admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-01-31T17:00:31.389465+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-01-31 17:04:00 +00:00
parent b86cdd2791
commit f86b1a063d
151 changed files with 22072 additions and 785 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

189
CVE-2021/CVE-2021-474xx/CVE-2021-47435.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47435",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-22T07:15:08.790",
"lastModified": "2024-11-21T06:36:08.267",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-31T15:16:51.193",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,63 +15,218 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: dm: corrige la ejecuci\u00f3n del puntero NULL de mempool al completar IO dm_io_dec_pending() llama a end_io_acct() primero y luego dec md en vuelo conteo pendiente. Pero si una tarea intercambia la tabla DM al mismo tiempo, esto puede provocar un bloqueo debido a que mempool->elementos son NULL: tarea1 tarea2 do_resume ->do_suspend ->dm_wait_for_completion bio_endio ->clone_endio ->dm_io_dec_pending ->end_io_acct ->wakeup task1 - >dm_swap_table ->__bind ->__bind_mempools ->bioset_exit ->mempool_exit ->free_io [67.330330] No se puede manejar la desreferencia del puntero NULL del kernel en la direcci\u00f3n virtual 00000000000000000 ...... [67.330494] pstate: 80400085 (Nzcv daIf +PAN -UAO ) [67.330510] pc: mempool_free+0x70/0xa0 [67.330515] lr: mempool_free+0x4c/0xa0 [67.330520] sp: ffffff8008013b20 [67.330524] x29: ffffff8008013b20 x28: 000000000000004 [ 67.330530] x27: fffffa8c2ff40a0 x26: 00000000ffff1cc8 [ 67.330535] x25: 0000000000000000 x24: ffffffdada34c800 [ 67.330541] x23: 0000000000000000 x22: ffffffdada34c800 [ 67.330547] x21: 00000000ffff1cc8 x20: 1304d80 [ 67.330552] x19: ffffffdada34c970 x18: 000000b312625d9c [ 67.330558] x17: 00000000002dcfbf x16: 00000000000006dd [ 67.330563] 000000000093b41e x14: 0000000000000010 [ 67.330569] x13: 0000000000007f7a x12: 0000000034155555 [ 67.330574] x11: 00000000000000001 x10: 0000000000000001 [ 67.330579] x9 : 0000000000000000 x8: 0000000000000000 [67.330585] x7: 0000000000000000 x6: ffffff80148b5c1a [67.330590] x5: ffffff8008013ae0 x4: 000000001 [67.330596] x3: ffffff80080139c8 x2: ffffff801083bab8 [67.330601] x1: 0000000000000000 x0: ffffffdada34c970 [67.330609] Rastreo de llamadas: [67.330616] mempool_free+0x70/0xa0 [67.330627] 8/0x110 [67.330638] dec_pending+0x13c/0x230 [67.330644] clone_endio+0x90/0x180 [ 67.330649] bio_endio+0x198/0x1b8 [ 67.330655] dec_pending+0x190/0x230 [ 67.330660] clone_endio+0x90/0x180 [ 67.330665] bio_endio+0x198/0x1b8 [ 67.330673 ] blk_update_request+0x214/0x428 [ 67.330683] scsi_end_request+0x2c/0x300 [ 67.330688 ] scsi_io_completion+0xa0/0x710 [ 67.330695] scsi_finish_command+0xd8/0x110 [ 67.330700] scsi_softirq_done+0x114/0x148 [ 67.330708] blk_done_softirq+0x74/0xd0 [ 67.3307 16] __do_softirq+0x18c/0x374 [ 67.330724] irq_exit+0xb4/0xb8 [ 67.330732] __handle_domain_irq +0x84/0xc0 [ 67.330737] gic_handle_irq+0x148/0x1b0 [ 67.330744] el1_irq+0xe8/0x190 [ 67.330753] lpm_cpuidle_enter+0x4f8/0x538 [ 67.330759] +0x1fc/0x398 [ 67.330764] cpuidle_enter+0x18/0x20 [ 67.330772] do_idle+0x1b4 /0x290 [ 67.330778] cpu_startup_entry+0x20/0x28 [ 67.330786] second_start_kernel+0x160/0x170 Solucione este problema de la siguiente manera: 1) Estableciendo punteros a los miembros 'struct dm_io' en dm_io_dec_pending() para que puedan pasarse a end_io_acct() _despu\u00e9s_ free_io() se llama. 2) Mover end_io_acct() despu\u00e9s de free_io()."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.313",
"matchCriteriaId": "D05FC8CB-1BC0-4990-907F-B25DF43CF175"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.10",
"versionEndExcluding": "4.14.278",
"matchCriteriaId": "050329AA-B7D6-45EA-9341-E396DC054423"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.242",
"matchCriteriaId": "7944E95B-9E17-4934-9745-B1FC58DD3A84"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.193",
"matchCriteriaId": "EA77E853-1F30-4942-8B6A-37B168460310"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.113",
"matchCriteriaId": "3AE702C9-4FF9-4ADB-A885-74A6BAB430C1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.14.14",
"matchCriteriaId": "BF43A331-D430-4B9D-A612-E63C62AE4A86"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E46C74C6-B76B-4C94-A6A4-FD2FFF62D644"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc2:*:*:*:*:*:*",
"matchCriteriaId": "60134C3A-06E4-48C1-B04F-2903732A4E56"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc3:*:*:*:*:*:*",
"matchCriteriaId": "0460DA88-8FE1-46A2-9DDA-1F1ABA552E71"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc4:*:*:*:*:*:*",
"matchCriteriaId": "AF55383D-4DF2-45DC-93F7-571F4F978EAB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc5:*:*:*:*:*:*",
"matchCriteriaId": "9E9481B2-8AA6-4CBD-B5D3-C10F51FF6D01"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/6e506f07c5b561d673dd0b0d8f7f420cc48024fb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9e07272cca2ed76f7f6073f4444b1143828c8d87",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9fb7cd5c7fef0f1c982e3cd27745a0dec260eaed",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ad1393b92e5059218d055bfec8f4946d85ad04c4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d208b89401e073de986dc891037c5a668f5d5d95",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d29c78d3f9c5d2604548c1065bf1ec212728ea61",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d35aef9c60d310eff3eaddacce301efe877e2b7c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6e506f07c5b561d673dd0b0d8f7f420cc48024fb",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9e07272cca2ed76f7f6073f4444b1143828c8d87",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9fb7cd5c7fef0f1c982e3cd27745a0dec260eaed",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ad1393b92e5059218d055bfec8f4946d85ad04c4",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d208b89401e073de986dc891037c5a668f5d5d95",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d29c78d3f9c5d2604548c1065bf1ec212728ea61",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d35aef9c60d310eff3eaddacce301efe877e2b7c",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

32
CVE-2023/CVE-2023-275xx/CVE-2023-27518.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-27518",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-05-23T02:15:09.743",
"lastModified": "2024-11-21T07:53:04.803",
"lastModified": "2025-01-31T15:15:08.247",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-120"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-297xx/CVE-2023-29721.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-29721",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-24T21:15:11.470",
"lastModified": "2024-11-21T07:57:24.930",
"lastModified": "2025-01-31T15:15:09.007",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-434"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-298xx/CVE-2023-29861.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-29861",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-15T15:15:11.513",
"lastModified": "2024-11-21T07:57:35.797",
"lastModified": "2025-01-31T15:15:09.290",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "NVD-CWE-Other"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-301xx/CVE-2023-30125.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-30125",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-28T14:15:11.083",
"lastModified": "2024-11-21T07:59:49.257",
"lastModified": "2025-01-31T16:15:28.397",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-301xx/CVE-2023-30149.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-30149",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-02T15:15:09.197",
"lastModified": "2024-11-21T07:59:50.503",
"lastModified": "2025-01-31T15:15:09.610",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [

120
CVE-2023/CVE-2023-304xx/CVE-2023-30443.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30443",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-12-19T02:15:22.223",
"lastModified": "2024-12-19T02:15:22.223",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-31T15:27:38.890",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.6,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
@ -51,10 +71,102 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:db2:10.5:*:*:*:*:linux:*:*",
"matchCriteriaId": "C9AB7540-A007-4554-A0E6-F75FDECB41FE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:db2:10.5:*:*:*:*:unix:*:*",
"matchCriteriaId": "E48B9069-E7BD-480F-90B3-3791D5D2E79E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:db2:10.5:*:*:*:*:windows:*:*",
"matchCriteriaId": "9A04E067-F41C-494B-B59A-92B9FA001122"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:db2:11.1:*:*:*:*:linux:*:*",
"matchCriteriaId": "A2ED357E-CBC6-454F-9B9E-E98E9A139376"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:db2:11.1:*:*:*:*:unix:*:*",
"matchCriteriaId": "33D92200-08A1-42F4-98B8-52584342C18B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:db2:11.1:*:*:*:*:windows:*:*",
"matchCriteriaId": "A49F8B60-EAC8-46B6-9F48-6C877E41D615"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:db2:11.5:*:*:*:*:linux:*:*",
"matchCriteriaId": "42CB728E-ECA8-40DE-83E7-8AF390AA61FA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:db2:11.5:*:*:*:*:unix:*:*",
"matchCriteriaId": "9105BCAD-F2C6-4568-B497-D72424753B58"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:db2:11.5:*:*:*:*:windows:*:*",
"matchCriteriaId": "ADF7E611-0330-437D-9535-B710EC2FDA00"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:hp:hp-ux:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F480AA32-841A-4E68-9343-B2E7548B0A0C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E492C463-D76E-49B7-A4D4-3B499E422D89"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:oracle:solaris:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91F372EA-3A78-4703-A457-751B2C98D796"
}
]
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7010557",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
}
]
}

22
CVE-2023/CVE-2023-305xx/CVE-2023-30506.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-30506",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-05-16T19:15:09.817",
"lastModified": "2024-11-21T08:00:18.803",
"lastModified": "2025-01-31T15:15:09.910",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -52,6 +52,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},

32
CVE-2023/CVE-2023-305xx/CVE-2023-30507.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-30507",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-05-16T19:15:09.893",
"lastModified": "2024-11-21T08:00:18.923",
"lastModified": "2025-01-31T15:15:10.207",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -52,6 +52,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
@ -65,6 +85,16 @@
"value": "CWE-22"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-314xx/CVE-2023-31444.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-31444",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-28T21:15:09.257",
"lastModified": "2024-11-21T08:01:52.523",
"lastModified": "2025-01-31T16:15:29.310",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-314xx/CVE-2023-31470.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-31470",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-28T21:15:09.307",
"lastModified": "2024-11-21T08:01:56.047",
"lastModified": "2025-01-31T16:15:29.460",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-316xx/CVE-2023-31664.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-31664",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-23T01:15:09.867",
"lastModified": "2024-11-21T08:02:08.237",
"lastModified": "2025-01-31T15:15:10.780",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-316xx/CVE-2023-31669.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-31669",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-23T12:15:09.173",
"lastModified": "2024-11-21T08:02:08.373",
"lastModified": "2025-01-31T15:15:11.463",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-116"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-116"
}
]
}
],
"configurations": [

22
CVE-2023/CVE-2023-316xx/CVE-2023-31670.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-31670",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-23T01:15:09.917",
"lastModified": "2024-11-21T08:02:08.510",
"lastModified": "2025-01-31T15:15:11.797",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},

