055"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p1:*:*:*:*:*:*",
"matchCriteriaId": "4E5CF6F0-2388-4D3F-8FE1-43B8AF148564"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p2:*:*:*:*:*:*",
"matchCriteriaId": "D6D6F1A7-ABB5-4EDC-9EA8-98B74518847A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p3:*:*:*:*:*:*",
"matchCriteriaId": "CFEBDDF2-6443-4482-83B2-3CD272CF599F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p4:*:*:*:*:*:*",
"matchCriteriaId": "6661093F-8D22-450F-BC6C-A8894A52E6A9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p5:*:*:*:*:*:*",
"matchCriteriaId": "2515DA6D-2E74-4A05-BD29-FEEF3322BCB6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p6:*:*:*:*:*:*",
"matchCriteriaId": "69A1F1F7-E53C-40F3-B3D9-DC011FC353BF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:-:*:*:*:*:*:*",
"matchCriteriaId": "9B07F7B2-E915-4EFF-8FFC-91143CEF082E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p1:*:*:*:*:*:*",
"matchCriteriaId": "7F5E9DB6-1386-4274-8270-2FE0F0CAF7FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p2:*:*:*:*:*:*",
"matchCriteriaId": "8605E4E6-0F7D-42C8-B35B-2349A0BEFC69"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p3:*:*:*:*:*:*",
"matchCriteriaId": "B6318F97-E59A-4425-8DC7-045C78A644F8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p4:*:*:*:*:*:*",
"matchCriteriaId": "324A573E-DBC8-42A0-8CB8-EDD8FBAB7115"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p5:*:*:*:*:*:*",
"matchCriteriaId": "54151A00-CFB8-4E6A-8E74-497CB67BF7E2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.6:-:*:*:*:*:*:*",
"matchCriteriaId": "7C7AFBB1-F9C9-4BDE-BCEF-94C9F0AC6798"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.6:p1:*:*:*:*:*:*",
"matchCriteriaId": "D6086841-C175-46A1-8414-71C6163A0E7A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.6:p2:*:*:*:*:*:*",
"matchCriteriaId": "D2E0DDD1-0F4A-4F96-B25D-40A39A1A535A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.6:p3:*:*:*:*:*:*",
"matchCriteriaId": "A576B1B5-73A2-431E-998F-7E5458B51D6A"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/magento/apsb24-03.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

31
CVE-2024/CVE-2024-207xx/CVE-2024-20722.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-20722",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-02-15T11:15:10.750",
"lastModified": "2024-02-15T14:28:31.380",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-16T20:09:06.823",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Substance3D - Painter versions 9.1.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
},
{
"lang": "es",
"value": "Substance3D: las versiones 9.1.1 y anteriores de Painter se ven afectadas por una vulnerabilidad de lectura fuera de los l\u00edmites que podr\u00eda provocar la divulgaci\u00f3n de memoria confidencial. Un atacante podr\u00eda aprovechar esta vulnerabilidad para evitar mitigaciones como ASLR. La explotaci\u00f3n de este problema requiere la interacci\u00f3n del usuario, ya que la v\u00edctima debe abrir un archivo malicioso."
}
],
"metrics": {
@ -46,10 +50,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:substance_3d_painter:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.1.1",
"matchCriteriaId": "FBEF83BE-DB69-4C92-AB39-9218EDAD3B06"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/substance3d_painter/apsb24-04.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

51
CVE-2024/CVE-2024-207xx/CVE-2024-20723.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-20723",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-02-15T11:15:11.383",
"lastModified": "2024-02-15T14:28:26.433",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-16T20:08:58.180",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Substance3D - Painter versions 9.1.1 and earlier are affected by a Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
},
{
"lang": "es",
"value": "Substance3D: las versiones 9.1.1 y anteriores de Painter se ven afectadas por una vulnerabilidad de desbordamiento de b\u00fafer que podr\u00eda provocar la ejecuci\u00f3n de c\u00f3digo arbitrario en el contexto del usuario actual. La explotaci\u00f3n de este problema requiere la interacci\u00f3n del usuario, ya que la v\u00edctima debe abrir un archivo malicioso."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "psirt@adobe.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:substance_3d_painter:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.1.1",
"matchCriteriaId": "FBEF83BE-DB69-4C92-AB39-9218EDAD3B06"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/substance3d_painter/apsb24-04.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

