admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 19:47:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-10-24T20:00:26.666685+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-10-24 20:03:28 +00:00
parent a5f04377de
commit fdb76a4aa0
89 changed files with 7766 additions and 525 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
CVE-2021/CVE-2021-201xx/CVE-2021-20193.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-20193", "id": "CVE-2021-20193",
"sourceIdentifier": "secalert@redhat.com", "sourceIdentifier": "secalert@redhat.com",
"published": "2021-03-26T17:15:12.843", "published": "2021-03-26T17:15:12.843",
"lastModified": "2023-11-07T03:28:59.727", "lastModified": "2024-10-24T18:15:14.167",
"vulnStatus": "Modified", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -22,7 +22,7 @@
"type": "Primary", "type": "Primary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"attackVector": "LOCAL", "attackVector": "LOCAL",
"attackComplexity": "LOW", "attackComplexity": "LOW",
"privilegesRequired": "NONE", "privilegesRequired": "NONE",
@ -30,12 +30,12 @@
"scope": "UNCHANGED", "scope": "UNCHANGED",
"confidentialityImpact": "NONE", "confidentialityImpact": "NONE",
"integrityImpact": "NONE", "integrityImpact": "NONE",
"availabilityImpact": "HIGH", "availabilityImpact": "LOW",
"baseScore": 5.5, "baseScore": 3.3,
"baseSeverity": "MEDIUM" "baseSeverity": "LOW"
}, },
"exploitabilityScore": 1.8, "exploitabilityScore": 1.8,
"impactScore": 3.6 "impactScore": 1.4
} }
], ],
"cvssMetricV2": [ "cvssMetricV2": [

22
CVE-2022/CVE-2022-437xx/CVE-2022-43701.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-43701", "id": "CVE-2022-43701",
"sourceIdentifier": "arm-security@arm.com", "sourceIdentifier": "arm-security@arm.com",
"published": "2023-07-27T22:15:10.077", "published": "2023-07-27T22:15:10.077",
"lastModified": "2024-02-13T20:15:51.213", "lastModified": "2024-10-24T18:35:01.700",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -32,6 +32,26 @@
}, },
"exploitabilityScore": 1.8, "exploitabilityScore": 1.8,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
} }
] ]
}, },