32
CVE-2023/CVE-2023-318xx/CVE-2023-31893.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-31893",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-05T21:15:10.977",
"lastModified": "2024-11-21T08:02:22.007",
"lastModified": "2025-01-31T15:15:12.103",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-674"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-674"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-322xx/CVE-2023-32207.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-32207",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-06-02T17:15:13.147",
"lastModified": "2024-11-21T08:02:54.150",
"lastModified": "2025-01-31T16:15:29.607",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-290"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-290"
}
]
}
],
"configurations": [

93
CVE-2023/CVE-2023-323xx/CVE-2023-32331.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32331",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-03-04T19:15:18.893",
"lastModified": "2024-11-21T08:03:07.780",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-31T16:27:03.070",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,24 +69,85 @@
"value": "CWE-119"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:sterling_connect\\:express_for_unix:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "24545106-7869-4D03-A35A-35797C8E4510"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E492C463-D76E-49B7-A4D4-3B499E422D89"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:oracle:solaris:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91F372EA-3A78-4703-A457-751B2C98D796"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/254979",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/7011443",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/254979",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/7011443",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

32
CVE-2023/CVE-2023-327xx/CVE-2023-32700.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-32700",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-20T18:15:09.370",
"lastModified": "2024-11-21T08:03:52.827",
"lastModified": "2025-01-31T16:15:29.803",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "NVD-CWE-Other"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"configurations": [

16
CVE-2023/CVE-2023-332xx/CVE-2023-33251.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-33251",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-21T21:15:08.790",
"lastModified": "2024-11-21T08:05:15.920",
"lastModified": "2025-01-31T16:15:29.970",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -65,6 +65,16 @@
"value": "NVD-CWE-Other"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-732"
}
]
}
],
"configurations": [
@ -113,6 +123,10 @@
"Mitigation",
"Vendor Advisory"
]
},
{
"url": "https://doc.akka.io/reference/security-announcements/akka-http-cve-2023-05-15.html",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

32
CVE-2023/CVE-2023-332xx/CVE-2023-33254.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-33254",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-21T22:15:15.067",
"lastModified": "2024-11-21T08:05:16.430",
"lastModified": "2025-01-31T16:15:30.103",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-863"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-333xx/CVE-2023-33338.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-33338",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-23T13:15:09.887",
"lastModified": "2024-11-21T08:05:27.153",
"lastModified": "2025-01-31T16:15:30.250",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-333xx/CVE-2023-33361.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-33361",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-23T14:15:09.863",
"lastModified": "2024-11-21T08:05:27.920",
"lastModified": "2025-01-31T16:15:30.407",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-333xx/CVE-2023-33362.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-33362",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-23T14:15:09.917",
"lastModified": "2024-11-21T08:05:28.077",
"lastModified": "2025-01-31T16:15:30.560",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [

149
CVE-2023/CVE-2023-387xx/CVE-2023-38729.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-38729",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-04-03T13:16:00.150",
"lastModified": "2025-01-09T15:15:12.583",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-31T15:42:01.847",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.6,
"impactScore": 5.2
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
@ -49,24 +69,141 @@
"value": "CWE-200"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:db2:10.5:*:*:*:*:linux:*:*",
"matchCriteriaId": "C9AB7540-A007-4554-A0E6-F75FDECB41FE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:db2:10.5:*:*:*:*:unix:*:*",
"matchCriteriaId": "E48B9069-E7BD-480F-90B3-3791D5D2E79E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:db2:10.5:*:*:*:*:windows:*:*",
"matchCriteriaId": "9A04E067-F41C-494B-B59A-92B9FA001122"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:db2:11.1:*:*:*:*:linux:*:*",
"matchCriteriaId": "A2ED357E-CBC6-454F-9B9E-E98E9A139376"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:db2:11.1:*:*:*:*:unix:*:*",
"matchCriteriaId": "33D92200-08A1-42F4-98B8-52584342C18B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:db2:11.1:*:*:*:*:windows:*:*",
"matchCriteriaId": "A49F8B60-EAC8-46B6-9F48-6C877E41D615"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:db2:11.5:*:*:*:*:linux:*:*",
"matchCriteriaId": "42CB728E-ECA8-40DE-83E7-8AF390AA61FA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:db2:11.5:*:*:*:*:unix:*:*",
"matchCriteriaId": "9105BCAD-F2C6-4568-B497-D72424753B58"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:db2:11.5:*:*:*:*:windows:*:*",
"matchCriteriaId": "ADF7E611-0330-437D-9535-B710EC2FDA00"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:hp:hp-ux:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F480AA32-841A-4E68-9343-B2E7548B0A0C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E492C463-D76E-49B7-A4D4-3B499E422D89"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:ibm:linux_on_ibm_z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B955E472-47E3-4C32-847B-F6BB05594BA3"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:oracle:solaris:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91F372EA-3A78-4703-A457-751B2C98D796"
}
]
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7145721",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://https://exchange.xforce.ibmcloud.com/vulnerabilities/262259",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20240517-0004/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/7145721",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

56
CVE-2023/CVE-2023-387xx/CVE-2023-38739.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2023-38739",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-01-31T16:15:30.707",
"lastModified": "2025-01-31T16:15:30.707",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7182004",
"source": "psirt@us.ibm.com"
}
]
}

52
CVE-2023/CVE-2023-392xx/CVE-2023-39254.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39254",
"sourceIdentifier": "security_alert@emc.com",
"published": "2024-03-01T13:15:07.673",
"lastModified": "2024-11-21T08:15:00.133",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-31T15:51:09.873",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
}
]
},
@ -51,14 +71,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dell:update_package_framework:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.10",
"matchCriteriaId": "018CE6B7-22BE-4D23-B45A-F912BB6C7175"
}
]
}
]
}
],
"references": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000217701/dsa-2023-338-security-update-for-a-dell-update-package-dup-framework-vulnerability",
"source": "security_alert@emc.com"
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.dell.com/support/kbdoc/en-us/000217701/dsa-2023-338-security-update-for-a-dell-update-package-dup-framework-vulnerability",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-457xx/CVE-2023-45765.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45765",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-02T12:15:09.970",
"lastModified": "2025-01-02T12:15:09.970",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-31T16:50:21.233",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
@ -51,10 +71,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wedevs:wp_erp:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.12.7",
"matchCriteriaId": "9AAB0F5B-CAB0-4301-95CC-3E4C549B354C"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/erp/vulnerability/wordpress-wp-erp-plugin-1-12-6-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

4895
CVE-2023/CVE-2023-486xx/CVE-2023-48674.json
View File

File diff suppressed because it is too large Load Diff

95
CVE-2023/CVE-2023-527xx/CVE-2023-52782.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-52782",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-21T16:15:17.097",
"lastModified": "2024-11-21T08:40:34.683",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-31T16:02:12.110",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,31 +15,108 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: net/mlx5e: realice un seguimiento del env\u00edo de xmit a PTP WQ despu\u00e9s de completar el mapa de metadatos. Aseg\u00farese de que el skb est\u00e9 disponible en el mapeo de metadatos a skbs antes de realizar un seguimiento del \u00edndice de metadatos para detectar CQE no entregados. Si el \u00edndice de metadatos se coloca en la lista de seguimiento antes de colocar el skb en el mapa, el \u00edndice de metadatos podr\u00eda usarse para detectar CQE no entregados antes de que el skb relevante est\u00e9 disponible en el mapa, lo que puede generar un null-ptr-deref. Registro: falla de protecci\u00f3n general, probablemente para direcci\u00f3n no can\u00f3nica 0xdffffc0000000005: 0000 [#1] SMP KASAN KASAN: null-ptr-deref en rango [0x0000000000000028-0x0000000000000002f] CPU: 0 PID: 1243 Comm: kworker/0:2 Not tain ted 6.6.0-rc4+ #108 Nombre del hardware: PC est\u00e1ndar QEMU (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 01/04/2014 Cola de trabajo: eventos mlx5e_rx_dim_work [mlx5_core] RIP : 0010:mlx5e_ptp_napi_poll+0x9a4/0x2290 [mlx5_core] C\u00f3digo: 8c 24 38 cc ff ff 4c 8d 3c c1 4c 89 f9 48 c1 e9 03 42 80 3c 31 00 0f 85 97 0f 00 00 4d 8b 3f 49 8d 7f 28 48 89 f9 48 c1 e9 03 <42> 80 3c 31 00 0f 85 8b 0f 00 00 49 8b 47 28 48 85 c0 0f 84 05 07 RSP: 0018:ffff8884d3c09c88 EFLAGS: 00010206 RAX: 000000000069 RBX: ffff8881160349d8 RCX: 0000000000000005 RDX: ffffed10218f48cf RSI : 0000000000000004 RDI: 0000000000000028 RBP: ffff888122707700 R08: 0000000000000001 R09: ffffed109a781383 R10: 0000000000000003 R11: 00000000000003 R12: ffff88810c7a7a40 R13: ffff888122707700 R14: dffffc0000000000 R15: 0000000000000000 FS: 0000000000000000(0000) GS:ffff888 4d3c00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f4f878dd6e0 CR3: 000000014d108002 CR4: 0000000000370eb0 DR0: 0000000000000000 DR1: 0000000 000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 00000000000000400 Seguimiento de llamadas: ? die_addr+0x3c/0xa0? exc_general_protection+0x144/0x210? asm_exc_general_protection+0x22/0x30? mlx5e_ptp_napi_poll+0x9a4/0x2290 [mlx5_core] ? mlx5e_ptp_napi_poll+0x8f6/0x2290 [mlx5_core] __napi_poll.constprop.0+0xa4/0x580 net_rx_action+0x460/0xb80 ? _raw_spin_unlock_irqrestore+0x32/0x60? __napi_poll.constprop.0+0x580/0x580? tasklet_action_common.isra.0+0x2ef/0x760 __do_softirq+0x26c/0x827 irq_exit_rcu+0xc2/0x100 common_interrupt+0x7f/0xa0 asm_common_interrupt+0x22/0x40 RIP 0010:__kmem_cache_alloc_node+ 0xb/0x330 C\u00f3digo: 41 5d 41 5e 41 5f c3 8b 44 24 14 8b 4c 24 10 09 c8 eb d5 e8 b7 43 ca 01 0f 1f 80 00 00 00 00 0f 1f 44 00 00 55 48 89 e5 41 57 <41> 56 41 89 41 55 41 89 f5 41 54 49 89 fc 53 48 83 e4 f0 48 83 RSP: 0018:ffff88812c4079c0 EFLAGS: 00000246 RAX: 1ffffffff083c7fe RBX: ffff888100042dc0 RCX: 218 RDX: 00000000ffffffff RSI: 0000000000000dc0 RDI: ffff888100042dc0 RBP: ffff88812c4079c8 R08: ffffffffa0289f96 R09: ffffed1025880ea9 R10: ffff888138839f80 R11: 00000000000000002 R12: 0000000000000dc0 R13: 0000000000000100 R14: 0000000000000008c R15: ffff8881271fc450 ? cmd_exec+0x796/0x2200 [mlx5_core] kmalloc_trace+0x26/0xc0 cmd_exec+0x796/0x2200 [mlx5_core] mlx5_cmd_do+0x22/0xc0 [mlx5_core] mlx5_cmd_exec+0x17/0x30 [mlx5_core] modificar_cq_moderation+0x139/0x1b0 [mlx5_core] ? mlx5_add_cq_to_tasklet+0x280/0x280 [mlx5_core] ? lockdep_set_lock_cmp_fn+0x190/0x190? Process_one_work+0x659/0x1220 mlx5e_rx_dim_work+0x9d/0x100 [mlx5_core] Process_one_work+0x730/0x1220 ? lockdep_hardirqs_on_prepare+0x400/0x400? max_active_store+0xf0/0xf0? assign_work+0x168/0x240 worker_thread+0x70f/0x12d0? __kthread_parkme+0xd1/0x1d0 ? process_one_work+0x1220/0x1220 kthread+0x2d9/0x3b0 ? kthread_complete_and_exit+0x20/0x20 ret_from_fork+0x2d/0x70 ? kthread_complete_and_exit+0x20/0x20 ret_from_fork_as ---truncado---"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.6",
"versionEndExcluding": "6.6.3",
"matchCriteriaId": "B58252FA-A49C-411F-9B28-DC5FE44BC5A0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.7:rc1:*:*:*:*:*:*",
"matchCriteriaId": "3A0038DE-E183-4958-A6E3-CE3821FEAFBF"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/4d510506b46504664eacf8a44a9e8f3e54c137b8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7e3f3ba97e6cc6fce5bf62df2ca06c8e59040167",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a9d6c0c5a6bd9ca88e964f8843ea41bc085de866",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4d510506b46504664eacf8a44a9e8f3e54c137b8",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7e3f3ba97e6cc6fce5bf62df2ca06c8e59040167",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a9d6c0c5a6bd9ca88e964f8843ea41bc085de866",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