31
CVE-2024/CVE-2024-207xx/CVE-2024-20724.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-20724",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-02-15T11:15:11.797",
"lastModified": "2024-02-15T14:28:26.433",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-16T20:08:48.677",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Substance3D - Painter versions 9.1.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
},
{
"lang": "es",
"value": "Substance3D: las versiones 9.1.1 y anteriores de Painter se ven afectadas por una vulnerabilidad de lectura fuera de los l\u00edmites que podr\u00eda provocar la divulgaci\u00f3n de memoria confidencial. Un atacante podr\u00eda aprovechar esta vulnerabilidad para evitar mitigaciones como ASLR. La explotaci\u00f3n de este problema requiere la interacci\u00f3n del usuario, ya que la v\u00edctima debe abrir un archivo malicioso."
}
],
"metrics": {
@ -46,10 +50,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:substance_3d_painter:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.1.1",
"matchCriteriaId": "FBEF83BE-DB69-4C92-AB39-9218EDAD3B06"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/substance3d_painter/apsb24-04.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

31
CVE-2024/CVE-2024-207xx/CVE-2024-20725.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-20725",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-02-15T11:15:12.237",
"lastModified": "2024-02-15T14:28:26.433",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-16T20:08:40.570",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Substance3D - Painter versions 9.1.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
},
{
"lang": "es",
"value": "Substance3D: las versiones 9.1.1 y anteriores de Painter se ven afectadas por una vulnerabilidad de lectura fuera de los l\u00edmites que podr\u00eda provocar la divulgaci\u00f3n de memoria confidencial. Un atacante podr\u00eda aprovechar esta vulnerabilidad para evitar mitigaciones como ASLR. La explotaci\u00f3n de este problema requiere la interacci\u00f3n del usuario, ya que la v\u00edctima debe abrir un archivo malicioso."
}
],
"metrics": {
@ -46,10 +50,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:substance_3d_painter:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.1.1",
"matchCriteriaId": "FBEF83BE-DB69-4C92-AB39-9218EDAD3B06"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/substance3d_painter/apsb24-04.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

31
CVE-2024/CVE-2024-207xx/CVE-2024-20740.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-20740",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-02-15T11:15:12.623",
"lastModified": "2024-02-15T14:28:26.433",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-16T20:08:32.477",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Substance3D - Painter versions 9.1.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
},
{
"lang": "es",
"value": "Substance3D: las versiones 9.1.1 y anteriores de Painter se ven afectadas por una vulnerabilidad de escritura fuera de los l\u00edmites que podr\u00eda resultar en la ejecuci\u00f3n de c\u00f3digo arbitrario en el contexto del usuario actual. La explotaci\u00f3n de este problema requiere la interacci\u00f3n del usuario, ya que la v\u00edctima debe abrir un archivo malicioso."
}
],
"metrics": {
@ -46,10 +50,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:substance_3d_painter:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.1.1",
"matchCriteriaId": "FBEF83BE-DB69-4C92-AB39-9218EDAD3B06"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/substance3d_painter/apsb24-04.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

41
CVE-2024/CVE-2024-207xx/CVE-2024-20741.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-20741",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-02-15T11:15:12.990",
"lastModified": "2024-02-15T14:28:26.433",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-16T20:08:23.677",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Substance3D - Painter versions 9.1.1 and earlier are affected by a Write-what-where Condition vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
},
{
"lang": "es",
"value": "Substance3D: las versiones 9.1.1 y anteriores de Painter se ven afectadas por una vulnerabilidad de condici\u00f3n Write-what-where que podr\u00eda resultar en la ejecuci\u00f3n de c\u00f3digo arbitrario en el contexto del usuario actual. La explotaci\u00f3n de este problema requiere la interacci\u00f3n del usuario, ya que la v\u00edctima debe abrir un archivo malicioso."
}
],
"metrics": {
@ -35,6 +39,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "psirt@adobe.com",
"type": "Secondary",
@ -46,10 +60,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:substance_3d_painter:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.1.1",
"matchCriteriaId": "FBEF83BE-DB69-4C92-AB39-9218EDAD3B06"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/substance3d_painter/apsb24-04.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