122
CVE-2022/CVE-2022-489xx/CVE-2022-48954.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-48954", "id": "CVE-2022-48954",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T20:15:06.783", "published": "2024-10-21T20:15:06.783",
"lastModified": "2024-10-23T15:13:25.583", "lastModified": "2024-10-24T19:57:39.000",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,19 +15,129 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: s390/qeth: se corrige el use after free en hsci KASAN descubri\u00f3 que addr fue desreferenciado despu\u00e9s de que se liber\u00f3 br2dev_event_work. ===================================================================== ERROR: KASAN: use after free en qeth_l2_br2dev_worker+0x5ba/0x6b0 Lectura de tama\u00f1o 1 en la direcci\u00f3n 00000000fdcea440 por la tarea kworker/u760:4/540 CPU: 17 PID: 540 Comm: kworker/u760:4 Contaminado: GE 6.1.0-20221128.rc7.git1.5aa3bed4ce83.300.fc36.s390x+kasan #1 Nombre del hardware: IBM 8561 T01 703 (LPAR) Cola de trabajo: 0.0.8000_evento qeth_l2_br2dev_worker Seguimiento de llamadas: [<000000016944d4ce>] nivel_pila_volcado+0xc6/0xf8 [<000000016942cd9c>] descripci\u00f3n_direcci\u00f3n_impresi\u00f3n.constprop.0+0x34/0x2a0 [<000000016942d118>] informe_impresi\u00f3n+0x110/0x1f8 [<0000000167a7bd04>] informe_kasan+0xfc/0x128 [<000000016938d79a>] qeth_l2_br2dev_worker+0x5ba/0x6b0 [<00000001673edd1e>] proceso_uno_trabajo+0x76e/0x1128 [<00000001673ee85c>] subproceso_trabajador+0x184/0x1098 [<000000016740718a>] subproceso_k+0x26a/0x310 [<00000001672c606a>] __ret_from_fork+0x8a/0xe8 [<00000001694711da>] ret_from_fork+0xa/0x40 Asignado por la tarea 108338: kasan_save_stack+0x40/0x68 kasan_set_track+0x36/0x48 __kasan_kmalloc+0xa0/0xc0 qeth_l2_switchdev_event+0x25a/0x738 cadena_de_llamadas_de_notificador_at\u00f3mico+0x9c/0xf8 br_switchdev_fdb_notify+0xf4/0x110 fdb_notify+0x122/0x180 fdb_add_entry.constprop.0.isra.0+0x312/0x558 br_fdb_add+0x59e/0x858 rtnl_fdb_add+0x58a/0x928 rtnetlink_rcv_msg+0x5f8/0x8d8 netlink_rcv_skb+0x1f2/0x408 netlink_unicast+0x570/0x790 netlink_sendmsg+0x752/0xbe0 sock_sendmsg+0xca/0x110 ____sys_sendmsg+0x510/0x6a8 ___sys_sendmsg+0x12a/0x180 __sys_sendmsg+0xe6/0x168 __do_sys_socketcall+0x3c8/0x468 do_syscall+0x22c/0x328 __do_syscall+0x94/0xf0 llamada_sistema+0x82/0xb0 Liberado por la tarea 540: kasan_save_stack+0x40/0x68 kasan_set_track+0x36/0x48 kasan_save_free_info+0x4c/0x68 ____kasan_slab_free+0x14e/0x1a8 __kasan_slab_free+0x24/0x30 __kmem_cache_free+0x168/0x338 qeth_l2_br2dev_worker+0x154/0x6b0 process_one_work+0x76e/0x1128 worker_thread+0x184/0x1098 kthread+0x26a/0x310 __ret_from_fork+0x8a/0xe8 ret_from_fork+0xa/0x40 \u00daltima creaci\u00f3n de trabajo potencialmente relacionada: kasan_save_stack+0x40/0x68 __kasan_record_aux_stack+0xbe/0xd0 insert_work+0x56/0x2e8 __queue_work+0x4ce/0xd10 queue_work_on+0xf4/0x100 qeth_l2_switchdev_event+0x520/0x738 cadena de llamada de notificador at\u00f3mico+0x9c/0xf8 br_switchdev_fdb_notify+0xf4/0x110 fdb_notify+0x122/0x180 fdb_add_entry.constprop.0.isra.0+0x312/0x558 br_fdb_add+0x59e/0x858 rtnl_fdb_add+0x58a/0x928 rtnetlink_rcv_msg+0x5f8/0x8d8 netlink_rcv_skb+0x1f2/0x408 netlink_unicast+0x570/0x790 netlink_sendmsg+0x752/0xbe0 sock_sendmsg+0xca/0x110 ____sys_sendmsg+0x510/0x6a8 ___sys_sendmsg+0x12a/0x180 __sys_sendmsg+0xe6/0x168 __do_sys_socketcall+0x3c8/0x468 do_syscall+0x22c/0x328 __do_syscall+0x94/0xf0 system_call+0x82/0xb0 Pen\u00faltima creaci\u00f3n de trabajo potencialmente relacionado: kasan_save_stack+0x40/0x68 __kasan_record_aux_stack+0xbe/0xd0 kvfree_call_rcu+0xb2/0x760 kernfs_unlink_open_file+0x348/0x430 kernfs_fop_release+0xc2/0x320 __fput+0x1ae/0x768 task_work_run+0x1bc/0x298 exit_to_user_mode_prepare+0x1a0/0x1a8 __do_syscall+0x94/0xf0 system_call+0x82/0xb0 La direcci\u00f3n con errores pertenece al objeto en 00000000fdcea400 que pertenece a la cach\u00e9 kmalloc-96 de tama\u00f1o 96 La direcci\u00f3n con errores se encuentra 64 bytes dentro de la regi\u00f3n de 96 bytes [00000000fdcea400, 00000000fdcea460) La direcci\u00f3n con errores pertenece a la p\u00e1gina f\u00edsica: page:000000005a9c26e8 refcount:1 mapcount:0 mapping:0000000000000000 \u00edndice:0x0 pfn:0xfdcea flags: 0x3ffff00000000200(slab|node=0|zone=1|lastcpupid=0x1ffff) raw: 3ffff00000000200 0000000000000000 0000000100000122 000000008008cc00 raw: 0000000000000000 0020004100000000 ffffffff00000001 0000000000000000 p\u00e1gina volcada porque: kasan: mal acceso detectado Estado de la memoria alrededor de la direcci\u00f3n con errores: 00000000fdcea300: fb ..." "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: s390/qeth: se corrige el use after free en hsci KASAN descubri\u00f3 que addr fue desreferenciado despu\u00e9s de que se liber\u00f3 br2dev_event_work. ===================================================================== ERROR: KASAN: use after free en qeth_l2_br2dev_worker+0x5ba/0x6b0 Lectura de tama\u00f1o 1 en la direcci\u00f3n 00000000fdcea440 por la tarea kworker/u760:4/540 CPU: 17 PID: 540 Comm: kworker/u760:4 Contaminado: GE 6.1.0-20221128.rc7.git1.5aa3bed4ce83.300.fc36.s390x+kasan #1 Nombre del hardware: IBM 8561 T01 703 (LPAR) Cola de trabajo: 0.0.8000_evento qeth_l2_br2dev_worker Seguimiento de llamadas: [<000000016944d4ce>] nivel_pila_volcado+0xc6/0xf8 [<000000016942cd9c>] descripci\u00f3n_direcci\u00f3n_impresi\u00f3n.constprop.0+0x34/0x2a0 [<000000016942d118>] informe_impresi\u00f3n+0x110/0x1f8 [<0000000167a7bd04>] informe_kasan+0xfc/0x128 [<000000016938d79a>] qeth_l2_br2dev_worker+0x5ba/0x6b0 [<00000001673edd1e>] proceso_uno_trabajo+0x76e/0x1128 [<00000001673ee85c>] subproceso_trabajador+0x184/0x1098 [<000000016740718a>] subproceso_k+0x26a/0x310 [<00000001672c606a>] __ret_from_fork+0x8a/0xe8 [<00000001694711da>] ret_from_fork+0xa/0x40 Asignado por la tarea 108338: kasan_save_stack+0x40/0x68 kasan_set_track+0x36/0x48 __kasan_kmalloc+0xa0/0xc0 qeth_l2_switchdev_event+0x25a/0x738 cadena_de_llamadas_de_notificador_at\u00f3mico+0x9c/0xf8 br_switchdev_fdb_notify+0xf4/0x110 fdb_notify+0x122/0x180 fdb_add_entry.constprop.0.isra.0+0x312/0x558 br_fdb_add+0x59e/0x858 rtnl_fdb_add+0x58a/0x928 rtnetlink_rcv_msg+0x5f8/0x8d8 netlink_rcv_skb+0x1f2/0x408 netlink_unicast+0x570/0x790 netlink_sendmsg+0x752/0xbe0 sock_sendmsg+0xca/0x110 ____sys_sendmsg+0x510/0x6a8 ___sys_sendmsg+0x12a/0x180 __sys_sendmsg+0xe6/0x168 __do_sys_socketcall+0x3c8/0x468 do_syscall+0x22c/0x328 __do_syscall+0x94/0xf0 llamada_sistema+0x82/0xb0 Liberado por la tarea 540: kasan_save_stack+0x40/0x68 kasan_set_track+0x36/0x48 kasan_save_free_info+0x4c/0x68 ____kasan_slab_free+0x14e/0x1a8 __kasan_slab_free+0x24/0x30 __kmem_cache_free+0x168/0x338 qeth_l2_br2dev_worker+0x154/0x6b0 process_one_work+0x76e/0x1128 worker_thread+0x184/0x1098 kthread+0x26a/0x310 __ret_from_fork+0x8a/0xe8 ret_from_fork+0xa/0x40 \u00daltima creaci\u00f3n de trabajo potencialmente relacionada: kasan_save_stack+0x40/0x68 __kasan_record_aux_stack+0xbe/0xd0 insert_work+0x56/0x2e8 __queue_work+0x4ce/0xd10 queue_work_on+0xf4/0x100 qeth_l2_switchdev_event+0x520/0x738 cadena de llamada de notificador at\u00f3mico+0x9c/0xf8 br_switchdev_fdb_notify+0xf4/0x110 fdb_notify+0x122/0x180 fdb_add_entry.constprop.0.isra.0+0x312/0x558 br_fdb_add+0x59e/0x858 rtnl_fdb_add+0x58a/0x928 rtnetlink_rcv_msg+0x5f8/0x8d8 netlink_rcv_skb+0x1f2/0x408 netlink_unicast+0x570/0x790 netlink_sendmsg+0x752/0xbe0 sock_sendmsg+0xca/0x110 ____sys_sendmsg+0x510/0x6a8 ___sys_sendmsg+0x12a/0x180 __sys_sendmsg+0xe6/0x168 __do_sys_socketcall+0x3c8/0x468 do_syscall+0x22c/0x328 __do_syscall+0x94/0xf0 system_call+0x82/0xb0 Pen\u00faltima creaci\u00f3n de trabajo potencialmente relacionado: kasan_save_stack+0x40/0x68 __kasan_record_aux_stack+0xbe/0xd0 kvfree_call_rcu+0xb2/0x760 kernfs_unlink_open_file+0x348/0x430 kernfs_fop_release+0xc2/0x320 __fput+0x1ae/0x768 task_work_run+0x1bc/0x298 exit_to_user_mode_prepare+0x1a0/0x1a8 __do_syscall+0x94/0xf0 system_call+0x82/0xb0 La direcci\u00f3n con errores pertenece al objeto en 00000000fdcea400 que pertenece a la cach\u00e9 kmalloc-96 de tama\u00f1o 96 La direcci\u00f3n con errores se encuentra 64 bytes dentro de la regi\u00f3n de 96 bytes [00000000fdcea400, 00000000fdcea460) La direcci\u00f3n con errores pertenece a la p\u00e1gina f\u00edsica: page:000000005a9c26e8 refcount:1 mapcount:0 mapping:0000000000000000 \u00edndice:0x0 pfn:0xfdcea flags: 0x3ffff00000000200(slab|node=0|zone=1|lastcpupid=0x1ffff) raw: 3ffff00000000200 0000000000000000 0000000100000122 000000008008cc00 raw: 0000000000000000 0020004100000000 ffffffff00000001 0000000000000000 p\u00e1gina volcada porque: kasan: mal acceso detectado Estado de la memoria alrededor de la direcci\u00f3n con errores: 00000000fdcea300: fb ..."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.15",
"versionEndExcluding": "5.15.83",
"matchCriteriaId": "596123A2-9BD2-4865-9AD9-98254B11C8C7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.0.13",
"matchCriteriaId": "389392A7-81C4-4C26-884B-8C7CF0F53DA4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E7E331DA-1FB0-4DEC-91AC-7DA69D461C11"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "17F0B248-42CF-4AE6-A469-BB1BAE7F4705"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E2422816-0C14-4B5E-A1E6-A9D776E5C49B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*",
"matchCriteriaId": "1C6E00FE-5FB9-4D20-A1A1-5A32128F9B76"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*",
"matchCriteriaId": "35B26BE4-43A6-4A36-A7F6-5B3F572D9186"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*",
"matchCriteriaId": "3FFFB0B3-930D-408A-91E2-BAE0C2715D80"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc7:*:*:*:*:*:*",
"matchCriteriaId": "8535320E-A0DB-4277-800E-D0CE5BBA59E8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc8:*:*:*:*:*:*",
"matchCriteriaId": "21718AA4-4056-40F2-968E-BDAA465A7872"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/bde0dfc7c4569406a6ddeec363d04a1df7b3073f", "url": "https://git.kernel.org/stable/c/bde0dfc7c4569406a6ddeec363d04a1df7b3073f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/db6343a5b0d9661f2dd76f653c6d274d38234d2b", "url": "https://git.kernel.org/stable/c/db6343a5b0d9661f2dd76f653c6d274d38234d2b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/ebaaadc332cd21e9df4dcf9ce12552d9354bbbe4", "url": "https://git.kernel.org/stable/c/ebaaadc332cd21e9df4dcf9ce12552d9354bbbe4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