131
CVE-2023/CVE-2023-527xx/CVE-2023-52788.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-52788",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-21T16:15:17.570",
"lastModified": "2024-11-21T08:40:35.397",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-31T15:03:27.420",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,47 +15,152 @@
"value": " En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: i915/perf: corrige errores de desreferencia NULL con llamadas drm_dbg(). Cuando la interfaz i915 perf no est\u00e1 disponible, la desreferenciaci\u00f3n conducir\u00e1 a desreferencias NULL. Como devolver -ENOTSUPP es un retorno bastante claro cuando la interfaz perf no est\u00e1 disponible. [tursulin: etiqueta estable agregada] (cereza seleccionada del compromiso 36f27350ff745bd228ab04d7845dfbffc177a889)"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.15.108",
"versionEndExcluding": "5.15.140",
"matchCriteriaId": "2192AA9D-75E5-4FD7-BF0A-45B0C887D38D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.0",
"versionEndExcluding": "6.1.64",
"matchCriteriaId": "06B6ACCF-31F1-4421-964C-7F3C54F0E3E2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.5.13",
"matchCriteriaId": "674C4F82-C336-4B49-BF64-1DE422E889C4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.6",
"versionEndExcluding": "6.6.3",
"matchCriteriaId": "B58252FA-A49C-411F-9B28-DC5FE44BC5A0"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/10f49cdfd5fb342a1a9641930dc040c570694e98",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/1566e8be73fd5fa424e88d2a4cffdc34f970f0e1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/471aa951bf1206d3c10d0daa67005b8e4db4ff83",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/55db76caa782baa4a1bf02296e2773c38a524a3e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/bf8e105030083e7b71591cdf437e464bcd8a0c09",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/10f49cdfd5fb342a1a9641930dc040c570694e98",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/1566e8be73fd5fa424e88d2a4cffdc34f970f0e1",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/471aa951bf1206d3c10d0daa67005b8e4db4ff83",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/55db76caa782baa4a1bf02296e2773c38a524a3e",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/bf8e105030083e7b71591cdf437e464bcd8a0c09",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

199
CVE-2023/CVE-2023-528xx/CVE-2023-52845.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-52845",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-21T16:15:21.723",
"lastModified": "2024-11-21T08:40:42.577",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-31T16:01:53.260",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,79 +15,236 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: tipc: Cambiar nla_policy para nombres relacionados con el portador a NLA_NUL_STRING syzbot inform\u00f3 el siguiente problema de acceso de valor uninit [1]: ============== ======================================= BUG: KMSAN: valor uninit en strlen lib/ string.c:418 [en l\u00ednea] BUG: KMSAN: valor uninit en strstr+0xb8/0x2f0 lib/string.c:756 strlen lib/string.c:418 [en l\u00ednea] strstr+0xb8/0x2f0 lib/string.c: 756 tipc_nl_node_reset_link_stats+0x3ea/0xb50 net/tipc/node.c:2595 genl_family_rcv_msg_doit net/netlink/genetlink.c:971 [en l\u00ednea] genl_family_rcv_msg net/netlink/genetlink.c:1051 [en l\u00ednea] 0x1290 red/enlace de red/ genetlink.c:1066 netlink_rcv_skb+0x371/0x650 net/netlink/af_netlink.c:2545 genl_rcv+0x40/0x60 net/netlink/genetlink.c:1075 netlink_unicast_kernel net/netlink/af_netlink.c:1342 [en l\u00ednea] netlink_unicast+0xf47/ 0x1250 net/netlink/af_netlink.c:1368 netlink_sendmsg+0x1238/0x13d0 net/netlink/af_netlink.c:1910 sock_sendmsg_nosec net/socket.c:730 [en l\u00ednea] sock_sendmsg net/socket.c:753 [en l\u00ednea] 2/ 0xd60 net/socket.c:2541 ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2595 __sys_sendmsg net/socket.c:2624 [en l\u00ednea] __do_sys_sendmsg net/socket.c:2633 [en l\u00ednea] __se_sys_sendmsg red/socket. c:2631 [en l\u00ednea] __x64_sys_sendmsg+0x307/0x490 net/socket.c:2631 do_syscall_x64 arch/x86/entry/common.c:50 [en l\u00ednea] do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80 Entry_SYSCALL_64_after_hwframe+0 x63/ 0xcd Uninit se cre\u00f3 en: slab_post_alloc_hook+0x12f/0xb70 mm/slab.h:767 slab_alloc_node mm/slub.c:3478 [en l\u00ednea] kmem_cache_alloc_node+0x577/0xa80 mm/slub.c:3523 kmalloc_reserve+0x13d/0x4a0 net/ n\u00facleo/ skbuff.c:559 __alloc_skb+0x318/0x740 net/core/skbuff.c:650 alloc_skb include/linux/skbuff.h:1286 [en l\u00ednea] netlink_alloc_large_skb net/netlink/af_netlink.c:1214 [en l\u00ednea] netlink_sendmsg+0xb34/0x13d0 net/netlink/af_netlink.c:1885 sock_sendmsg_nosec net/socket.c:730 [en l\u00ednea] sock_sendmsg net/socket.c:753 [en l\u00ednea] ____sys_sendmsg+0x9c2/0xd60 net/socket.c:2541 ___sys_sendmsg+0x28d/0x3c0 net/ socket.c:2595 __sys_sendmsg net/socket.c:2624 [en l\u00ednea] __do_sys_sendmsg net/socket.c:2633 [en l\u00ednea] __se_sys_sendmsg net/socket.c:2631 [en l\u00ednea] __x64_sys_sendmsg+0x307/0x490 :2631 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80 Entry_SYSCALL_64_after_hwframe+0x63/0xcd Los nombres relacionados con el portador TIPC, incluidos los nombres de enlaces, deben ser cadenas terminadas en nulo . Si un nombre de enlace que no termina en nulo se pasa a trav\u00e9s de netlink, strstr() y funciones similares pueden provocar una saturaci\u00f3n del b\u00fafer. Esto causa el problema anterior. Este parche cambia la nla_policy para nombres relacionados con el portador de NLA_STRING a NLA_NUL_STRING. Esto resuelve el problema garantizando que s\u00f3lo se acepten cadenas terminadas en nulo como nombres relacionados con el portador. syzbot inform\u00f3 un problema similar de valor uninitario relacionado con los nombres de los portadores [2]. La causa principal de este problema es que se pas\u00f3 un nombre de portador no terminado en nulo. Este parche tambi\u00e9n resolvi\u00f3 este problema."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-908"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.19",
"versionEndExcluding": "4.14.330",
"matchCriteriaId": "D55230F7-7217-4456-9084-D546ABA9C781"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.299",
"matchCriteriaId": "F51D1457-86F8-4A6C-A7B9-323058B3C5E8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.261",
"matchCriteriaId": "286E50BB-5A21-49BA-A6E5-526C72ADFE34"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.201",
"matchCriteriaId": "AF1ADC4E-CCC4-498A-876F-5136DDD36C1D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.139",
"matchCriteriaId": "81424D14-B38F-47B3-A1B8-BC3B60BB96EA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.63",
"matchCriteriaId": "80E1EA7E-2788-466C-9FFB-34AFA1B052F0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.5.12",
"matchCriteriaId": "825F64D9-E99F-49AA-8A7B-EF7C2965C5B2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.6",
"versionEndExcluding": "6.6.2",
"matchCriteriaId": "4CBFF885-A4D3-4F21-B6FD-4D770034C048"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/19b3f72a41a8751e26bffc093bb7e1cef29ad579",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/2199260c42e6fbc5af8adae3bf78e623407c91b0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/2426425d686b43adbc4f2f4a367b494f06f159d6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3907b89cd17fcc23e9a80789c36856f00ece0ba8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4c731e98fe4d678e87ba3e4d45d3cf0a5a193dc4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/560992f41c0cea44b7603bc9e6c73bffbf6b5709",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6744008c354bca2e4686a5b6056ee6b535d9f67d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/abc1582119e8c4af14cedb0db6541fd603f45a04",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b33d130f07f1decd756b849ab03c23d11d4dd294",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/19b3f72a41a8751e26bffc093bb7e1cef29ad579",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/2199260c42e6fbc5af8adae3bf78e623407c91b0",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/2426425d686b43adbc4f2f4a367b494f06f159d6",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3907b89cd17fcc23e9a80789c36856f00ece0ba8",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4c731e98fe4d678e87ba3e4d45d3cf0a5a193dc4",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/560992f41c0cea44b7603bc9e6c73bffbf6b5709",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6744008c354bca2e4686a5b6056ee6b535d9f67d",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/abc1582119e8c4af14cedb0db6541fd603f45a04",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b33d130f07f1decd756b849ab03c23d11d4dd294",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