31
CVE-2024/CVE-2024-207xx/CVE-2024-20742.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-20742",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-02-15T11:15:13.417",
"lastModified": "2024-02-15T14:28:26.433",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-16T20:07:52.000",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Substance3D - Painter versions 9.1.1 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
},
{
"lang": "es",
"value": "Substance3D: las versiones 9.1.1 y anteriores de Painter se ven afectadas por una vulnerabilidad de lectura fuera de los l\u00edmites al analizar un archivo manipulado, lo que podr\u00eda resultar en una lectura m\u00e1s all\u00e1 del final de una estructura de memoria asignada. Un atacante podr\u00eda aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del usuario actual. La explotaci\u00f3n de este problema requiere la interacci\u00f3n del usuario, ya que la v\u00edctima debe abrir un archivo malicioso."
}
],
"metrics": {
@ -46,10 +50,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:substance_3d_painter:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.1.1",
"matchCriteriaId": "FBEF83BE-DB69-4C92-AB39-9218EDAD3B06"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/substance3d_painter/apsb24-04.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

31
CVE-2024/CVE-2024-207xx/CVE-2024-20743.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-20743",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-02-15T11:15:13.697",
"lastModified": "2024-02-15T14:28:26.433",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-16T20:06:10.620",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Substance3D - Painter versions 9.1.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
},
{
"lang": "es",
"value": "Substance3D: las versiones 9.1.1 y anteriores de Painter se ven afectadas por una vulnerabilidad de escritura fuera de los l\u00edmites que podr\u00eda resultar en la ejecuci\u00f3n de c\u00f3digo arbitrario en el contexto del usuario actual. La explotaci\u00f3n de este problema requiere la interacci\u00f3n del usuario, ya que la v\u00edctima debe abrir un archivo malicioso."
}
],
"metrics": {
@ -46,10 +50,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:substance_3d_painter:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.1.1",
"matchCriteriaId": "FBEF83BE-DB69-4C92-AB39-9218EDAD3B06"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/substance3d_painter/apsb24-04.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

31
CVE-2024/CVE-2024-207xx/CVE-2024-20744.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-20744",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-02-15T11:15:14.063",
"lastModified": "2024-02-15T14:28:26.433",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-16T19:51:12.413",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Substance3D - Painter versions 9.1.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
},
{
"lang": "es",
"value": "Substance3D: las versiones 9.1.1 y anteriores de Painter se ven afectadas por una vulnerabilidad de escritura fuera de los l\u00edmites que podr\u00eda resultar en la ejecuci\u00f3n de c\u00f3digo arbitrario en el contexto del usuario actual. La explotaci\u00f3n de este problema requiere la interacci\u00f3n del usuario, ya que la v\u00edctima debe abrir un archivo malicioso."
}
],
"metrics": {
@ -46,10 +50,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:substance_3d_painter:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.1.1",
"matchCriteriaId": "FBEF83BE-DB69-4C92-AB39-9218EDAD3B06"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/substance3d_painter/apsb24-04.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

4
CVE-2024/CVE-2024-217xx/CVE-2024-21775.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21775",
"sourceIdentifier": "0fc0942c-577d-436f-ae8e-945763c79b02",
"published": "2024-02-16T15:15:08.170",
"lastModified": "2024-02-16T15:15:08.170",
"vulnStatus": "Received",
"lastModified": "2024-02-16T19:26:55.393",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

55
CVE-2024/CVE-2024-219xx/CVE-2024-21915.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-21915",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2024-02-16T19:15:08.460",
"lastModified": "2024-02-16T19:26:55.393",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "\nA privilege escalation vulnerability exists in Rockwell Automation FactoryTalk\u00ae Service Platform (FTSP). If exploited, a malicious user with basic user group privileges could potentially sign into the software and receive FTSP Administrator Group privileges. A threat actor could potentially read and modify sensitive data, delete data and render the FTSP system unavailable.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.0,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.2,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-732"
}
]
}
],
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/support/advisory.SD1662.html",
"source": "PSIRT@rockwellautomation.com"
}
]
}

4
CVE-2024/CVE-2024-235xx/CVE-2024-23591.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23591",
"sourceIdentifier": "psirt@lenovo.com",
"published": "2024-02-16T17:15:08.800",
"lastModified": "2024-02-16T17:15:08.800",
"vulnStatus": "Received",
"lastModified": "2024-02-16T19:26:55.393",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