122
CVE-2022/CVE-2022-489xx/CVE-2022-48955.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-48955", "id": "CVE-2022-48955",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T20:15:06.870", "published": "2024-10-21T20:15:06.870",
"lastModified": "2024-10-23T15:13:25.583", "lastModified": "2024-10-24T19:58:17.230",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,19 +15,129 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: thunderbolt: se corrige la p\u00e9rdida de memoria en tbnet_open() Cuando tb_ring_alloc_rx() fallo en tbnet_open(), no se libera el ida asignado en tb_xdomain_alloc_out_hopid(). Agregue tb_xdomain_release_out_hopid() a la ruta de error para liberar el ida." "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: thunderbolt: se corrige la p\u00e9rdida de memoria en tbnet_open() Cuando tb_ring_alloc_rx() fallo en tbnet_open(), no se libera el ida asignado en tb_xdomain_alloc_out_hopid(). Agregue tb_xdomain_release_out_hopid() a la ruta de error para liberar el ida."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.13",
"versionEndExcluding": "5.15.83",
"matchCriteriaId": "795CDE1F-2EDA-49C4-B379-49E4F81417E8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.0.13",
"matchCriteriaId": "389392A7-81C4-4C26-884B-8C7CF0F53DA4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E7E331DA-1FB0-4DEC-91AC-7DA69D461C11"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "17F0B248-42CF-4AE6-A469-BB1BAE7F4705"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E2422816-0C14-4B5E-A1E6-A9D776E5C49B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*",
"matchCriteriaId": "1C6E00FE-5FB9-4D20-A1A1-5A32128F9B76"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*",
"matchCriteriaId": "35B26BE4-43A6-4A36-A7F6-5B3F572D9186"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*",
"matchCriteriaId": "3FFFB0B3-930D-408A-91E2-BAE0C2715D80"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc7:*:*:*:*:*:*",
"matchCriteriaId": "8535320E-A0DB-4277-800E-D0CE5BBA59E8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc8:*:*:*:*:*:*",
"matchCriteriaId": "21718AA4-4056-40F2-968E-BDAA465A7872"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/b9274dbe399952a8175db2e1ee148b7c9ba2b538", "url": "https://git.kernel.org/stable/c/b9274dbe399952a8175db2e1ee148b7c9ba2b538",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/ed14e5903638f6eb868e3e2b4e610985e6a6c876", "url": "https://git.kernel.org/stable/c/ed14e5903638f6eb868e3e2b4e610985e6a6c876",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/ed6e955f3b7e0e622c080f4bcb5427a5e1af4c2a", "url": "https://git.kernel.org/stable/c/ed6e955f3b7e0e622c080f4bcb5427a5e1af4c2a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