131
CVE-2023/CVE-2023-528xx/CVE-2023-52856.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-52856",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-21T16:15:22.727",
"lastModified": "2024-11-21T08:40:43.957",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-31T16:01:34.010",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,47 +15,152 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/bridge: lt8912b: soluciona el fallo al desconectar el puente. El controlador lt8912b, en su funci\u00f3n de desconectar el puente, llama a drm_connector_unregister() y drm_connector_cleanup(). drm_connector_unregister() debe llamarse solo para conectores registrados expl\u00edcitamente con drm_connector_register(), lo cual no es el caso en lt8912b. El gancho drm_connector_funcs.destroy del controlador est\u00e1 configurado en drm_connector_cleanup(). Por lo tanto, el controlador no debe llamar ni a drm_connector_unregister() ni a drm_connector_cleanup() en su lt8912_bridge_detach(), ya que causan un bloqueo al desconectar el puente: No se puede manejar la desreferencia del puntero NULL del n\u00facleo en la direcci\u00f3n virtual 00000000000000000 Informaci\u00f3n de cancelaci\u00f3n de memoria: ESR = 0x0000000096000006 EC = 0x25 : DABT (EL actual), IL = 32 bits SET = 0, FnV = 0 EA = 0, S1PTW = 0 FSC = 0x06: fallo de traducci\u00f3n de nivel 2 Informaci\u00f3n de cancelaci\u00f3n de datos: ISV = 0, ISS = 0x00000006, ISS2 = 0x00000000 CM = 0, WnR = 0, TnD = 0, TagAccess = 0 GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0 tabla de p\u00e1ginas de usuario: p\u00e1ginas de 4k, VA de 48 bits, pgdp=00000000858f3000 [0000000000000000000000000859180] 03, p4d =0800000085918003, pud=0800000085431003, pmd=0000000000000000 Error interno: Ups: 0000000096000006 [#1] M\u00f3dulos SMP PREEMPT vinculados en: tidss(-) display_connector lontium_lt8912b tc35876 8 panel_lvds panel_simple drm_dma_helper drm_kms_helper drm drm_panel_orientation_quirks CPU: 3 PID: 462 Comunicaciones: rmmod Contaminado: GW 6.5.0-rc2+ #2 Nombre del hardware: Toradex Verdin AM62 en la placa de desarrollo Verdin (DT) pstate: 80000005 (Nzcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc: drm_connector_cleanup+0x78/0x2d4 [ drm] lr: lt8912_bridge_detach+0x54/0x6c [lontium_lt8912b] sp: ffff800082ed3a90 x29: ffff800082ed3a90 x28: ffff0000040c1940 x27: 0000000000000000 x26: 00000000000 x25: dead000000000122 x24: dead000000000122 x23: dead000000000100 x22: ffff000003fb6388 x21: 0000000000000000 x20: 00000000000000000 x 19: ffff000003fb6260 x18: fffffffffffe56e8 x17: 0000000000000000 x16: 0010000000000000 x15: 0000000000000038 x14: 00000000000000000 x13: ffff800081914b48 x12: 0000000040e x11: 000000000000015a x10: ffff80008196ebb8 x9: ffff800081914b48 x8: 00000000fffffff x7: ffff0000040c1940 x6: ffff80007aa649d0 0000000000000000 x4: 0000000000000001 x3: ffff80008159e008 x2: 0000000000000000 x1 : 0000000000000000 x0 : 00000000000000000 Rastreo de llamadas: drm_connector_cleanup+0x78/0x2d4 [drm] lt8912_bridge_detach+0x54/0x6c [lontium_lt8912b] drm_bridge_detach+0x44/0x84 [drm_encoder] _cleanup+0x40/0xb8 [drm] drmm_encoder_alloc_release+0x1c/0x30 [drm] drm_managed_release+ 0xac/0x148 [drm] drm_dev_put.part.0+0x88/0xb8 [drm] devm_drm_dev_init_release+0x14/0x24 [drm] devm_action_release+0x14/0x20 release_nodes+0x5c/0x90 devres_release_all+0x8c/0xe0 device_unbind_cleanup +0x18/0x68 device_release_driver_internal+0x208/ 0x23c driver_detach+0x4c/0x94 bus_remove_driver+0x70/0xf4 driver_unregister+0x30/0x60 platform_driver_unregister+0x14/0x20 tidss_platform_driver_exit+0x18/0xb2c [tidss] __arm64_sys_delete_module+0x1a0/0 x2b4 invoke_syscall+0x48/0x110 el0_svc_common.constprop.0+0x60/0x10c do_el0_svc_compat+ 0x1c/0x40 el0_svc_compat+0x40/0xac el0t_32_sync_handler+0xb0/0x138 el0t_32_sync+0x194/0x198 C\u00f3digo: 9104a276 f2fbd5b7 aa0203e1 91008af8 (f85c0420)"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.13",
"versionEndExcluding": "5.15.139",
"matchCriteriaId": "F25346BD-6450-4C82-89C8-1C45C67B0738"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.63",
"matchCriteriaId": "80E1EA7E-2788-466C-9FFB-34AFA1B052F0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.5.12",
"matchCriteriaId": "825F64D9-E99F-49AA-8A7B-EF7C2965C5B2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.6",
"versionEndExcluding": "6.6.2",
"matchCriteriaId": "4CBFF885-A4D3-4F21-B6FD-4D770034C048"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/42071feab712ba2a139b8928f7e0f8d3a6fc719e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/44283993144a03af9df31934d6c32bbd42d1a347",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7bf0cb8f40280a85034990dfe42be8ca8f80f37a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b65e3249f3ca96e3c736af889461d80d675feab6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/fcd9895e365474709844eeb31cfe53d912c3596e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/42071feab712ba2a139b8928f7e0f8d3a6fc719e",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/44283993144a03af9df31934d6c32bbd42d1a347",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7bf0cb8f40280a85034990dfe42be8ca8f80f37a",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b65e3249f3ca96e3c736af889461d80d675feab6",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/fcd9895e365474709844eeb31cfe53d912c3596e",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

3518
CVE-2024/CVE-2024-01xx/CVE-2024-0154.json
View File

File diff suppressed because it is too large Load Diff

63
CVE-2024/CVE-2024-01xx/CVE-2024-0159.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0159",
"sourceIdentifier": "security_alert@emc.com",
"published": "2024-04-10T07:15:08.447",
"lastModified": "2024-11-21T08:45:58.337",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-31T16:45:40.253",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -49,16 +69,51 @@
"value": "CWE-1107"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dell:alienware_command_center:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.2.1.0",
"versionEndExcluding": "5.6.1.0",
"matchCriteriaId": "A2AE1B68-D700-4CB6-A58E-0E5A210489A1"
}
]
}
]
}
],
"references": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000218222/dsa-2024-016-security-update-for-dell-alienware-command-center-vulnerabilities",
"source": "security_alert@emc.com"
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.dell.com/support/kbdoc/en-us/000218222/dsa-2024-016-security-update-for-dell-alienware-command-center-vulnerabilities",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

1660
CVE-2024/CVE-2024-01xx/CVE-2024-0163.json
View File

File diff suppressed because it is too large Load Diff

3518
CVE-2024/CVE-2024-01xx/CVE-2024-0173.json
View File

File diff suppressed because it is too large Load Diff

54
CVE-2024/CVE-2024-05xx/CVE-2024-0593.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0593",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-02-21T07:15:52.520",
"lastModified": "2024-11-21T08:46:57.807",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-31T16:36:29.673",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -39,22 +39,64 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:presstigers:simple_job_board:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.11.0",
"matchCriteriaId": "D4F380D8-794D-40C7-BFE7-577C4CA7E481"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3038476/simple-job-board/trunk/includes/class-simple-job-board-ajax.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0a28a161-3dbc-4ef0-a2ce-4c102cf3cbb0?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3038476/simple-job-board/trunk/includes/class-simple-job-board-ajax.php",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0a28a161-3dbc-4ef0-a2ce-4c102cf3cbb0?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

6
CVE-2024/CVE-2024-110xx/CVE-2024-11053.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-11053",
"sourceIdentifier": "2499f714-1537-4658-8207-48ae4bb9eae9",
"published": "2024-12-11T08:15:05.307",
"lastModified": "2025-01-24T20:15:31.920",
"lastModified": "2025-01-31T15:15:12.400",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -59,6 +59,10 @@
{
"url": "https://security.netapp.com/advisory/ntap-20250124-0012/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://security.netapp.com/advisory/ntap-20250131-0003/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}

56
CVE-2024/CVE-2024-117xx/CVE-2024-11741.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-11741",
"sourceIdentifier": "security@grafana.com",
"published": "2025-01-31T16:15:30.853",
"lastModified": "2025-01-31T16:15:30.853",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Grafana is an open-source platform for monitoring and observability. \nThe Grafana Alerting VictorOps integration was not properly protected and could be exposed to users with Viewer permission. \nFixed in versions 11.5.0, 11.4.1, 11.3.3,\u00a0 11.2.6, 11.1.11, 11.0.11 and 10.4.15"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@grafana.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@grafana.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://grafana.com/security/security-advisories/cve-2024-11741/",
"source": "security@grafana.com"
}
]
}

59
CVE-2024/CVE-2024-121xx/CVE-2024-12118.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-12118",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-23T12:15:26.890",
"lastModified": "2025-01-23T12:15:26.890",
"vulnStatus": "Received",
"lastModified": "2025-01-31T16:12:19.363",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -51,18 +71,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:theeventscalendar:the_events_calendar:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "6.9.1",
"matchCriteriaId": "F842558F-3A85-44BE-B534-AAB88BF55B8D"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/the-events-calendar/tags/6.8.1/src/Events/Integrations/Plugins/Elementor/Widgets/Event_Calendar_Link.php#L90",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3227009/the-events-calendar/tags/6.9.1/src/views/integrations/elementor/widgets/event-calendar-link.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d67de4f2-b680-49f8-be95-c2464b70f7d0?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

32
CVE-2024/CVE-2024-122xx/CVE-2024-12267.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-12267",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-31T11:15:09.473",
"lastModified": "2025-01-31T11:15:09.473",
"lastModified": "2025-01-31T16:15:30.980",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-73"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [

34
CVE-2024/CVE-2024-124xx/CVE-2024-12415.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-12415",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-31T11:15:09.657",
"lastModified": "2025-01-31T11:15:09.657",
"lastModified": "2025-01-31T16:15:31.150",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
@ -15,7 +15,27 @@
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
@ -45,6 +65,16 @@
"value": "CWE-94"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [

54
CVE-2024/CVE-2024-125xx/CVE-2024-12504.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-12504",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-23T12:15:27.610",
"lastModified": "2025-01-23T12:15:27.610",
"vulnStatus": "Received",
"lastModified": "2025-01-31T16:05:27.487",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -51,14 +71,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:videowhisper:broadcast_live_video:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "6.1.10",
"matchCriteriaId": "49AFF67D-DB10-4880-88D9-6BBF4FBED693"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3218331%40videowhisper-live-streaming-integration&new=3218331%40videowhisper-live-streaming-integration&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/74b27798-3c6f-4c4e-80f8-7aa40f704fb7?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

39
CVE-2024/CVE-2024-131xx/CVE-2024-13112.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-13112",
"sourceIdentifier": "contact@wpscan.com",
"published": "2025-01-31T06:15:28.160",
"lastModified": "2025-01-31T06:15:28.160",
"lastModified": "2025-01-31T16:15:31.320",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
@ -11,7 +11,42 @@
"value": "The WP MediaTagger WordPress plugin through 4.1.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/155df231-30ef-47bb-aa91-a7deb1779bd1/",

39
CVE-2024/CVE-2024-132xx/CVE-2024-13218.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-13218",
"sourceIdentifier": "contact@wpscan.com",
"published": "2025-01-31T06:15:28.427",
"lastModified": "2025-01-31T06:15:28.427",
"lastModified": "2025-01-31T16:15:31.487",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
@ -11,7 +11,42 @@
"value": "The Fast Tube WordPress plugin through 2.3.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/79eb9432-3e3c-4a23-88a8-05aa3146061c/",