72
CVE-2024/CVE-2024-241xx/CVE-2024-24133.json
View File

@ -2,19 +2,83 @@
"id": "CVE-2024-24133",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-07T14:15:52.820",
"lastModified": "2024-02-07T17:04:54.407",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-16T20:47:34.403",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Atmail v6.6.0 was discovered to contain a SQL injection vulnerability via the username parameter on the login page."
},
{
"lang": "es",
"value": "Se descubri\u00f3 que Atmail v6.6.0 conten\u00eda una vulnerabilidad de inyecci\u00f3n SQL a trav\u00e9s del par\u00e1metro de nombre de usuario en la p\u00e1gina de inicio de sesi\u00f3n."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atmail:atmail:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F9DFF09-D9A8-46F7-A466-6C538C591651"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atmail:atmail:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2AAACF14-FBF7-4790-BCF8-92FA053C7EEF"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/Hebing123/cve/issues/16",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

59
CVE-2024/CVE-2024-249xx/CVE-2024-24933.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-24933",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-02-12T06:15:09.120",
"lastModified": "2024-02-12T14:20:03.287",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-16T19:29:53.437",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -40,7 +60,7 @@
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -48,12 +68,43 @@
"value": "CWE-79"
}
]
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:prasidhdamalla:honeypot_for_wp_comment:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.2.3",
"matchCriteriaId": "CD786F4F-4084-40EB-8EF7-04AF814349F0"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/honeypot-for-wp-comment/wordpress-honeypot-for-wp-comment-plugin-2-2-3-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

68
CVE-2024/CVE-2024-252xx/CVE-2024-25218.json
View File

@ -2,19 +2,79 @@
"id": "CVE-2024-25218",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-14T15:15:09.370",
"lastModified": "2024-02-14T16:13:16.563",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-16T19:45:37.420",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in Task Manager App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Project Name parameter /TaskManager/Projects.php."
},
{
"lang": "es",
"value": "Una vulnerabilidad de Cross-Site Scripting (XSS) en la aplicaci\u00f3n Task Manager v1.0 permite a los atacantes ejecutar scripts o HTML arbitrarios a trav\u00e9s de un payload manipulado inyectado en el par\u00e1metro Nombre del proyecto /TaskManager/Projects.php."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:task_manager_in_php_with_source_code_project:task_manager_in_php_with_source_code:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7D9E7052-366F-4340-88BC-68676258C47E"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/BurakSevben/CVEs/blob/main/Task%20Manager%20App/Task%20Manager%20App%20-%20Cross-Site-Scripting%20-1.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

68
CVE-2024/CVE-2024-252xx/CVE-2024-25219.json
View File

@ -2,19 +2,79 @@
"id": "CVE-2024-25219",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-14T15:15:09.423",
"lastModified": "2024-02-14T16:13:16.563",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-16T19:45:28.097",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in Task Manager App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Task Name parameter /TaskManager/Task.php."
},
{
"lang": "es",
"value": "Una vulnerabilidad de Cross-Site Scripting (XSS) en la aplicaci\u00f3n Task Manager v1.0 permite a los atacantes ejecutar scripts web o HTML arbitrarios a trav\u00e9s de un payload manipulado inyectado en el par\u00e1metro Nombre de tarea /TaskManager/Task.php."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:task_manager_in_php_with_source_code_project:task_manager_in_php_with_source_code:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7D9E7052-366F-4340-88BC-68676258C47E"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/BurakSevben/CVEs/blob/main/Task%20Manager%20App/Task%20Manager%20App%20-%20Cross-Site-Scripting%20-%202.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

68
CVE-2024/CVE-2024-252xx/CVE-2024-25220.json
View File

@ -2,19 +2,79 @@
"id": "CVE-2024-25220",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-14T15:15:09.477",
"lastModified": "2024-02-14T16:13:16.563",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-16T19:34:51.807",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Task Manager App v1.0 was discovered to contain a SQL injection vulnerability via the taskID parameter at /TaskManager/EditTask.php."
},
{
"lang": "es",
"value": "Se descubri\u00f3 que la aplicaci\u00f3n Task Manager v1.0 conten\u00eda una vulnerabilidad de inyecci\u00f3n SQL a trav\u00e9s del par\u00e1metro taskID en /TaskManager/EditTask.php."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:task_manager_in_php_with_source_code_project:task_manager_in_php_with_source_code:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7D9E7052-366F-4340-88BC-68676258C47E"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/BurakSevben/CVEs/blob/main/Task%20Manager%20App/Task%20Manager%20App%20-%20SQL%20Injection%20-%202.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