170
CVE-2022/CVE-2022-489xx/CVE-2022-48956.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-48956", "id": "CVE-2022-48956",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T20:15:06.973", "published": "2024-10-21T20:15:06.973",
"lastModified": "2024-10-23T15:13:25.583", "lastModified": "2024-10-24T19:59:47.737",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,35 +15,185 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ipv6: evitar el use after free en ip6_fragment(). el commit culpable afirmaba que rcu_read_lock() estaba retenido por los llamadores de ip6_fragment(). Parece que no siempre es cierto, al menos para la pila UDP. syzbot inform\u00f3: ERROR: KASAN: use after free en ip6_dst_idev include/net/ip6_fib.h:245 [en l\u00ednea] ERROR: KASAN: use after free en ip6_fragment+0x2724/0x2770 net/ipv6/ip6_output.c:951 Lectura de tama\u00f1o 8 en la direcci\u00f3n ffff88801d403e80 por la tarea syz-executor.3/7618 CPU: 1 PID: 7618 Comm: syz-executor.3 No contaminado 6.1.0-rc6-syzkaller-00012-g4312098baf37 #0 Nombre del hardware: Google Google Compute Engine/Google Compute Engine, BIOS Google 26/10/2022 Seguimiento de llamadas: __dump_stack lib/dump_stack.c:88 [en l\u00ednea] dump_stack_lvl+0xd1/0x138 lib/dump_stack.c:106 imprimir_descripci\u00f3n_de_direcci\u00f3n mm/kasan/report.c:284 [en l\u00ednea] imprimir_report+0x15e/0x45d mm/kasan/report.c:395 kasan_report+0xbf/0x1f0 mm/kasan/report.c:495 ip6_dst_idev include/net/ip6_fib.h:245 [en l\u00ednea] ip6_fragment+0x2724/0x2770 net/ipv6/ip6_output.c:951 __ip6_finish_output net/ipv6/ip6_output.c:193 [en l\u00ednea] ip6_finish_output+0x9a3/0x1170 net/ipv6/ip6_output.c:206 NF_HOOK_COND incluir/linux/netfilter.h:291 [en l\u00ednea] ip6_output+0x1f1/0x540 net/ipv6/ip6_output.c:227 dst_output incluir/net/dst.h:445 [en l\u00ednea] ip6_local_out+0xb3/0x1a0 net/ipv6/output_core.c:161 ip6_send_skb+0xbb/0x340 net/ipv6/ip6_output.c:1966 udp_v6_send_skb+0x82a/0x18a0 net/ipv6/udp.c:1286 udp_v6_push_pending_frames+0x140/0x200 net/ipv6/udp.c:1313 udpv6_sendmsg+0x18da/0x2c80 net/ipv6/udp.c:1606 inet6_sendmsg+0x9d/0xe0 net/ipv6/af_inet6.c:665 sock_sendmsg_nosec net/socket.c:714 [en l\u00ednea] sock_sendmsg+0xd3/0x120 net/socket.c:734 sock_write_iter+0x295/0x3d0 net/socket.c:1108 call_write_iter include/linux/fs.h:2191 [en l\u00ednea] new_sync_write fs/read_write.c:491 [en l\u00ednea] vfs_write+0x9ed/0xdd0 fs/read_write.c:584 ksys_write+0x1ec/0x250 fs/read_write.c:637 do_syscall_x64 arch/x86/entry/common.c:50 [en l\u00ednea] do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x63/0xcd RIP: 0033:0x7fde3588c0d9 C\u00f3digo: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007fde365b6168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 RAX: ffffffffffffffda RBX: 00007fde359ac050 RCX: 00007fde3588c0d9 RDX: 000000000000ffdc RSI: 00000000200000c0 RDI: 000000000000000a RBP: 00007fde358e7ae9 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000 R13: 00007fde35acfb1f R14: 00007fde365b6300 R15: 0000000000022000 Asignado por la tarea 7618: kasan_save_stack+0x22/0x40 mm/kasan/common.c:45 kasan_set_track+0x25/0x30 mm/kasan/common.c:52 __kasan_slab_alloc+0x82/0x90 mm/kasan/common.c:325 kasan_slab_alloc include/linux/kasan.h:201 [en l\u00ednea] gancho_alloc_poste_losa mm/slab.h:737 [en l\u00ednea] nodo_alloc_losa mm/slub.c:3398 [en l\u00ednea] losa_alloc mm/slub.c:3406 [en l\u00ednea] __kmem_cache_alloc_lru mm/slub.c:3413 [en l\u00ednea] kmem_cache_alloc+0x2b4/0x3d0 mm/slub.c:3422 dst_alloc+0x14a/0x1f0 net/core/dst.c:92 ip6_dst_alloc+0x32/0xa0 net/ipv6/route.c:344 ip6_rt_pcpu_alloc net/ipv6/route.c:1369 [en l\u00ednea] rt6_make_pcpu_route net/ipv6/route.c:1417 [en l\u00ednea] ip6_pol_route+0x901/0x1190 net/ipv6/route.c:2254 pol_lookup_func include/net/ip6_fib.h:582 [en l\u00ednea] fib6_rule_lookup+0x52e/0x6f0 net/ipv6/fib6_rules.c:121 ip6_route_output_flags_noref+0x2e6/0x380 net/ipv6/route.c:2625 banderas de salida de ruta ip6+0x76/0x320 red/ipv6/route.c:2638 salida de ruta ip6 incluir/red/ip6_route.h:98 [en l\u00ednea] cola de b\u00fasqueda de dst ip6+0x5ab/0x1620 red/ipv6/ip6_output.c:1092 flujo de b\u00fasqueda de dst ip6+0x90/0x1d0 red/ipv6/ip6_output.c:1222 flujo de b\u00fasqueda de dst ip6_sk+0x553/0x980 red/ipv6/ip6_output.c:1260 env\u00edo de mensajes de env\u00edo udpv6+0x151d/0x2c80 red/ipv6/udp.c:1554 ---truncado---" "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ipv6: evitar el use after free en ip6_fragment(). el commit culpable afirmaba que rcu_read_lock() estaba retenido por los llamadores de ip6_fragment(). Parece que no siempre es cierto, al menos para la pila UDP. syzbot inform\u00f3: ERROR: KASAN: use after free en ip6_dst_idev include/net/ip6_fib.h:245 [en l\u00ednea] ERROR: KASAN: use after free en ip6_fragment+0x2724/0x2770 net/ipv6/ip6_output.c:951 Lectura de tama\u00f1o 8 en la direcci\u00f3n ffff88801d403e80 por la tarea syz-executor.3/7618 CPU: 1 PID: 7618 Comm: syz-executor.3 No contaminado 6.1.0-rc6-syzkaller-00012-g4312098baf37 #0 Nombre del hardware: Google Google Compute Engine/Google Compute Engine, BIOS Google 26/10/2022 Seguimiento de llamadas: __dump_stack lib/dump_stack.c:88 [en l\u00ednea] dump_stack_lvl+0xd1/0x138 lib/dump_stack.c:106 imprimir_descripci\u00f3n_de_direcci\u00f3n mm/kasan/report.c:284 [en l\u00ednea] imprimir_report+0x15e/0x45d mm/kasan/report.c:395 kasan_report+0xbf/0x1f0 mm/kasan/report.c:495 ip6_dst_idev include/net/ip6_fib.h:245 [en l\u00ednea] ip6_fragment+0x2724/0x2770 net/ipv6/ip6_output.c:951 __ip6_finish_output net/ipv6/ip6_output.c:193 [en l\u00ednea] ip6_finish_output+0x9a3/0x1170 net/ipv6/ip6_output.c:206 NF_HOOK_COND incluir/linux/netfilter.h:291 [en l\u00ednea] ip6_output+0x1f1/0x540 net/ipv6/ip6_output.c:227 dst_output incluir/net/dst.h:445 [en l\u00ednea] ip6_local_out+0xb3/0x1a0 net/ipv6/output_core.c:161 ip6_send_skb+0xbb/0x340 net/ipv6/ip6_output.c:1966 udp_v6_send_skb+0x82a/0x18a0 net/ipv6/udp.c:1286 udp_v6_push_pending_frames+0x140/0x200 net/ipv6/udp.c:1313 udpv6_sendmsg+0x18da/0x2c80 net/ipv6/udp.c:1606 inet6_sendmsg+0x9d/0xe0 net/ipv6/af_inet6.c:665 sock_sendmsg_nosec net/socket.c:714 [en l\u00ednea] sock_sendmsg+0xd3/0x120 net/socket.c:734 sock_write_iter+0x295/0x3d0 net/socket.c:1108 call_write_iter include/linux/fs.h:2191 [en l\u00ednea] new_sync_write fs/read_write.c:491 [en l\u00ednea] vfs_write+0x9ed/0xdd0 fs/read_write.c:584 ksys_write+0x1ec/0x250 fs/read_write.c:637 do_syscall_x64 arch/x86/entry/common.c:50 [en l\u00ednea] do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x63/0xcd RIP: 0033:0x7fde3588c0d9 C\u00f3digo: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007fde365b6168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 RAX: ffffffffffffffda RBX: 00007fde359ac050 RCX: 00007fde3588c0d9 RDX: 000000000000ffdc RSI: 00000000200000c0 RDI: 000000000000000a RBP: 00007fde358e7ae9 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000 R13: 00007fde35acfb1f R14: 00007fde365b6300 R15: 0000000000022000 Asignado por la tarea 7618: kasan_save_stack+0x22/0x40 mm/kasan/common.c:45 kasan_set_track+0x25/0x30 mm/kasan/common.c:52 __kasan_slab_alloc+0x82/0x90 mm/kasan/common.c:325 kasan_slab_alloc include/linux/kasan.h:201 [en l\u00ednea] gancho_alloc_poste_losa mm/slab.h:737 [en l\u00ednea] nodo_alloc_losa mm/slub.c:3398 [en l\u00ednea] losa_alloc mm/slub.c:3406 [en l\u00ednea] __kmem_cache_alloc_lru mm/slub.c:3413 [en l\u00ednea] kmem_cache_alloc+0x2b4/0x3d0 mm/slub.c:3422 dst_alloc+0x14a/0x1f0 net/core/dst.c:92 ip6_dst_alloc+0x32/0xa0 net/ipv6/route.c:344 ip6_rt_pcpu_alloc net/ipv6/route.c:1369 [en l\u00ednea] rt6_make_pcpu_route net/ipv6/route.c:1417 [en l\u00ednea] ip6_pol_route+0x901/0x1190 net/ipv6/route.c:2254 pol_lookup_func include/net/ip6_fib.h:582 [en l\u00ednea] fib6_rule_lookup+0x52e/0x6f0 net/ipv6/fib6_rules.c:121 ip6_route_output_flags_noref+0x2e6/0x380 net/ipv6/route.c:2625 banderas de salida de ruta ip6+0x76/0x320 red/ipv6/route.c:2638 salida de ruta ip6 incluir/red/ip6_route.h:98 [en l\u00ednea] cola de b\u00fasqueda de dst ip6+0x5ab/0x1620 red/ipv6/ip6_output.c:1092 flujo de b\u00fasqueda de dst ip6+0x90/0x1d0 red/ipv6/ip6_output.c:1222 flujo de b\u00fasqueda de dst ip6_sk+0x553/0x980 red/ipv6/ip6_output.c:1260 env\u00edo de mensajes de env\u00edo udpv6+0x151d/0x2c80 red/ipv6/udp.c:1554 ---truncado---"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.13",
"versionEndExcluding": "4.14.302",
"matchCriteriaId": "8B25993C-17C7-4FC1-9333-2F4935DA4E7D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.269",
"matchCriteriaId": "1185B8E3-712E-4BFB-BD01-78D47F7EF1F2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.227",
"matchCriteriaId": "8C752145-904B-474A-A7F2-E9F29353B0FE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.159",
"matchCriteriaId": "7318B597-DFFD-4BBC-A947-539D6E30D82A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.83",
"matchCriteriaId": "90897BD1-104D-4CFF-94F5-29F9041217FB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.0.13",
"matchCriteriaId": "389392A7-81C4-4C26-884B-8C7CF0F53DA4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E7E331DA-1FB0-4DEC-91AC-7DA69D461C11"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "17F0B248-42CF-4AE6-A469-BB1BAE7F4705"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E2422816-0C14-4B5E-A1E6-A9D776E5C49B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*",
"matchCriteriaId": "1C6E00FE-5FB9-4D20-A1A1-5A32128F9B76"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*",
"matchCriteriaId": "35B26BE4-43A6-4A36-A7F6-5B3F572D9186"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*",
"matchCriteriaId": "3FFFB0B3-930D-408A-91E2-BAE0C2715D80"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc7:*:*:*:*:*:*",
"matchCriteriaId": "8535320E-A0DB-4277-800E-D0CE5BBA59E8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc8:*:*:*:*:*:*",
"matchCriteriaId": "21718AA4-4056-40F2-968E-BDAA465A7872"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/6b6d3be3661bff2746cab26147bd629aa034e094", "url": "https://git.kernel.org/stable/c/6b6d3be3661bff2746cab26147bd629aa034e094",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/7390c70bd431cbfa6951477e2c80a301643e284b", "url": "https://git.kernel.org/stable/c/7390c70bd431cbfa6951477e2c80a301643e284b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/7e0dcd5f3ade221a6126278aca60c8ab4cc3bce9", "url": "https://git.kernel.org/stable/c/7e0dcd5f3ade221a6126278aca60c8ab4cc3bce9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/803e84867de59a1e5d126666d25eb4860cfd2ebe", "url": "https://git.kernel.org/stable/c/803e84867de59a1e5d126666d25eb4860cfd2ebe",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/8208d7e56b1e579320b9ff3712739ad2e63e1f86", "url": "https://git.kernel.org/stable/c/8208d7e56b1e579320b9ff3712739ad2e63e1f86",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/9b1a468a455d8319041528778d0e684a4c062792", "url": "https://git.kernel.org/stable/c/9b1a468a455d8319041528778d0e684a4c062792",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/b3d7ff8c04a83279fb7641fc4d5aa82a602df7c0", "url": "https://git.kernel.org/stable/c/b3d7ff8c04a83279fb7641fc4d5aa82a602df7c0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