27
CVE-2024/CVE-2024-132xx/CVE-2024-13219.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-13219",
"sourceIdentifier": "contact@wpscan.com",
"published": "2025-01-31T06:15:28.520",
"lastModified": "2025-01-31T06:15:28.520",
"lastModified": "2025-01-31T16:15:31.617",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
@ -11,7 +11,30 @@
"value": "The Privacy Policy Genius WordPress plugin through 2.0.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://wpscan.com/vulnerability/3ad02238-dce1-48ce-986f-fef36b110b2d/",

39
CVE-2024/CVE-2024-132xx/CVE-2024-13220.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-13220",
"sourceIdentifier": "contact@wpscan.com",
"published": "2025-01-31T06:15:28.623",
"lastModified": "2025-01-31T06:15:28.623",
"lastModified": "2025-01-31T16:15:31.743",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
@ -11,7 +11,42 @@
"value": "The WordPress Google Map Professional (Map In Your Language) WordPress plugin through 1.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/33ef27b4-e88f-46ec-9b3f-0a3e16d6f82e/",

39
CVE-2024/CVE-2024-132xx/CVE-2024-13221.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-13221",
"sourceIdentifier": "contact@wpscan.com",
"published": "2025-01-31T06:15:28.713",
"lastModified": "2025-01-31T06:15:28.713",
"lastModified": "2025-01-31T16:15:31.873",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
@ -11,7 +11,42 @@
"value": "The Fantastic ElasticSearch WordPress plugin through 4.1.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/693f4cc4-a082-46bc-abc9-a08919f70157/",

39
CVE-2024/CVE-2024-132xx/CVE-2024-13222.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-13222",
"sourceIdentifier": "contact@wpscan.com",
"published": "2025-01-31T06:15:28.813",
"lastModified": "2025-01-31T06:15:28.813",
"lastModified": "2025-01-31T16:15:32.010",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
@ -11,7 +11,42 @@
"value": "The User Messages WordPress plugin through 1.2.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/069e1f81-448d-4d27-b288-87111dade2f2/",

39
CVE-2024/CVE-2024-132xx/CVE-2024-13223.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-13223",
"sourceIdentifier": "contact@wpscan.com",
"published": "2025-01-31T06:15:28.910",
"lastModified": "2025-01-31T06:15:28.910",
"lastModified": "2025-01-31T16:15:32.137",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
@ -11,7 +11,42 @@
"value": "The Tabulate WordPress plugin through 2.10.3 does not sanitise and escape some parameters before outputting them back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/e3a52af1-7cb6-4361-b1c7-a50e0cc62fb1/",

39
CVE-2024/CVE-2024-132xx/CVE-2024-13224.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-13224",
"sourceIdentifier": "contact@wpscan.com",
"published": "2025-01-31T06:15:29.013",
"lastModified": "2025-01-31T06:15:29.013",
"lastModified": "2025-01-31T16:15:32.273",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
@ -11,7 +11,42 @@
"value": "The SlideDeck 1 Lite Content Slider WordPress plugin through 1.4.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/32a90907-e82f-41b3-b20e-d10a722e2999/",

39
CVE-2024/CVE-2024-132xx/CVE-2024-13225.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-13225",
"sourceIdentifier": "contact@wpscan.com",
"published": "2025-01-31T06:15:29.117",
"lastModified": "2025-01-31T06:15:29.117",
"lastModified": "2025-01-31T16:15:32.403",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
@ -11,7 +11,42 @@
"value": "The ECT Home Page Products WordPress plugin through 1.9 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/8efd7d62-3f74-4108-970e-bd5ed24914ff/",

39
CVE-2024/CVE-2024-132xx/CVE-2024-13226.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-13226",
"sourceIdentifier": "contact@wpscan.com",
"published": "2025-01-31T06:15:29.210",
"lastModified": "2025-01-31T06:15:29.210",
"lastModified": "2025-01-31T16:15:32.537",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
@ -11,7 +11,42 @@
"value": "The A5 Custom Login Page WordPress plugin through 2.8.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/dd09fe99-2334-4d6f-8a70-e1cd856b1486/",

62
CVE-2024/CVE-2024-132xx/CVE-2024-13236.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-13236",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-23T12:15:27.747",
"lastModified": "2025-01-23T12:15:27.747",
"vulnStatus": "Received",
"lastModified": "2025-01-31T16:03:09.630",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -19,6 +19,26 @@
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -51,22 +71,52 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tainacan:tainacan:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "0.21.13",
"matchCriteriaId": "9201F594-3287-4DBD-A06A-E3CEAC92301F"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/tainacan/tags/0.21.12/classes/api/endpoints/class-tainacan-rest-reports-controller.php#L707",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/tainacan/tags/0.21.12/classes/api/endpoints/class-tainacan-rest-reports-controller.php#L732",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3226475/tainacan/trunk/classes/api/endpoints/class-tainacan-rest-reports-controller.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9638fb98-045b-44ec-8b53-15cfa3693ee7?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

27
CVE-2024/CVE-2024-132xx/CVE-2024-13268.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-13268",
"sourceIdentifier": "mlhess@drupal.org",
"published": "2025-01-09T20:15:35.577",
"lastModified": "2025-01-09T20:15:35.577",
"lastModified": "2025-01-31T16:15:32.673",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "La vulnerabilidad de neutralizaci\u00f3n incorrecta de directivas en c\u00f3digo guardado est\u00e1ticamente ('inyecci\u00f3n de c\u00f3digo est\u00e1tico') en Drupal Opigno permite la inclusi\u00f3n de archivos locales en PHP. Este problema afecta a Opigno: desde 7.X-1.0 hasta 7.X-1.23."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.6,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "mlhess@drupal.org",

27
CVE-2024/CVE-2024-132xx/CVE-2024-13270.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-13270",
"sourceIdentifier": "mlhess@drupal.org",
"published": "2025-01-09T20:15:35.790",
"lastModified": "2025-01-09T20:15:35.790",
"lastModified": "2025-01-31T16:15:32.817",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "La vulnerabilidad de autorizaci\u00f3n incorrecta en Drupal Freelinking permite la navegaci\u00f3n forzada. Este problema afecta a Freelinking: desde 0.0.0 antes de 4.0.1."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "mlhess@drupal.org",

27
CVE-2024/CVE-2024-132xx/CVE-2024-13271.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-13271",
"sourceIdentifier": "mlhess@drupal.org",
"published": "2025-01-09T20:15:35.910",
"lastModified": "2025-01-09T20:15:35.910",
"lastModified": "2025-01-31T16:15:32.950",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "La vulnerabilidad de autorizaci\u00f3n incorrecta en Drupal Content Entity Clone permite una navegaci\u00f3n forzada. Este problema afecta a Content Entity Clone: desde la versi\u00f3n 0.0.0 hasta la 1.0.4."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "mlhess@drupal.org",

27
CVE-2024/CVE-2024-133xx/CVE-2024-13310.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-13310",
"sourceIdentifier": "mlhess@drupal.org",
"published": "2025-01-09T21:15:28.867",
"lastModified": "2025-01-09T21:15:28.867",
"lastModified": "2025-01-31T16:15:33.080",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "Vulnerabilidad en Drupal Git Utilities para Drupal. Este problema afecta a las utilidades Git para Drupal: *.*."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.2,
"impactScore": 5.2
}
]
},
"references": [
{
"url": "https://www.drupal.org/sa-contrib-2024-074",

27
CVE-2024/CVE-2024-133xx/CVE-2024-13311.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-13311",
"sourceIdentifier": "mlhess@drupal.org",
"published": "2025-01-09T21:15:28.970",
"lastModified": "2025-01-09T21:15:28.970",
"lastModified": "2025-01-31T16:15:33.280",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "Vulnerabilidad en Drupal Allow All File Extensions para file fields.Este problema afecta a Allow All File Extensions for file fields: *.*."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.1,
"impactScore": 5.2
}
]
},
"references": [
{
"url": "https://www.drupal.org/sa-contrib-2024-075",

27
CVE-2024/CVE-2024-133xx/CVE-2024-13312.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-13312",
"sourceIdentifier": "mlhess@drupal.org",
"published": "2025-01-09T21:15:29.077",
"lastModified": "2025-01-09T21:15:29.077",
"lastModified": "2025-01-31T16:15:33.413",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "La vulnerabilidad de falta de autorizaci\u00f3n en Drupal Open Social permite la navegaci\u00f3n forzada. Este problema afecta a Open Social: desde 11.8.0 hasta 12.3.10, desde 12.4.0 hasta 12.4.9."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "mlhess@drupal.org",

64
CVE-2024/CVE-2024-133xx/CVE-2024-13340.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-13340",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-23T12:15:27.890",
"lastModified": "2025-01-23T12:15:27.890",
"vulnStatus": "Received",
"lastModified": "2025-01-31T16:02:16.553",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -51,22 +71,52 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pluginus:meta_data_and_taxonomies_filter:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.3.3.7",
"matchCriteriaId": "EEE445AD-713E-4121-BF7D-B1E5A72E3C07"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3224186%40wp-meta-data-filter-and-taxonomy-filter&new=3224186%40wp-meta-data-filter-and-taxonomy-filter&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3226055%40wp-meta-data-filter-and-taxonomy-filter&new=3226055%40wp-meta-data-filter-and-taxonomy-filter&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://wordpress.org/plugins/wp-meta-data-filter-and-taxonomy-filter/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/fcaeae5b-4047-4f09-8197-6ce2c21cc812?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

54
CVE-2024/CVE-2024-133xx/CVE-2024-13389.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-13389",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-23T12:15:28.040",
"lastModified": "2025-01-23T12:15:28.040",
"vulnStatus": "Received",
"lastModified": "2025-01-31T15:59:43.907",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -51,14 +71,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cliptakes:cliptakes:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.3.5",
"matchCriteriaId": "D25A9A9F-CE8A-4FA4-9FCD-BFE1F336C40D"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3226472/cliptakes/tags/1.3.5/public/class-cliptakes-public.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a939be31-7475-4626-ba1b-af9a9d6d5eda?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

34
CVE-2024/CVE-2024-136xx/CVE-2024-13662.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-13662",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-31T11:15:09.830",
"lastModified": "2025-01-31T11:15:09.830",
"lastModified": "2025-01-31T16:15:33.593",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
@ -15,7 +15,27 @@
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
@ -45,6 +65,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [

58
CVE-2024/CVE-2024-137xx/CVE-2024-13700.json
View File

@ -2,20 +2,24 @@
"id": "CVE-2024-13700",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-30T14:15:35.853",
"lastModified": "2025-01-30T14:15:35.853",
"vulnStatus": "Received",
"lastModified": "2025-01-31T16:49:24.477",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Embed Swagger UI plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wpsgui' shortcode in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
},
{
"lang": "es",
"value": "El complemento Embed Swagger UI para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s del shortcode 'wpsgui' del complemento en todas las versiones hasta la 1.0.0 y incluida, debido a la falta de entrada desinfecci\u00f3n y al escape de salida en los atributos proporcionados por el usuario. Esto hace posible que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten scripts web arbitraria en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
@ -32,6 +36,26 @@
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -47,14 +71,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vinayjain:embed_swagger_ui:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.0.0",
"matchCriteriaId": "CB2C1D2A-04B1-488C-BAAC-D7354C82BEEF"
}
]
}
]
}
],
"references": [
{
"url": "https://wordpress.org/plugins/embed-swagger-ui/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/20e2454f-f49b-413f-ae45-8b628b30a780?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