68
CVE-2024/CVE-2024-252xx/CVE-2024-25221.json
View File

@ -2,19 +2,79 @@
"id": "CVE-2024-25221",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-14T15:15:09.523",
"lastModified": "2024-02-14T16:13:16.563",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-16T19:33:17.330",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in Task Manager App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Note Section parameter at /TaskManager/Tasks.php."
},
{
"lang": "es",
"value": "Se descubri\u00f3 que la aplicaci\u00f3n Simple Admin Panel v1.0 contiene una vulnerabilidad de inyecci\u00f3n SQL a trav\u00e9s del par\u00e1metro orderID en /adminView/viewEachOrder.php."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:task_manager_in_php_with_source_code_project:task_manager_in_php_with_source_code:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7D9E7052-366F-4340-88BC-68676258C47E"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/BurakSevben/CVEs/blob/main/Task%20Manager%20App/Task%20Manager%20App%20-%20Cross-Site-Scripting%20-3.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

68
CVE-2024/CVE-2024-252xx/CVE-2024-25222.json
View File

@ -2,19 +2,79 @@
"id": "CVE-2024-25222",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-14T15:15:09.570",
"lastModified": "2024-02-14T16:13:16.563",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-16T19:32:56.613",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Task Manager App v1.0 was discovered to contain a SQL injection vulnerability via the projectID parameter at /TaskManager/EditProject.php."
},
{
"lang": "es",
"value": "Se descubri\u00f3 que la aplicaci\u00f3n Task Manager v1.0 contiene una vulnerabilidad de inyecci\u00f3n SQL a trav\u00e9s del par\u00e1metro projectID en /TaskManager/EditProject.php."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:task_manager_in_php_with_source_code_project:task_manager_in_php_with_source_code:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7D9E7052-366F-4340-88BC-68676258C47E"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/BurakSevben/CVEs/blob/main/Task%20Manager%20App/Task%20Manager%20App%20-%20SQL%20Injection%20-%201.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

4
CVE-2024/CVE-2024-253xx/CVE-2024-25320.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-25320",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-16T15:15:08.360",
"lastModified": "2024-02-16T15:15:08.360",
"vulnStatus": "Received",
"lastModified": "2024-02-16T19:26:55.393",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