134
CVE-2022/CVE-2022-489xx/CVE-2022-48959.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-48959", "id": "CVE-2022-48959",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T20:15:07.460", "published": "2024-10-21T20:15:07.460",
"lastModified": "2024-10-23T15:13:25.583", "lastModified": "2024-10-24T19:23:49.373",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,23 +15,143 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: dsa: sja1105: se corrige una p\u00e9rdida de memoria en sja1105_setup_devlink_regions() Cuando dsa_devlink_region_create fallo en sja1105_setup_devlink_regions(), priv->regions no se libera." "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: dsa: sja1105: se corrige una p\u00e9rdida de memoria en sja1105_setup_devlink_regions() Cuando dsa_devlink_region_create fallo en sja1105_setup_devlink_regions(), priv->regions no se libera."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.10",
"versionEndExcluding": "5.10.159",
"matchCriteriaId": "A4B6DAF2-C186-45BD-93EE-79D3D45F13BF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.83",
"matchCriteriaId": "90897BD1-104D-4CFF-94F5-29F9041217FB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.0.13",
"matchCriteriaId": "389392A7-81C4-4C26-884B-8C7CF0F53DA4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E7E331DA-1FB0-4DEC-91AC-7DA69D461C11"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "17F0B248-42CF-4AE6-A469-BB1BAE7F4705"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E2422816-0C14-4B5E-A1E6-A9D776E5C49B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*",
"matchCriteriaId": "1C6E00FE-5FB9-4D20-A1A1-5A32128F9B76"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*",
"matchCriteriaId": "35B26BE4-43A6-4A36-A7F6-5B3F572D9186"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*",
"matchCriteriaId": "3FFFB0B3-930D-408A-91E2-BAE0C2715D80"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc7:*:*:*:*:*:*",
"matchCriteriaId": "8535320E-A0DB-4277-800E-D0CE5BBA59E8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc8:*:*:*:*:*:*",
"matchCriteriaId": "21718AA4-4056-40F2-968E-BDAA465A7872"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/4be43e46c3f945fc7dd9e23c73a7a66927a3b814", "url": "https://git.kernel.org/stable/c/4be43e46c3f945fc7dd9e23c73a7a66927a3b814",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/78a9ea43fc1a7c06a420b132d2d47cbf4344a5df", "url": "https://git.kernel.org/stable/c/78a9ea43fc1a7c06a420b132d2d47cbf4344a5df",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/e5e59629654b8826f0167dae480d0e3fa0f8f038", "url": "https://git.kernel.org/stable/c/e5e59629654b8826f0167dae480d0e3fa0f8f038",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/f3b5dda26cd0535aac09ed09c5d83f19b979ec9f", "url": "https://git.kernel.org/stable/c/f3b5dda26cd0535aac09ed09c5d83f19b979ec9f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

182
CVE-2022/CVE-2022-489xx/CVE-2022-48960.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-48960", "id": "CVE-2022-48960",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T20:15:07.663", "published": "2024-10-21T20:15:07.663",
"lastModified": "2024-10-23T15:13:25.583", "lastModified": "2024-10-24T19:24:43.627",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,39 +15,199 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: hisilicon: Se corrige un posible use after free en hix5hd2_rx() El skb se env\u00eda a napi_gro_receive() que puede liberarlo; despu\u00e9s de llamarlo, desreferenciar skb puede desencadenar un use after free." "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: hisilicon: Se corrige un posible use after free en hix5hd2_rx() El skb se env\u00eda a napi_gro_receive() que puede liberarlo; despu\u00e9s de llamarlo, desreferenciar skb puede desencadenar un use after free."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.16",
"versionEndExcluding": "4.9.336",
"matchCriteriaId": "8A20D856-FF3A-4F90-9C75-18CCB217ABB3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.10",
"versionEndExcluding": "4.14.302",
"matchCriteriaId": "FB3E1F82-01A3-456E-9C83-D567B9A75815"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.269",
"matchCriteriaId": "1185B8E3-712E-4BFB-BD01-78D47F7EF1F2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.227",
"matchCriteriaId": "8C752145-904B-474A-A7F2-E9F29353B0FE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.159",
"matchCriteriaId": "7318B597-DFFD-4BBC-A947-539D6E30D82A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.83",
"matchCriteriaId": "90897BD1-104D-4CFF-94F5-29F9041217FB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.0.13",
"matchCriteriaId": "389392A7-81C4-4C26-884B-8C7CF0F53DA4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E7E331DA-1FB0-4DEC-91AC-7DA69D461C11"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "17F0B248-42CF-4AE6-A469-BB1BAE7F4705"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E2422816-0C14-4B5E-A1E6-A9D776E5C49B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*",
"matchCriteriaId": "1C6E00FE-5FB9-4D20-A1A1-5A32128F9B76"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*",
"matchCriteriaId": "35B26BE4-43A6-4A36-A7F6-5B3F572D9186"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*",
"matchCriteriaId": "3FFFB0B3-930D-408A-91E2-BAE0C2715D80"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc7:*:*:*:*:*:*",
"matchCriteriaId": "8535320E-A0DB-4277-800E-D0CE5BBA59E8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc8:*:*:*:*:*:*",
"matchCriteriaId": "21718AA4-4056-40F2-968E-BDAA465A7872"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/179499e7a240b2ef590f05eb379c810c26bbc8a4", "url": "https://git.kernel.org/stable/c/179499e7a240b2ef590f05eb379c810c26bbc8a4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/1b6360a093ab8969c91a30bb58b753282e2ced4c", "url": "https://git.kernel.org/stable/c/1b6360a093ab8969c91a30bb58b753282e2ced4c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/3a4eddd1cb023a71df4152fcc76092953e6fe95a", "url": "https://git.kernel.org/stable/c/3a4eddd1cb023a71df4152fcc76092953e6fe95a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/433c07a13f59856e4585e89e86b7d4cc59348fab", "url": "https://git.kernel.org/stable/c/433c07a13f59856e4585e89e86b7d4cc59348fab",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/8067cd244cea2c332f8326842fd10158fa2cb64f", "url": "https://git.kernel.org/stable/c/8067cd244cea2c332f8326842fd10158fa2cb64f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/93aaa4bb72e388f6a4887541fd3d18b84f1b5ddc", "url": "https://git.kernel.org/stable/c/93aaa4bb72e388f6a4887541fd3d18b84f1b5ddc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/b6307f7a2fc1c5407b6176f2af34a95214a8c262", "url": "https://git.kernel.org/stable/c/b6307f7a2fc1c5407b6176f2af34a95214a8c262",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/b8ce0e6f9f88a6bb49d291498377e61ea27a5387", "url": "https://git.kernel.org/stable/c/b8ce0e6f9f88a6bb49d291498377e61ea27a5387",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

182
CVE-2022/CVE-2022-489xx/CVE-2022-48962.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-48962", "id": "CVE-2022-48962",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T20:15:08.117", "published": "2024-10-21T20:15:08.117",
"lastModified": "2024-10-23T15:13:25.583", "lastModified": "2024-10-24T19:27:13.900",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,39 +15,199 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: hisilicon: Se corrige un posible use after free en hisi_femac_rx() El skb se env\u00eda a napi_gro_receive() que puede liberarlo; despu\u00e9s de llamarlo, desreferenciar skb puede desencadenar un use after free." "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: hisilicon: Se corrige un posible use after free en hisi_femac_rx() El skb se env\u00eda a napi_gro_receive() que puede liberarlo; despu\u00e9s de llamarlo, desreferenciar skb puede desencadenar un use after free."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.8",
"versionEndExcluding": "4.9.336",
"matchCriteriaId": "E90CA08C-D00D-46EA-B679-A907274101AF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.10",
"versionEndExcluding": "4.14.302",
"matchCriteriaId": "FB3E1F82-01A3-456E-9C83-D567B9A75815"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.269",
"matchCriteriaId": "1185B8E3-712E-4BFB-BD01-78D47F7EF1F2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.227",
"matchCriteriaId": "8C752145-904B-474A-A7F2-E9F29353B0FE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.159",
"matchCriteriaId": "7318B597-DFFD-4BBC-A947-539D6E30D82A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.83",
"matchCriteriaId": "90897BD1-104D-4CFF-94F5-29F9041217FB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.0.13",
"matchCriteriaId": "389392A7-81C4-4C26-884B-8C7CF0F53DA4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E7E331DA-1FB0-4DEC-91AC-7DA69D461C11"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "17F0B248-42CF-4AE6-A469-BB1BAE7F4705"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E2422816-0C14-4B5E-A1E6-A9D776E5C49B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*",
"matchCriteriaId": "1C6E00FE-5FB9-4D20-A1A1-5A32128F9B76"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*",
"matchCriteriaId": "35B26BE4-43A6-4A36-A7F6-5B3F572D9186"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*",
"matchCriteriaId": "3FFFB0B3-930D-408A-91E2-BAE0C2715D80"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc7:*:*:*:*:*:*",
"matchCriteriaId": "8535320E-A0DB-4277-800E-D0CE5BBA59E8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc8:*:*:*:*:*:*",
"matchCriteriaId": "21718AA4-4056-40F2-968E-BDAA465A7872"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/196e12671cb629d9f3b77b4d8bec854fc445533a", "url": "https://git.kernel.org/stable/c/196e12671cb629d9f3b77b4d8bec854fc445533a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/296a50aa8b2982117520713edc1375777a9f8506", "url": "https://git.kernel.org/stable/c/296a50aa8b2982117520713edc1375777a9f8506",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/3501da8eb6d0f5f114a09ec953c54423f6f35885", "url": "https://git.kernel.org/stable/c/3501da8eb6d0f5f114a09ec953c54423f6f35885",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/4640177049549de1a43e9bc49265f0cdfce08cfd", "url": "https://git.kernel.org/stable/c/4640177049549de1a43e9bc49265f0cdfce08cfd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/6f4798ac9c9e98f41553c4f5e6c832c8860a6942", "url": "https://git.kernel.org/stable/c/6f4798ac9c9e98f41553c4f5e6c832c8860a6942",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/8595a2db8eb0ffcbb466eb9f4a7507a5ba06ebb9", "url": "https://git.kernel.org/stable/c/8595a2db8eb0ffcbb466eb9f4a7507a5ba06ebb9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/aceec8ab752428d8e151321479e82cc1a40fee2e", "url": "https://git.kernel.org/stable/c/aceec8ab752428d8e151321479e82cc1a40fee2e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/e71a46cc8c9ad75f3bb0e4b361e81f79c0214cca", "url": "https://git.kernel.org/stable/c/e71a46cc8c9ad75f3bb0e4b361e81f79c0214cca",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