62
CVE-2024/CVE-2024-224xx/CVE-2024-22452.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22452",
"sourceIdentifier": "security_alert@emc.com",
"published": "2024-03-04T13:15:44.720",
"lastModified": "2024-11-21T08:56:18.990",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-31T15:58:58.087",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -49,16 +69,50 @@
"value": "CWE-264"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dell:display_and_peripheral_manager:*:*:*:*:*:macos:*:*",
"versionEndExcluding": "1.3",
"matchCriteriaId": "F394EA46-72AC-4FEE-8F8A-17A52689E72D"
}
]
}
]
}
],
"references": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000221414/dsa-2024-056",
"source": "security_alert@emc.com"
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.dell.com/support/kbdoc/en-us/000221414/dsa-2024-056",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

39
CVE-2024/CVE-2024-239xx/CVE-2024-23930.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-23930",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2025-01-31T00:15:09.147",
"lastModified": "2025-01-31T00:15:09.147",
"lastModified": "2025-01-31T16:15:33.767",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
@ -11,7 +11,42 @@
"value": "This vulnerability allows network-adjacent attackers to create a denial-of-service condition on affected installations of Pioneer DMH-WT7600NEX devices. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the Media service, which listens on TCP port 42000 by default. The issue results from improper handling of error conditions. An attacker can leverage this vulnerability to create a denial-of-service condition on the system."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-404"
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1043/",

6
CVE-2024/CVE-2024-247xx/CVE-2024-24789.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-24789",
"sourceIdentifier": "security@golang.org",
"published": "2024-06-05T16:15:10.470",
"lastModified": "2024-11-21T08:59:42.597",
"lastModified": "2025-01-31T15:15:12.740",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -176,6 +176,10 @@
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20250131-0008/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}

74
CVE-2024/CVE-2024-24xx/CVE-2024-2425.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2425",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2024-03-25T21:15:47.273",
"lastModified": "2024-11-21T09:09:43.637",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-31T15:41:54.357",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,16 +69,62 @@
"value": "CWE-20"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:rockwellautomation:powerflex_527_ac_drives_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.001",
"matchCriteriaId": "E82898F9-5FA5-428C-AEDA-20E7CD6C229D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:rockwellautomation:powerflex_527_ac_drives:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CDCC60A-0792-4CE4-B73A-07BD1368AC83"
}
]
}
]
}
],
"references": [
{
"url": "https://https://www.rockwellautomation.com/en-us/support/advisory.SD1664.html",
"source": "PSIRT@rockwellautomation.com"
"source": "PSIRT@rockwellautomation.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://https://www.rockwellautomation.com/en-us/support/advisory.SD1664.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

74
CVE-2024/CVE-2024-24xx/CVE-2024-2426.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2426",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2024-03-25T21:15:47.480",
"lastModified": "2024-11-21T09:09:43.757",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-31T15:41:55.917",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,16 +69,62 @@
"value": "CWE-20"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:rockwellautomation:powerflex_527_ac_drives_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.001",
"matchCriteriaId": "E82898F9-5FA5-428C-AEDA-20E7CD6C229D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:rockwellautomation:powerflex_527_ac_drives:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CDCC60A-0792-4CE4-B73A-07BD1368AC83"
}
]
}
]
}
],
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/support/advisory.SD1664.html",
"source": "PSIRT@rockwellautomation.com"
"source": "PSIRT@rockwellautomation.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.rockwellautomation.com/en-us/support/advisory.SD1664.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

74
CVE-2024/CVE-2024-24xx/CVE-2024-2427.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2427",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2024-03-25T21:15:47.660",
"lastModified": "2024-11-21T09:09:43.880",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-31T15:41:57.463",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,16 +69,62 @@
"value": "CWE-20"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:rockwellautomation:powerflex_527_ac_drives_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.001",
"matchCriteriaId": "E82898F9-5FA5-428C-AEDA-20E7CD6C229D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:rockwellautomation:powerflex_527_ac_drives:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CDCC60A-0792-4CE4-B73A-07BD1368AC83"
}
]
}
]
}
],
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/support/advisory.SD1664.html",
"source": "PSIRT@rockwellautomation.com"
"source": "PSIRT@rockwellautomation.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.rockwellautomation.com/en-us/support/advisory.SD1664.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

62
CVE-2024/CVE-2024-259xx/CVE-2024-25951.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-25951",
"sourceIdentifier": "security_alert@emc.com",
"published": "2024-03-09T06:15:50.797",
"lastModified": "2024-11-21T09:01:38.103",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-31T16:07:35.397",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.1,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9
}
]
},
@ -49,16 +69,50 @@
"value": "CWE-1288"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dell:idrac8:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.85.85.85",
"matchCriteriaId": "ACC4DEB2-97C8-4126-AED8-FA9E028CB25B"
}
]
}
]
}
],
"references": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000222591/dsa-2024-089-security-update-for-dell-idrac8-local-racadm-vulnerability",
"source": "security_alert@emc.com"
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.dell.com/support/kbdoc/en-us/000222591/dsa-2024-089-security-update-for-dell-idrac8-local-racadm-vulnerability",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

84
CVE-2024/CVE-2024-26xx/CVE-2024-2618.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2618",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-05-24T05:15:09.297",
"lastModified": "2024-11-21T09:10:08.630",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-31T15:00:47.953",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,33 +36,101 @@
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:brainstormforce:elementor_header_\\&_footer_builder:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.6.27",
"matchCriteriaId": "4D210BF8-A8A3-4834-B646-46212F6CF0E9"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/header-footer-elementor/tags/1.6.26/inc/widgets-manager/widgets/class-page-title.php#L494",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/header-footer-elementor/tags/1.6.26/inc/widgets-manager/widgets/class-site-title.php#L478",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a780ce1b-0758-42ef-88e7-ff8d921eca6e?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/header-footer-elementor/tags/1.6.26/inc/widgets-manager/widgets/class-page-title.php#L494",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/header-footer-elementor/tags/1.6.26/inc/widgets-manager/widgets/class-site-title.php#L478",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a780ce1b-0758-42ef-88e7-ff8d921eca6e?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

160
CVE-2024/CVE-2024-272xx/CVE-2024-27254.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-27254",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-04-03T13:16:02.220",
"lastModified": "2024-11-21T09:04:11.710",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-31T15:02:40.980",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.6,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
@ -49,32 +69,156 @@
"value": "CWE-20"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:db2:10.5:*:*:*:*:linux:*:*",
"matchCriteriaId": "C9AB7540-A007-4554-A0E6-F75FDECB41FE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:db2:10.5:*:*:*:*:unix:*:*",
"matchCriteriaId": "E48B9069-E7BD-480F-90B3-3791D5D2E79E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:db2:10.5:*:*:*:*:windows:*:*",
"matchCriteriaId": "9A04E067-F41C-494B-B59A-92B9FA001122"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:db2:11.1:*:*:*:*:linux:*:*",
"matchCriteriaId": "A2ED357E-CBC6-454F-9B9E-E98E9A139376"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:db2:11.1:*:*:*:*:unix:*:*",
"matchCriteriaId": "33D92200-08A1-42F4-98B8-52584342C18B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:db2:11.1:*:*:*:*:windows:*:*",
"matchCriteriaId": "A49F8B60-EAC8-46B6-9F48-6C877E41D615"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:db2:11.5:*:*:*:*:linux:*:*",
"matchCriteriaId": "42CB728E-ECA8-40DE-83E7-8AF390AA61FA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:db2:11.5:*:*:*:*:unix:*:*",
"matchCriteriaId": "9105BCAD-F2C6-4568-B497-D72424753B58"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:db2:11.5:*:*:*:*:windows:*:*",
"matchCriteriaId": "ADF7E611-0330-437D-9535-B710EC2FDA00"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:hp:hp-ux:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F480AA32-841A-4E68-9343-B2E7548B0A0C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E492C463-D76E-49B7-A4D4-3B499E422D89"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:ibm:linux_on_ibm_z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B955E472-47E3-4C32-847B-F6BB05594BA3"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:oracle:solaris:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91F372EA-3A78-4703-A457-751B2C98D796"
}
]
}
]
}
],
"references": [
{
"url": "https://https://exchange.xforce.ibmcloud.com/vulnerabilities/283813",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Broken Link",
"Third Party Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20240517-0004/",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/7145727",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://https://exchange.xforce.ibmcloud.com/vulnerabilities/283813",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20240517-0004/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/7145727",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

6
CVE-2024/CVE-2024-311xx/CVE-2024-31141.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-31141",
"sourceIdentifier": "security@apache.org",
"published": "2024-11-19T09:15:03.860",
"lastModified": "2024-11-21T09:12:54.913",
"lastModified": "2025-01-31T15:15:12.987",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -63,6 +63,10 @@
{
"url": "http://www.openwall.com/lists/oss-security/2024/11/18/5",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://security.netapp.com/advisory/ntap-20250131-0001/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}

69
CVE-2024/CVE-2024-352xx/CVE-2024-35275.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35275",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:29.817",
"lastModified": "2025-01-14T14:15:29.817",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-31T16:49:57.583",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 0.7,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -51,10 +71,53 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.4.0",
"versionEndExcluding": "7.4.4",
"matchCriteriaId": "E6F162A7-0D01-43E0-99D8-D7B87B080853"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortianalyzer_cloud:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.4.1",
"versionEndExcluding": "7.4.3",
"matchCriteriaId": "40C3665B-3E49-4D0C-B924-266D49F1E510"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.4.0",
"versionEndExcluding": "7.4.3",
"matchCriteriaId": "E4490512-36ED-4212-9D34-D74739A56E84"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortimanager_cloud:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.4.1",
"versionEndExcluding": "7.4.3",
"matchCriteriaId": "7F0FB078-A95E-4AFC-B4A9-A8C43E997A78"
}
]
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-091",
"source": "psirt@fortinet.com"
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
]
}
]
}

96
CVE-2024/CVE-2024-359xx/CVE-2024-35945.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35945",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-19T11:15:50.110",
"lastModified": "2024-11-21T09:21:15.693",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-31T15:01:01.190",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,31 +15,109 @@
"value": " En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: phy: phy_device: previene excepciones nullptr en ISR. Si phydev->irq est\u00e1 configurado incondicionalmente, verifique si hay un controlador de interrupciones v\u00e1lido o recurra al modo de sondeo para evitar excepciones nullptr en la rutina del servicio de interrupciones ."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.27",
"matchCriteriaId": "06E895C1-812D-4DD3-AC6C-7069937B982A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.8.6",
"matchCriteriaId": "22CA5433-1303-41EF-AD4C-F4645DC01541"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/3419ee39e3d3162ab2ec9942bb537613ed5b6311",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/61c81872815f46006982bb80460c0c80a949b35b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7a71f61ebf95cedd3f245db6da397822971d8db5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3419ee39e3d3162ab2ec9942bb537613ed5b6311",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/61c81872815f46006982bb80460c0c80a949b35b",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7a71f61ebf95cedd3f245db6da397822971d8db5",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