75
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-02-16T19:00:24.554517+00:00
2024-02-16T21:00:24.395998+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-02-16T18:59:53.843000+00:00
2024-02-16T20:57:44.050000+00:00
```
### Last Data Feed Release
@ -29,47 +29,56 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
238749
238761
```
### CVEs added in the last Commit
Recently added CVEs: `3`
Recently added CVEs: `12`
* [CVE-2024-1444](CVE-2024/CVE-2024-14xx/CVE-2024-1444.json) (`2024-02-16T17:15:08.710`)
* [CVE-2024-23591](CVE-2024/CVE-2024-235xx/CVE-2024-23591.json) (`2024-02-16T17:15:08.800`)
* [CVE-2024-1515](CVE-2024/CVE-2024-15xx/CVE-2024-1515.json) (`2024-02-16T18:15:07.820`)
* [CVE-2023-40085](CVE-2023/CVE-2023-400xx/CVE-2023-40085.json) (`2024-02-16T19:15:08.093`)
* [CVE-2023-21165](CVE-2023/CVE-2023-211xx/CVE-2023-21165.json) (`2024-02-16T19:15:08.007`)
* [CVE-2024-0015](CVE-2024/CVE-2024-00xx/CVE-2024-0015.json) (`2024-02-16T19:15:08.153`)
* [CVE-2024-1591](CVE-2024/CVE-2024-15xx/CVE-2024-1591.json) (`2024-02-16T19:15:08.207`)
* [CVE-2024-21915](CVE-2024/CVE-2024-219xx/CVE-2024-21915.json) (`2024-02-16T19:15:08.460`)
* [CVE-2024-0016](CVE-2024/CVE-2024-00xx/CVE-2024-0016.json) (`2024-02-16T20:15:47.460`)
* [CVE-2024-0017](CVE-2024/CVE-2024-00xx/CVE-2024-0017.json) (`2024-02-16T20:15:47.513`)
* [CVE-2024-0018](CVE-2024/CVE-2024-00xx/CVE-2024-0018.json) (`2024-02-16T20:15:47.560`)
* [CVE-2024-0019](CVE-2024/CVE-2024-00xx/CVE-2024-0019.json) (`2024-02-16T20:15:47.610`)
* [CVE-2024-0020](CVE-2024/CVE-2024-00xx/CVE-2024-0020.json) (`2024-02-16T20:15:47.667`)
* [CVE-2024-0021](CVE-2024/CVE-2024-00xx/CVE-2024-0021.json) (`2024-02-16T20:15:47.717`)
* [CVE-2024-0023](CVE-2024/CVE-2024-00xx/CVE-2024-0023.json) (`2024-02-16T20:15:47.767`)
### CVEs modified in the last Commit
Recently modified CVEs: `36`
Recently modified CVEs: `62`
* [CVE-2022-47631](CVE-2022/CVE-2022-476xx/CVE-2022-47631.json) (`2024-02-16T18:24:35.473`)
* [CVE-2022-27211](CVE-2022/CVE-2022-272xx/CVE-2022-27211.json) (`2024-02-16T18:46:57.083`)
* [CVE-2023-0003](CVE-2023/CVE-2023-00xx/CVE-2023-0003.json) (`2024-02-16T17:04:22.737`)
* [CVE-2023-38552](CVE-2023/CVE-2023-385xx/CVE-2023-38552.json) (`2024-02-16T17:11:52.637`)
* [CVE-2023-39999](CVE-2023/CVE-2023-399xx/CVE-2023-39999.json) (`2024-02-16T17:16:07.967`)
* [CVE-2023-31928](CVE-2023/CVE-2023-319xx/CVE-2023-31928.json) (`2024-02-16T17:23:06.767`)
* [CVE-2023-31926](CVE-2023/CVE-2023-319xx/CVE-2023-31926.json) (`2024-02-16T17:23:36.803`)
* [CVE-2023-31427](CVE-2023/CVE-2023-314xx/CVE-2023-31427.json) (`2024-02-16T17:35:51.470`)
* [CVE-2023-31432](CVE-2023/CVE-2023-314xx/CVE-2023-31432.json) (`2024-02-16T17:37:12.717`)
* [CVE-2023-1505](CVE-2023/CVE-2023-15xx/CVE-2023-1505.json) (`2024-02-16T17:38:24.393`)
* [CVE-2023-1293](CVE-2023/CVE-2023-12xx/CVE-2023-1293.json) (`2024-02-16T17:43:36.187`)
* [CVE-2023-1502](CVE-2023/CVE-2023-15xx/CVE-2023-1502.json) (`2024-02-16T17:46:13.270`)
* [CVE-2023-22515](CVE-2023/CVE-2023-225xx/CVE-2023-22515.json) (`2024-02-16T17:52:35.420`)
* [CVE-2023-43669](CVE-2023/CVE-2023-436xx/CVE-2023-43669.json) (`2024-02-16T17:56:45.190`)
* [CVE-2023-42811](CVE-2023/CVE-2023-428xx/CVE-2023-42811.json) (`2024-02-16T18:03:56.013`)