110
CVE-2022/CVE-2022-489xx/CVE-2022-48963.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-48963", "id": "CVE-2022-48963",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T20:15:08.273", "published": "2024-10-21T20:15:08.273",
"lastModified": "2024-10-23T15:13:25.583", "lastModified": "2024-10-24T19:27:58.603",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,15 +15,115 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: wwan: iosm: corrige p\u00e9rdida de memoria en ipc_mux_init() Cuando no se puede asignar ipc_mux->ul_adb.pp_qlt en ipc_mux_init(), ipc_mux no se libera." "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: wwan: iosm: corrige p\u00e9rdida de memoria en ipc_mux_init() Cuando no se puede asignar ipc_mux->ul_adb.pp_qlt en ipc_mux_init(), ipc_mux no se libera."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.18",
"versionEndExcluding": "6.0.13",
"matchCriteriaId": "44B174DE-A64C-463C-A19F-6637739691F2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E7E331DA-1FB0-4DEC-91AC-7DA69D461C11"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "17F0B248-42CF-4AE6-A469-BB1BAE7F4705"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E2422816-0C14-4B5E-A1E6-A9D776E5C49B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*",
"matchCriteriaId": "1C6E00FE-5FB9-4D20-A1A1-5A32128F9B76"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*",
"matchCriteriaId": "35B26BE4-43A6-4A36-A7F6-5B3F572D9186"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*",
"matchCriteriaId": "3FFFB0B3-930D-408A-91E2-BAE0C2715D80"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc7:*:*:*:*:*:*",
"matchCriteriaId": "8535320E-A0DB-4277-800E-D0CE5BBA59E8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc8:*:*:*:*:*:*",
"matchCriteriaId": "21718AA4-4056-40F2-968E-BDAA465A7872"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/23353efc26e98b61b925274ecbb8f0610f69a8aa", "url": "https://git.kernel.org/stable/c/23353efc26e98b61b925274ecbb8f0610f69a8aa",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/e21478d0054f63eec7ce833296cf9788764a0ec7", "url": "https://git.kernel.org/stable/c/e21478d0054f63eec7ce833296cf9788764a0ec7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

110
CVE-2022/CVE-2022-489xx/CVE-2022-48964.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-48964", "id": "CVE-2022-48964",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T20:15:08.377", "published": "2024-10-21T20:15:08.377",
"lastModified": "2024-10-23T15:13:25.583", "lastModified": "2024-10-24T19:28:48.867",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,15 +15,115 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ravb: Se corrige el posible use after free en ravb_rx_gbeth() El skb se entrega a napi_gro_receive() que puede liberarlo; despu\u00e9s de llamarlo, desreferenciar skb puede desencadenar el use after free." "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ravb: Se corrige el posible use after free en ravb_rx_gbeth() El skb se entrega a napi_gro_receive() que puede liberarlo; despu\u00e9s de llamarlo, desreferenciar skb puede desencadenar el use after free."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.0.13",
"matchCriteriaId": "389392A7-81C4-4C26-884B-8C7CF0F53DA4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E7E331DA-1FB0-4DEC-91AC-7DA69D461C11"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "17F0B248-42CF-4AE6-A469-BB1BAE7F4705"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E2422816-0C14-4B5E-A1E6-A9D776E5C49B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*",
"matchCriteriaId": "1C6E00FE-5FB9-4D20-A1A1-5A32128F9B76"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*",
"matchCriteriaId": "35B26BE4-43A6-4A36-A7F6-5B3F572D9186"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*",
"matchCriteriaId": "3FFFB0B3-930D-408A-91E2-BAE0C2715D80"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc7:*:*:*:*:*:*",
"matchCriteriaId": "8535320E-A0DB-4277-800E-D0CE5BBA59E8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc8:*:*:*:*:*:*",
"matchCriteriaId": "21718AA4-4056-40F2-968E-BDAA465A7872"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/5a5a3e564de6a8db987410c5c2f4748d50ea82b8", "url": "https://git.kernel.org/stable/c/5a5a3e564de6a8db987410c5c2f4748d50ea82b8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/e63c681494dcc0527c625a0a4f59bf10259f5ee0", "url": "https://git.kernel.org/stable/c/e63c681494dcc0527c625a0a4f59bf10259f5ee0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

105
CVE-2022/CVE-2022-490xx/CVE-2022-49009.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49009", "id": "CVE-2022-49009",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T20:15:12.373", "published": "2024-10-21T20:15:12.373",
"lastModified": "2024-10-23T15:13:25.583", "lastModified": "2024-10-24T18:59:25.877",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,15 +15,110 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: hwmon: (asus-ec-sensors) Agregar comprobaciones para devm_kcalloc Como devm_kcalloc puede devolver NULL, se debe comprobar el valor de retorno para evitar la desreferencia del puntero NULL." "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: hwmon: (asus-ec-sensors) Agregar comprobaciones para devm_kcalloc Como devm_kcalloc puede devolver NULL, se debe comprobar el valor de retorno para evitar la desreferencia del puntero NULL."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.18",
"versionEndExcluding": "6.0.12",
"matchCriteriaId": "D41C2A25-B1D2-4813-8FD5-E2F37A5A6EA3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E7E331DA-1FB0-4DEC-91AC-7DA69D461C11"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "17F0B248-42CF-4AE6-A469-BB1BAE7F4705"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E2422816-0C14-4B5E-A1E6-A9D776E5C49B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*",
"matchCriteriaId": "1C6E00FE-5FB9-4D20-A1A1-5A32128F9B76"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*",
"matchCriteriaId": "35B26BE4-43A6-4A36-A7F6-5B3F572D9186"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*",
"matchCriteriaId": "3FFFB0B3-930D-408A-91E2-BAE0C2715D80"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc7:*:*:*:*:*:*",
"matchCriteriaId": "8535320E-A0DB-4277-800E-D0CE5BBA59E8"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/9bdc112be727cf1ba65be79541147f960c3349d8", "url": "https://git.kernel.org/stable/c/9bdc112be727cf1ba65be79541147f960c3349d8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/a41ec58ac352fd176d5808af847663dc890f6053", "url": "https://git.kernel.org/stable/c/a41ec58ac352fd176d5808af847663dc890f6053",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