96
CVE-2024/CVE-2024-359xx/CVE-2024-35946.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35946",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-19T11:15:50.180",
"lastModified": "2024-11-21T09:21:15.820",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-31T15:02:04.300",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,31 +15,109 @@
"value": " En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: wifi: rtw89: corrige el acceso al puntero null al cancelar el escaneo. Durante la cancelaci\u00f3n del escaneo podr\u00edamos usar vif que no estaban escaneando. Solucione este problema utilizando el vif de escaneo real."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.27",
"matchCriteriaId": "06E895C1-812D-4DD3-AC6C-7069937B982A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.8.6",
"matchCriteriaId": "22CA5433-1303-41EF-AD4C-F4645DC01541"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/4f11c741908dab7dd48fa5a986b210d4fc74ca8d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7e11a2966f51695c0af0b1f976a32d64dee243b2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b34d64e9aa5505e3c84570aed5c757f1839573e8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4f11c741908dab7dd48fa5a986b210d4fc74ca8d",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7e11a2966f51695c0af0b1f976a32d64dee243b2",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b34d64e9aa5505e3c84570aed5c757f1839573e8",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

84
CVE-2024/CVE-2024-365xx/CVE-2024-36510.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-36510",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:30.737",
"lastModified": "2025-01-14T14:15:30.737",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-31T16:30:50.753",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,25 +36,101 @@
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-204"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-203"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:forticlientems:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.0.0",
"versionEndExcluding": "7.2.5",
"matchCriteriaId": "D79D035D-4F5F-439B-82C3-C640086C7B40"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:forticlientems:7.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "22665641-9DD6-42BB-81E2-52E03153E114"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortisoar:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.4.0",
"versionEndExcluding": "7.3.3",
"matchCriteriaId": "3ECE9A3F-7C5F-4A34-ABB2-CD4E1997CE0E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortisoar:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.4.0",
"versionEndExcluding": "7.4.5",
"matchCriteriaId": "265BEE92-3FBB-4033-A77A-E112C9DE9862"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortisoar:7.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DCA9F69D-D91E-4450-97BD-D9566EA7B649"
}
]
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-071",
"source": "psirt@fortinet.com"
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
]
}
]
}

83
CVE-2024/CVE-2024-365xx/CVE-2024-36512.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-36512",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:30.880",
"lastModified": "2025-01-14T14:15:30.880",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-31T16:32:26.597",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
@ -51,10 +71,67 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2.10",
"versionEndExcluding": "7.0.13",
"matchCriteriaId": "B2B9910D-81A2-4146-9EB3-C7D949FB2C3F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.2.0",
"versionEndExcluding": "7.2.6",
"matchCriteriaId": "6FCEF6EE-A923-4DCE-A225-C6D1FB0123E8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.4.0",
"versionEndExcluding": "7.4.4",
"matchCriteriaId": "E6F162A7-0D01-43E0-99D8-D7B87B080853"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2.10",
"versionEndExcluding": "7.0.13",
"matchCriteriaId": "A0B65AA1-2215-4D35-B3BF-F362EE66014B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.2.0",
"versionEndExcluding": "7.2.6",
"matchCriteriaId": "605795FE-4D3E-48D4-B2E6-AED4C79B405F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.4.0",
"versionEndExcluding": "7.4.4",
"matchCriteriaId": "3AE9CAFD-5D5B-4799-8690-624225963595"
}
]
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-152",
"source": "psirt@fortinet.com"
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
]
}
]
}

65
CVE-2024/CVE-2024-373xx/CVE-2024-37368.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-37368",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2024-06-14T15:15:52.100",
"lastModified": "2024-11-21T09:23:43.270",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-31T15:44:29.627",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -59,6 +59,28 @@
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
@ -71,16 +93,51 @@
"value": "CWE-287"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rockwellautomation:factorytalk_view:*:*:*:*:se:*:*:*",
"versionStartIncluding": "11.0",
"versionEndExcluding": "14.0",
"matchCriteriaId": "A0FFEADC-A55F-449A-9063-B0152A366906"
}
]
}
]
}
],
"references": [
{
"url": "https://https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1676.html",
"source": "PSIRT@rockwellautomation.com"
"source": "PSIRT@rockwellautomation.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1676.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

65
CVE-2024/CVE-2024-373xx/CVE-2024-37369.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-37369",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2024-06-14T17:15:51.310",
"lastModified": "2024-11-21T09:23:43.400",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-31T15:45:19.597",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -59,6 +59,28 @@
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
@ -71,16 +93,51 @@
"value": "CWE-732"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-732"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rockwellautomation:factorytalk_view:*:*:*:*:se:*:*:*",
"versionStartIncluding": "12.0",
"versionEndExcluding": "14.0",
"matchCriteriaId": "EFF3850B-DE22-4996-8B0B-1D1B8D36D62A"
}
]
}
]
}
],
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1674.html",
"source": "PSIRT@rockwellautomation.com"
"source": "PSIRT@rockwellautomation.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1674.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

47
CVE-2024/CVE-2024-374xx/CVE-2024-37469.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-37469",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-02T12:15:20.717",
"lastModified": "2025-01-02T12:15:20.717",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-31T16:57:05.917",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -51,10 +71,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:creativethemes:blocksy:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.0.23",
"matchCriteriaId": "AE5F30A7-6FD5-4130-A3D3-A9FCC54E9EBC"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/theme/blocksy/vulnerability/wordpress-blocksy-theme-1-9-5-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

97
CVE-2024/CVE-2024-385xx/CVE-2024-38574.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-38574",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-06-19T14:15:17.520",
"lastModified": "2024-11-21T09:26:23.087",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-31T15:18:10.893",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,31 +15,110 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: libbpf: evita la desreferencia del puntero nulo cuando el programa a cargar no tiene BTF. En bpf_objec_load_prog(), no hay garant\u00eda de que obj->btf no sea NULL al pasarlo a btf__fd() , y esta funci\u00f3n no realiza ninguna verificaci\u00f3n antes de eliminar la referencia a su argumento (como sol\u00eda hacer bpf_object__btf_fd()). Como consecuencia, obtenemos errores de segmentaci\u00f3n en bpftool (por ejemplo) cuando intentamos cargar programas que vienen sin informaci\u00f3n BTF. v2: Mantenga btf__fd() en la soluci\u00f3n en lugar de volver a bpf_object__btf_fd()."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.8",
"versionEndExcluding": "6.8.12",
"matchCriteriaId": "32F3B5DB-BFED-4D0E-86BB-2B6ECB1CEFB9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.9",
"versionEndExcluding": "6.9.3",
"matchCriteriaId": "E07124C1-19E8-4D21-828D-9932A01D3011"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/1fd91360a75833b7110af9834ae26c977e1273e0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9bf48fa19a4b1d186e08b20bf7e5de26a15644fb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ef80b59acfa4dee4b5eaccb15572b69248831104",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/1fd91360a75833b7110af9834ae26c977e1273e0",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9bf48fa19a4b1d186e08b20bf7e5de26a15644fb",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ef80b59acfa4dee4b5eaccb15572b69248831104",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

131
CVE-2024/CVE-2024-385xx/CVE-2024-38575.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-38575",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-06-19T14:15:17.603",
"lastModified": "2024-11-21T09:26:23.207",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-31T16:01:08.540",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,47 +15,152 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: wifi: brcmfmac: pcie: manejar fallo de asignaci\u00f3n de randbuf El kzalloc() en brcmf_pcie_download_fw_nvram() devolver\u00e1 nulo si la memoria f\u00edsica se ha agotado. Como resultado, si usamos get_random_bytes() para generar bytes aleatorios en randbuf, se producir\u00e1 el error de desreferencia del puntero nulo. Para evitar fallas en la asignaci\u00f3n, este parche agrega una funci\u00f3n separada que utiliza el b\u00fafer en la pila del kernel para generar bytes aleatorios en randbuf, lo que podr\u00eda evitar que la pila del kernel se desborde."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.1.30",
"versionEndExcluding": "6.1.93",
"matchCriteriaId": "E6FD9828-E3BD-49AC-AE1C-6183569A3DF6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.3.4",
"versionEndExcluding": "6.6.33",
"matchCriteriaId": "C3B11D31-9A8F-42FD-B99C-550B59DBDBEA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.8.12",
"matchCriteriaId": "80550309-67AB-4FD1-AC07-3DED5C4F01B2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.9",
"versionEndExcluding": "6.9.3",
"matchCriteriaId": "E07124C1-19E8-4D21-828D-9932A01D3011"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/0eb2c0528e232b3c32cde9d5e1c9f80ba2996e49",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/316f790ebcf94bdf59f794b7cdea4068dc676d4c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3729ca9e48d19a03ae049e2bde510e161c2f3720",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7c15eb344b0d4d3468c9b2a7591ad2b859b29b88",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c37466406f075476c2702ecc01917928af871f3b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/0eb2c0528e232b3c32cde9d5e1c9f80ba2996e49",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/316f790ebcf94bdf59f794b7cdea4068dc676d4c",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3729ca9e48d19a03ae049e2bde510e161c2f3720",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7c15eb344b0d4d3468c9b2a7591ad2b859b29b88",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c37466406f075476c2702ecc01917928af871f3b",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

80
CVE-2024/CVE-2024-386xx/CVE-2024-38609.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-38609",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-06-19T14:15:20.813",
"lastModified": "2024-11-21T09:26:28.540",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-31T15:32:13.697",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,23 +15,89 @@
"value": "En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: wifi: mt76: connac: comprobar nulo antes de desreferenciar El wcid puede ser NULL. Se debe verificar su validez antes de eliminar la referencia para evitar fallas."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.9",
"versionEndExcluding": "6.9.3",
"matchCriteriaId": "E07124C1-19E8-4D21-828D-9932A01D3011"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/cb47c7be0e93dd5acda078163799401ac3a78e10",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e469218765b2781fb968778bd13595acec181a0e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/cb47c7be0e93dd5acda078163799401ac3a78e10",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e469218765b2781fb968778bd13595acec181a0e",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

55
CVE-2024/CVE-2024-405xx/CVE-2024-40587.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-40587",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:31.027",
"lastModified": "2025-01-14T14:15:31.027",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-31T16:34:37.880",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
@ -51,10 +71,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortivoice:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.0.0",
"versionEndExcluding": "6.4.10",
"matchCriteriaId": "BC0CF97D-D86C-4D83-B787-1E251FE73995"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortivoice:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.0.0",
"versionEndExcluding": "7.0.5",
"matchCriteriaId": "C22B8401-8893-474D-AB9E-42C3F2EF79CE"
}
]
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-304",
"source": "psirt@fortinet.com"
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
]
}
]
}