* [CVE-2023-28709](CVE-2023/CVE-2023-287xx/CVE-2023-28709.json) (`2024-02-16T18:20:07.610`)
* [CVE-2023-1352](CVE-2023/CVE-2023-13xx/CVE-2023-1352.json) (`2024-02-16T18:38:17.337`)
* [CVE-2023-3341](CVE-2023/CVE-2023-33xx/CVE-2023-3341.json) (`2024-02-16T18:39:05.933`)
* [CVE-2023-36478](CVE-2023/CVE-2023-364xx/CVE-2023-36478.json) (`2024-02-16T18:40:20.290`)
* [CVE-2023-40587](CVE-2023/CVE-2023-405xx/CVE-2023-40587.json) (`2024-02-16T18:43:37.680`)
* [CVE-2023-41990](CVE-2023/CVE-2023-419xx/CVE-2023-41990.json) (`2024-02-16T18:45:01.993`)
* [CVE-2023-1455](CVE-2023/CVE-2023-14xx/CVE-2023-1455.json) (`2024-02-16T18:45:22.397`)
* [CVE-2023-4933](CVE-2023/CVE-2023-49xx/CVE-2023-4933.json) (`2024-02-16T18:57:14.973`)
* [CVE-2024-0943](CVE-2024/CVE-2024-09xx/CVE-2024-0943.json) (`2024-02-16T18:51:03.797`)
* [CVE-2024-1189](CVE-2024/CVE-2024-11xx/CVE-2024-1189.json) (`2024-02-16T18:59:53.843`)
* [CVE-2024-1342](CVE-2024/CVE-2024-13xx/CVE-2024-1342.json) (`2024-02-16T19:26:55.393`)
* [CVE-2024-23591](CVE-2024/CVE-2024-235xx/CVE-2024-23591.json) (`2024-02-16T19:26:55.393`)
* [CVE-2024-24933](CVE-2024/CVE-2024-249xx/CVE-2024-24933.json) (`2024-02-16T19:29:53.437`)
* [CVE-2024-25222](CVE-2024/CVE-2024-252xx/CVE-2024-25222.json) (`2024-02-16T19:32:56.613`)
* [CVE-2024-25221](CVE-2024/CVE-2024-252xx/CVE-2024-25221.json) (`2024-02-16T19:33:17.330`)
* [CVE-2024-25220](CVE-2024/CVE-2024-252xx/CVE-2024-25220.json) (`2024-02-16T19:34:51.807`)
* [CVE-2024-25219](CVE-2024/CVE-2024-252xx/CVE-2024-25219.json) (`2024-02-16T19:45:28.097`)
* [CVE-2024-25218](CVE-2024/CVE-2024-252xx/CVE-2024-25218.json) (`2024-02-16T19:45:37.420`)
* [CVE-2024-20744](CVE-2024/CVE-2024-207xx/CVE-2024-20744.json) (`2024-02-16T19:51:12.413`)
* [CVE-2024-20743](CVE-2024/CVE-2024-207xx/CVE-2024-20743.json) (`2024-02-16T20:06:10.620`)
* [CVE-2024-20742](CVE-2024/CVE-2024-207xx/CVE-2024-20742.json) (`2024-02-16T20:07:52.000`)
* [CVE-2024-20741](CVE-2024/CVE-2024-207xx/CVE-2024-20741.json) (`2024-02-16T20:08:23.677`)
* [CVE-2024-20740](CVE-2024/CVE-2024-207xx/CVE-2024-20740.json) (`2024-02-16T20:08:32.477`)
* [CVE-2024-20725](CVE-2024/CVE-2024-207xx/CVE-2024-20725.json) (`2024-02-16T20:08:40.570`)
* [CVE-2024-20724](CVE-2024/CVE-2024-207xx/CVE-2024-20724.json) (`2024-02-16T20:08:48.677`)
* [CVE-2024-20723](CVE-2024/CVE-2024-207xx/CVE-2024-20723.json) (`2024-02-16T20:08:58.180`)
* [CVE-2024-20722](CVE-2024/CVE-2024-207xx/CVE-2024-20722.json) (`2024-02-16T20:09:06.823`)
* [CVE-2024-20720](CVE-2024/CVE-2024-207xx/CVE-2024-20720.json) (`2024-02-16T20:14:23.457`)
* [CVE-2024-20719](CVE-2024/CVE-2024-207xx/CVE-2024-20719.json) (`2024-02-16T20:30:40.470`)
* [CVE-2024-20718](CVE-2024/CVE-2024-207xx/CVE-2024-20718.json) (`2024-02-16T20:42:56.020`)
* [CVE-2024-20717](CVE-2024/CVE-2024-207xx/CVE-2024-20717.json) (`2024-02-16T20:43:07.097`)
* [CVE-2024-20716](CVE-2024/CVE-2024-207xx/CVE-2024-20716.json) (`2024-02-16T20:43:24.443`)
* [CVE-2024-24133](CVE-2024/CVE-2024-241xx/CVE-2024-24133.json) (`2024-02-16T20:47:34.403`)
* [CVE-2024-1254](CVE-2024/CVE-2024-12xx/CVE-2024-1254.json) (`2024-02-16T20:54:41.887`)
* [CVE-2024-1253](CVE-2024/CVE-2024-12xx/CVE-2024-1253.json) (`2024-02-16T20:56:02.073`)
## Download and Usage