177
CVE-2022/CVE-2022-490xx/CVE-2022-49010.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49010", "id": "CVE-2022-49010",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T20:15:12.433", "published": "2024-10-21T20:15:12.433",
"lastModified": "2024-10-23T15:13:25.583", "lastModified": "2024-10-24T19:03:50.847",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,39 +15,194 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: hwmon: (coretemp) Verificar si hay valores nulos antes de eliminar los atributos de sysfs Si coretemp_add_core() obtiene un error, entonces pdata->core_data[indx] ya es NULL y se ha liberado. No pase eso a sysfs_remove_group() ya que eso bloquear\u00e1 sysfs_remove_group(). [Abreviado para facilitar la lectura] [91854.020159] sysfs: no se puede crear un nombre de archivo duplicado '/devices/platform/coretemp.0/hwmon/hwmon2/temp20_label' [91855.126115] ERROR: desreferencia de puntero NULL del kernel, direcci\u00f3n: 0000000000000188 [91855.165103] #PF: acceso de lectura del supervisor en modo kernel [91855.194506] #PF: error_code(0x0000) - p\u00e1gina no presente [91855.224445] PGD 0 P4D 0 [91855.238508] Oops: 0000 [#1] PREEMPT SMP PTI ... [91855.342716] RIP: 0010:sysfs_remove_group+0xc/0x80 ... [91855.796571] Seguimiento de llamadas: [91855.810524] coretemp_cpu_offline+0x12b/0x1dd [coretemp] [91855.841738] ? coretemp_cpu_online+0x180/0x180 [coretemp] [91855.871107] cpuhp_invoke_callback+0x105/0x4b0 [91855.893432] cpuhp_thread_fun+0x8e/0x150 ... Solucione esto comprobando primero si es NULL." "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: hwmon: (coretemp) Verificar si hay valores nulos antes de eliminar los atributos de sysfs Si coretemp_add_core() obtiene un error, entonces pdata->core_data[indx] ya es NULL y se ha liberado. No pase eso a sysfs_remove_group() ya que eso bloquear\u00e1 sysfs_remove_group(). [Abreviado para facilitar la lectura] [91854.020159] sysfs: no se puede crear un nombre de archivo duplicado '/devices/platform/coretemp.0/hwmon/hwmon2/temp20_label' [91855.126115] ERROR: desreferencia de puntero NULL del kernel, direcci\u00f3n: 0000000000000188 [91855.165103] #PF: acceso de lectura del supervisor en modo kernel [91855.194506] #PF: error_code(0x0000) - p\u00e1gina no presente [91855.224445] PGD 0 P4D 0 [91855.238508] Oops: 0000 [#1] PREEMPT SMP PTI ... [91855.342716] RIP: 0010:sysfs_remove_group+0xc/0x80 ... [91855.796571] Seguimiento de llamadas: [91855.810524] coretemp_cpu_offline+0x12b/0x1dd [coretemp] [91855.841738] ? coretemp_cpu_online+0x180/0x180 [coretemp] [91855.871107] cpuhp_invoke_callback+0x105/0x4b0 [91855.893432] cpuhp_thread_fun+0x8e/0x150 ... Solucione esto comprobando primero si es NULL."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.0",
"versionEndExcluding": "4.9.335",
"matchCriteriaId": "78A617B4-066E-4AA8-8440-08AD00E56A84"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.10",
"versionEndExcluding": "4.14.301",
"matchCriteriaId": "0EE18A3A-1E78-44D6-9FDB-B267E4819993"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.268",
"matchCriteriaId": "04705C94-71FA-46AB-AF73-B551892B0EBA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.226",
"matchCriteriaId": "274F5087-5805-4D03-8C74-8517300658F1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.158",
"matchCriteriaId": "D0FB1AF1-0A0B-4419-B25F-C61F17380E18"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.82",
"matchCriteriaId": "0DC20DB6-73C1-4465-B931-117BFB8EBB02"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.0.12",
"matchCriteriaId": "D6D56E90-F3EE-413D-B3E2-B518932F0C7D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E7E331DA-1FB0-4DEC-91AC-7DA69D461C11"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "17F0B248-42CF-4AE6-A469-BB1BAE7F4705"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E2422816-0C14-4B5E-A1E6-A9D776E5C49B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*",
"matchCriteriaId": "1C6E00FE-5FB9-4D20-A1A1-5A32128F9B76"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*",
"matchCriteriaId": "35B26BE4-43A6-4A36-A7F6-5B3F572D9186"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*",
"matchCriteriaId": "3FFFB0B3-930D-408A-91E2-BAE0C2715D80"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc7:*:*:*:*:*:*",
"matchCriteriaId": "8535320E-A0DB-4277-800E-D0CE5BBA59E8"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/070d5ea4a0592a37ad96ce7f7b6b024f90bb009f", "url": "https://git.kernel.org/stable/c/070d5ea4a0592a37ad96ce7f7b6b024f90bb009f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/280110db1a7d62ad635b103bafc3ae96e8bef75c", "url": "https://git.kernel.org/stable/c/280110db1a7d62ad635b103bafc3ae96e8bef75c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/7692700ac818866d138a8de555130a6e70e6ac16", "url": "https://git.kernel.org/stable/c/7692700ac818866d138a8de555130a6e70e6ac16",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/89eecabe6a47403237f45aafd7d24f93cb973653", "url": "https://git.kernel.org/stable/c/89eecabe6a47403237f45aafd7d24f93cb973653",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/a89ff5f5cc64b9fe7a992cf56988fd36f56ca82a", "url": "https://git.kernel.org/stable/c/a89ff5f5cc64b9fe7a992cf56988fd36f56ca82a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/ae6c8b6e5d5628df1c475c0a8fca1465e205c95b", "url": "https://git.kernel.org/stable/c/ae6c8b6e5d5628df1c475c0a8fca1465e205c95b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/f06e0cd01eab954bd5f2190c9faa79bb5357e05b", "url": "https://git.kernel.org/stable/c/f06e0cd01eab954bd5f2190c9faa79bb5357e05b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/fb503d077ff7b43913503eaf72995d1239028b99", "url": "https://git.kernel.org/stable/c/fb503d077ff7b43913503eaf72995d1239028b99",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

177
CVE-2022/CVE-2022-490xx/CVE-2022-49011.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49011", "id": "CVE-2022-49011",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T20:15:12.500", "published": "2024-10-21T20:15:12.500",
"lastModified": "2024-10-23T15:13:25.583", "lastModified": "2024-10-24T19:01:47.513",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,39 +15,194 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: hwmon: (coretemp) corrige la p\u00e9rdida de recuento de referencias del dispositivo pci en nv1a_ram_new() Como dice el comentario de pci_get_domain_bus_and_slot(), devuelve un dispositivo pci con un incremento de recuento de referencias, cuando termina de usarlo, el llamador debe disminuir el recuento de referencias llamando a pci_dev_put(). Por lo tanto, ll\u00e1melo despu\u00e9s de usarlo para evitar la p\u00e9rdida de recuento de referencias." "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: hwmon: (coretemp) corrige la p\u00e9rdida de recuento de referencias del dispositivo pci en nv1a_ram_new() Como dice el comentario de pci_get_domain_bus_and_slot(), devuelve un dispositivo pci con un incremento de recuento de referencias, cuando termina de usarlo, el llamador debe disminuir el recuento de referencias llamando a pci_dev_put(). Por lo tanto, ll\u00e1melo despu\u00e9s de usarlo para evitar la p\u00e9rdida de recuento de referencias."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.14",
"versionEndExcluding": "4.9.335",
"matchCriteriaId": "CBA43FBB-BF21-4B0B-8A18-FAD2E8657A32"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.10",
"versionEndExcluding": "4.14.301",
"matchCriteriaId": "0EE18A3A-1E78-44D6-9FDB-B267E4819993"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.268",
"matchCriteriaId": "04705C94-71FA-46AB-AF73-B551892B0EBA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.226",
"matchCriteriaId": "274F5087-5805-4D03-8C74-8517300658F1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.158",
"matchCriteriaId": "D0FB1AF1-0A0B-4419-B25F-C61F17380E18"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.82",
"matchCriteriaId": "0DC20DB6-73C1-4465-B931-117BFB8EBB02"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.0.12",
"matchCriteriaId": "D6D56E90-F3EE-413D-B3E2-B518932F0C7D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E7E331DA-1FB0-4DEC-91AC-7DA69D461C11"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "17F0B248-42CF-4AE6-A469-BB1BAE7F4705"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E2422816-0C14-4B5E-A1E6-A9D776E5C49B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*",
"matchCriteriaId": "1C6E00FE-5FB9-4D20-A1A1-5A32128F9B76"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*",
"matchCriteriaId": "35B26BE4-43A6-4A36-A7F6-5B3F572D9186"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*",
"matchCriteriaId": "3FFFB0B3-930D-408A-91E2-BAE0C2715D80"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc7:*:*:*:*:*:*",
"matchCriteriaId": "8535320E-A0DB-4277-800E-D0CE5BBA59E8"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/0dd1da5a15eeecb2fe4cf131b3216fb455af783c", "url": "https://git.kernel.org/stable/c/0dd1da5a15eeecb2fe4cf131b3216fb455af783c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/2f74cffc7c85f770b1b1833dccb03b8cde3be102", "url": "https://git.kernel.org/stable/c/2f74cffc7c85f770b1b1833dccb03b8cde3be102",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/6e035d5a2a6b907cfce9a80c5f442c2e459cd34e", "url": "https://git.kernel.org/stable/c/6e035d5a2a6b907cfce9a80c5f442c2e459cd34e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/7dec14537c5906b8bf40fd6fd6d9c3850f8df11d", "url": "https://git.kernel.org/stable/c/7dec14537c5906b8bf40fd6fd6d9c3850f8df11d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/bb75a0d1223d43f97089841aecb28a9b4de687a9", "url": "https://git.kernel.org/stable/c/bb75a0d1223d43f97089841aecb28a9b4de687a9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/c40db1e5f316792b557d2be37e447c20d9ac4635", "url": "https://git.kernel.org/stable/c/c40db1e5f316792b557d2be37e447c20d9ac4635",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/ea5844f946b1ec5c0b7c115cd7684f34fd48021b", "url": "https://git.kernel.org/stable/c/ea5844f946b1ec5c0b7c115cd7684f34fd48021b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/f598da27acbeee414679cacd14294db3e273e3d2", "url": "https://git.kernel.org/stable/c/f598da27acbeee414679cacd14294db3e273e3d2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