97
CVE-2024/CVE-2024-406xx/CVE-2024-40619.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-40619",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2024-08-14T20:15:12.277",
"lastModified": "2024-08-15T13:01:10.150",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-31T15:03:06.963",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -59,6 +59,28 @@
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
@ -71,12 +93,81 @@
"value": "CWE-754"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-754"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:rockwellautomation:controllogix_5580_firmware:34.011:*:*:*:*:*:*:*",
"matchCriteriaId": "02F74A5B-BE74-4F8B-B8D3-D1D48A6C5CA0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:rockwellautomation:controllogix_5580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51BB883B-B863-4D57-B1C0-FC7B3EBD1EA0"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:rockwellautomation:guardlogix_5580_firmware:34.011:*:*:*:*:*:*:*",
"matchCriteriaId": "D8B88DDE-9002-4EE8-BAA8-73330CB0BE50"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:rockwellautomation:guardlogix_5580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "006B7683-9FDF-4748-BA28-2EA22613E092"
}
]
}
]
}
],
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD%201690.html",
"source": "PSIRT@rockwellautomation.com"
"source": "PSIRT@rockwellautomation.com",
"tags": [
"Vendor Advisory"
]
}
]
}

58
CVE-2024/CVE-2024-406xx/CVE-2024-40620.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-40620",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2024-08-14T20:15:12.410",
"lastModified": "2024-08-15T13:01:10.150",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-31T15:03:56.407",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -59,6 +59,28 @@
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
@ -71,12 +93,42 @@
"value": "CWE-311"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-311"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rockwellautomation:pavilion8:5.20.00:*:*:*:*:*:*:*",
"matchCriteriaId": "F95BB706-D8F0-45DE-85CC-791D3C4D1AAB"
}
]
}
]
}
],
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD%201691.html",
"source": "PSIRT@rockwellautomation.com"
"source": "PSIRT@rockwellautomation.com",
"tags": [
"Vendor Advisory"
]
}
]
}

56
CVE-2024/CVE-2024-406xx/CVE-2024-40696.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-40696",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-01-31T16:15:33.913",
"lastModified": "2025-01-31T16:15:33.913",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 Standard Edition is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7182011",
"source": "psirt@us.ibm.com"
}
]
}

95
CVE-2024/CVE-2024-417xx/CVE-2024-41761.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41761",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-11-23T03:15:08.333",
"lastModified": "2024-11-23T03:15:08.333",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-31T15:26:34.900",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -42,19 +42,106 @@
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-789"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:db2:10.5:*:*:*:*:linux:*:*",
"matchCriteriaId": "C9AB7540-A007-4554-A0E6-F75FDECB41FE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:db2:10.5:*:*:*:*:unix:*:*",
"matchCriteriaId": "E48B9069-E7BD-480F-90B3-3791D5D2E79E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:db2:10.5:*:*:*:*:windows:*:*",
"matchCriteriaId": "9A04E067-F41C-494B-B59A-92B9FA001122"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:db2:11.1:*:*:*:*:linux:*:*",
"matchCriteriaId": "A2ED357E-CBC6-454F-9B9E-E98E9A139376"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:db2:11.1:*:*:*:*:unix:*:*",
"matchCriteriaId": "33D92200-08A1-42F4-98B8-52584342C18B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:db2:11.1:*:*:*:*:windows:*:*",
"matchCriteriaId": "A49F8B60-EAC8-46B6-9F48-6C877E41D615"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:db2:11.5:*:*:*:*:linux:*:*",
"matchCriteriaId": "42CB728E-ECA8-40DE-83E7-8AF390AA61FA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:db2:11.5:*:*:*:*:unix:*:*",
"matchCriteriaId": "9105BCAD-F2C6-4568-B497-D72424753B58"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:db2:11.5:*:*:*:*:windows:*:*",
"matchCriteriaId": "ADF7E611-0330-437D-9535-B710EC2FDA00"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:ibm:linux_on_ibm_z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B955E472-47E3-4C32-847B-F6BB05594BA3"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
}
]
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7175947",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
}
]
}

76
CVE-2024/CVE-2024-417xx/CVE-2024-41762.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41762",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-12-07T14:15:17.560",
"lastModified": "2024-12-07T14:15:17.560",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-01-31T15:27:03.190",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
@ -36,25 +36,91 @@
},
"exploitabilityScore": 1.6,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-789"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:db2:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.5.0",
"versionEndIncluding": "10.5.11",
"matchCriteriaId": "4F2E6BAB-5E0F-458B-B358-205D65B073D5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:db2:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.1.4",
"versionEndIncluding": "11.1.4.7",
"matchCriteriaId": "2E7ABF45-1720-49F0-AA78-E4C06815F3C5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:db2:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.5.0",
"versionEndIncluding": "11.5.9",
"matchCriteriaId": "ECBD1085-509F-49E6-9DB0-1015F7B63955"
}
]
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7175946",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
}
]
}

103
CVE-2024/CVE-2024-438xx/CVE-2024-43866.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-43866",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-21T00:15:05.023",
"lastModified": "2024-10-17T14:15:07.297",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-31T16:00:46.823",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,23 +15,112 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: net/mlx5: siempre drena el estado al apagar la devoluci\u00f3n de llamada. No tiene sentido la recuperaci\u00f3n durante el apagado del dispositivo. si comenz\u00f3 el trabajo de salud, debe esperar para evitar ejecuciones y acceso al puntero NULL. Por lo tanto, drene el WQ de salud al cerrar la devoluci\u00f3n de llamada."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-362"
},
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.13.16",
"versionEndExcluding": "6.1.113",
"matchCriteriaId": "E466D899-2267-437A-97E2-BD71697DE0BD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.45",
"matchCriteriaId": "6ED8FBDF-48EE-4FEB-8B1A-CFF4FBCB27BF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.4",
"matchCriteriaId": "1F9FECDC-6CB8-41E5-B32A-E46776100D9C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/1b75da22ed1e6171e261bc9265370162553d5393",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5005e2e159b300c1b8c6820a1e13a62eb0127b9b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6048dec754554a1303d632be6042d3feb3295285",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6b6c2ebd83f2bf97e8f221479372aaca97a4a9b2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

6
CVE-2024/CVE-2024-449xx/CVE-2024-44911.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-44911",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-27T15:15:14.990",
"lastModified": "2024-10-07T15:00:02.707",
"vulnStatus": "Analyzed",
"lastModified": "2025-01-31T16:15:34.057",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NASA CryptoLib v1.3.0 was discovered to contain an Out-of-Bounds read via the TC subsystem (crypto_aos.c)."
"value": "NASA CryptoLib v1.3.0 was discovered to contain an Out-of-Bounds read via the TC subsystem (crypto_tc.c)."
},
{
"lang": "es",

56
CVE-2024/CVE-2024-450xx/CVE-2024-45089.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-45089",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-01-31T16:15:34.177",
"lastModified": "2025-01-31T16:15:34.177",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 Standard Edition EBICS server could allow an authenticated user to obtain sensitive filename information due to an observable discrepancy."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-203"
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7182063",
"source": "psirt@us.ibm.com"
}
]
}

60
CVE-2024/CVE-2024-453xx/CVE-2024-45326.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-45326",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:31.183",
"lastModified": "2025-01-14T14:15:31.183",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-31T16:36:15.783",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,25 +36,77 @@
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortideceptor:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.0.0",
"versionEndExcluding": "6.0.1",
"matchCriteriaId": "19ED7397-1BD2-4C31-AA38-044A316CDD93"
}
]
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-285",
"source": "psirt@fortinet.com"
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
]
}
]
}

6
CVE-2024/CVE-2024-453xx/CVE-2024-45337.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-45337",
"sourceIdentifier": "security@golang.org",
"published": "2024-12-12T02:02:07.970",
"lastModified": "2024-12-12T21:15:08.500",
"lastModified": "2025-01-31T15:15:13.190",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -63,6 +63,10 @@
{
"url": "http://www.openwall.com/lists/oss-security/2024/12/11/2",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://security.netapp.com/advisory/ntap-20250131-0007/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}

56
CVE-2024/CVE-2024-456xx/CVE-2024-45650.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-45650",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-01-31T15:15:13.350",
"lastModified": "2025-01-31T15:15:13.350",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Security Verify Directory 10.0 through 10.0.3 is vulnerable to a denial of service when sending an LDAP extended operation."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-754"
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7182169",
"source": "psirt@us.ibm.com"
}
]
}

58
CVE-2024/CVE-2024-458xx/CVE-2024-45824.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-45824",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2024-09-12T14:16:06.953",
"lastModified": "2024-09-12T18:14:03.913",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-31T15:25:14.390",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -80,6 +80,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -93,12 +113,44 @@
"value": "CWE-77"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rockwellautomation:factorytalk_view:*:*:*:*:se:*:*:*",
"versionStartIncluding": "12.0",
"versionEndIncluding": "14.0",
"matchCriteriaId": "58998428-6F66-4C66-886F-BDF0B0DE7889"
}
]
}
]
}
],
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1696.html",
"source": "PSIRT@rockwellautomation.com"
"source": "PSIRT@rockwellautomation.com",
"tags": [
"Vendor Advisory"
]
}
]
}

106
CVE-2024/CVE-2024-458xx/CVE-2024-45828.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-45828",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-01-11T13:15:21.450",
"lastModified": "2025-01-11T13:15:21.450",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-31T15:57:10.733",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,27 +15,117 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: i3c: mipi-i3c-hci: Enmascarar interrupciones del anillo antes de la solicitud de detenci\u00f3n del anillo La ruta de desinfecci\u00f3n del bus en modo DMA puede activar una interrupci\u00f3n RING_OP_STAT cuando se detiene el anillo. Dependiendo del tiempo entre la finalizaci\u00f3n de la solicitud de detenci\u00f3n del anillo, la eliminaci\u00f3n del controlador de interrupciones y la ejecuci\u00f3n del c\u00f3digo, esto puede provocar una desreferencia de puntero NULL en hci_dma_irq_handler() si se ejecuta despu\u00e9s de que el puntero io_data se establezca en NULL en hci_dma_cleanup(). Evite esto enmascarando las interrupciones del anillo antes de la solicitud de detenci\u00f3n del anillo."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.0",
"versionEndExcluding": "5.15.174",
"matchCriteriaId": "DD707CE8-4037-4948-AC90-C55A45230462"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.120",
"matchCriteriaId": "09AC6122-E2A4-40FE-9D33-268A1B2EC265"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.66",
"matchCriteriaId": "29A976AD-B9AB-4A95-9F08-7669F8847EB9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.12.5",
"matchCriteriaId": "9501D045-7A94-42CA-8B03-821BE94A65B7"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/19cc5767334bfe980f52421627d0826c0da86721",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6ca2738174e4ee44edb2ab2d86ce74f015a0cc32",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9d745a56aea45e47f4755bc12e6429d6314dbb54",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a6cddf68b3405b272b5a3cad9657be0b02b34bf4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a6dc4b4fda2e147e557050eaae51ff15edeb680b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

67
CVE-2024/CVE-2024-466xx/CVE-2024-46664.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-46664",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:31.330",
"lastModified": "2025-01-14T14:15:31.330",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-01-31T16:37:48.283",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,25 +36,84 @@
},
"exploitabilityScore": 1.2,
"impactScore": 4.2
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-23"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortirecorder:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.4.0",
"versionEndExcluding": "7.0.5",
"matchCriteriaId": "152C9FCA-912A-4CE5-A3F7-3F3DE0F2825C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortirecorder:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.2.0",
"versionEndExcluding": "7.2.2",
"matchCriteriaId": "C0B0D078-2F52-46B4-B9C0-162447828E1B"
}
]
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-310",
"source": "psirt@fortinet.com"
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
]
}
]
}

Some files were not shown because too many files have changed in this diff Show More