105
CVE-2022/CVE-2022-490xx/CVE-2022-49012.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49012", "id": "CVE-2022-49012",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T20:15:12.573", "published": "2024-10-21T20:15:12.573",
"lastModified": "2024-10-23T15:13:25.583", "lastModified": "2024-10-24T19:07:46.193",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,15 +15,110 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: afs: Se corrige la fuga de server->active en afs_put_server. atomic_read se reemplaz\u00f3 accidentalmente con atomic_inc_return, lo que evita que se limpie el servidor y hace que rmmod se cuelgue con una advertencia: No se puede purgar s=00000001" "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: afs: Se corrige la fuga de server->active en afs_put_server. atomic_read se reemplaz\u00f3 accidentalmente con atomic_inc_return, lo que evita que se limpie el servidor y hace que rmmod se cuelgue con una advertencia: No se puede purgar s=00000001"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-459"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.0",
"versionEndExcluding": "6.0.12",
"matchCriteriaId": "F513F5E9-B8E2-43FB-AA15-D6D48CA2B0E4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E7E331DA-1FB0-4DEC-91AC-7DA69D461C11"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "17F0B248-42CF-4AE6-A469-BB1BAE7F4705"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E2422816-0C14-4B5E-A1E6-A9D776E5C49B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*",
"matchCriteriaId": "1C6E00FE-5FB9-4D20-A1A1-5A32128F9B76"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*",
"matchCriteriaId": "35B26BE4-43A6-4A36-A7F6-5B3F572D9186"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*",
"matchCriteriaId": "3FFFB0B3-930D-408A-91E2-BAE0C2715D80"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc7:*:*:*:*:*:*",
"matchCriteriaId": "8535320E-A0DB-4277-800E-D0CE5BBA59E8"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/c5078548c29c735f71b05053659c0cb294e738ad", "url": "https://git.kernel.org/stable/c/c5078548c29c735f71b05053659c0cb294e738ad",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/ef4d3ea40565a781c25847e9cb96c1bd9f462bc6", "url": "https://git.kernel.org/stable/c/ef4d3ea40565a781c25847e9cb96c1bd9f462bc6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

141
CVE-2022/CVE-2022-490xx/CVE-2022-49013.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49013", "id": "CVE-2022-49013",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T20:15:12.637", "published": "2024-10-21T20:15:12.637",
"lastModified": "2024-10-23T15:13:25.583", "lastModified": "2024-10-24T19:09:30.677",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,27 +15,152 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: sctp: se corrige la p\u00e9rdida de memoria en sctp_stream_outq_migrate() Cuando se llama a sctp_stream_outq_migrate() para liberar recursos de salida de flujo, la memoria a la que apunta prio_head en salida de flujo no se libera. La informaci\u00f3n de p\u00e9rdida de memoria es la siguiente: objeto sin referencia 0xffff88801fe79f80 (tama\u00f1o 64): comm \"sctp_repo\", pid 7957, jiffies 4294951704 (edad 36.480s) volcado hexadecimal (primeros 32 bytes): 80 9f e7 1f 80 88 ff ff 80 9f e7 1f 80 88 ff ff ................ 90 9f e7 1f 80 88 ff ff 90 9f e7 1f 80 88 ff ff ................ backtrace: [] kmalloc_trace+0x26/0x60 [] sctp_sched_prio_set+0x4cc/0x770 [] sctp_stream_init_ext+0xd2/0x1b0 [] sctp_sendmsg_to_asoc+0x1614/0x1a30 [] sctp_sendmsg+0xda1/0x1ef0 [] inet_sendmsg+0x9d/0xe0 [] sock_sendmsg+0xd3/0x120 [] __sys_sendto+0x23a/0x340 [] __x64_sys_sendto+0xe1/0x1b0 [] hacer_llamada_al_sistema_64+0x39/0xb0 [] entrada_LLAMADA_AL_SISTEMA_64_despu\u00e9s_de_hwframe+0x63/0xcd" "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: sctp: se corrige la p\u00e9rdida de memoria en sctp_stream_outq_migrate() Cuando se llama a sctp_stream_outq_migrate() para liberar recursos de salida de flujo, la memoria a la que apunta prio_head en salida de flujo no se libera. La informaci\u00f3n de p\u00e9rdida de memoria es la siguiente: objeto sin referencia 0xffff88801fe79f80 (tama\u00f1o 64): comm \"sctp_repo\", pid 7957, jiffies 4294951704 (edad 36.480s) volcado hexadecimal (primeros 32 bytes): 80 9f e7 1f 80 88 ff ff 80 9f e7 1f 80 88 ff ff ................ 90 9f e7 1f 80 88 ff ff 90 9f e7 1f 80 88 ff ff ................ backtrace: [] kmalloc_trace+0x26/0x60 [] sctp_sched_prio_set+0x4cc/0x770 [] sctp_stream_init_ext+0xd2/0x1b0 [] sctp_sendmsg_to_asoc+0x1614/0x1a30 [] sctp_sendmsg+0xda1/0x1ef0 [] inet_sendmsg+0x9d/0xe0 [] sock_sendmsg+0xd3/0x120 [] __sys_sendto+0x23a/0x340 [] __x64_sys_sendto+0xe1/0x1b0 [] hacer_llamada_al_sistema_64+0x39/0xb0 [] entrada_LLAMADA_AL_SISTEMA_64_despu\u00e9s_de_hwframe+0x63/0xcd"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "5.4.226",
"matchCriteriaId": "9C6A9C59-A3EB-4E20-8696-8E40096052EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.158",
"matchCriteriaId": "D0FB1AF1-0A0B-4419-B25F-C61F17380E18"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.82",
"matchCriteriaId": "0DC20DB6-73C1-4465-B931-117BFB8EBB02"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.0.12",
"matchCriteriaId": "D6D56E90-F3EE-413D-B3E2-B518932F0C7D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E7E331DA-1FB0-4DEC-91AC-7DA69D461C11"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "17F0B248-42CF-4AE6-A469-BB1BAE7F4705"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E2422816-0C14-4B5E-A1E6-A9D776E5C49B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*",
"matchCriteriaId": "1C6E00FE-5FB9-4D20-A1A1-5A32128F9B76"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*",
"matchCriteriaId": "35B26BE4-43A6-4A36-A7F6-5B3F572D9186"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*",
"matchCriteriaId": "3FFFB0B3-930D-408A-91E2-BAE0C2715D80"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc7:*:*:*:*:*:*",
"matchCriteriaId": "8535320E-A0DB-4277-800E-D0CE5BBA59E8"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/0dfb9a566327182387c90100ea54d8426cee8c67", "url": "https://git.kernel.org/stable/c/0dfb9a566327182387c90100ea54d8426cee8c67",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/176ee6c673ccd118e9392fd2dbb165423bdb99ca", "url": "https://git.kernel.org/stable/c/176ee6c673ccd118e9392fd2dbb165423bdb99ca",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/9ed7bfc79542119ac0a9e1ce8a2a5285e43433e9", "url": "https://git.kernel.org/stable/c/9ed7bfc79542119ac0a9e1ce8a2a5285e43433e9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/a7555681e50bdebed2c40ff7404ee73c2e932993", "url": "https://git.kernel.org/stable/c/a7555681e50bdebed2c40ff7404ee73c2e932993",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/fa20f88271259d42ebe66f0a8c4c20199e888c99", "url": "https://git.kernel.org/stable/c/fa20f88271259d42ebe66f0a8c4c20199e888c99",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

153
CVE-2022/CVE-2022-490xx/CVE-2022-49014.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49014", "id": "CVE-2022-49014",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T20:15:12.707", "published": "2024-10-21T20:15:12.707",
"lastModified": "2024-10-23T15:12:34.673", "lastModified": "2024-10-24T18:29:23.407",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,31 +15,166 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: tun: Se corrige el use after free en tun_detach() syzbot inform\u00f3 use after free en tun_detach() [1]. Esto provoca un seguimiento de llamadas como el siguiente: ==================================================================== ERROR: KASAN: use after free en notifier_call_chain+0x1ee/0x200 kernel/notifier.c:75 Lectura de tama\u00f1o 8 en la direcci\u00f3n ffff88807324e2a8 por la tarea syz-executor.0/3673 CPU: 0 PID: 3673 Comm: syz-executor.0 No contaminado 6.1.0-rc5-syzkaller-00044-gcc675d22e422 #0 Nombre del hardware: Google Google Compute Engine/Google Compute Engine, BIOS Google 26/10/2022 Seguimiento de llamadas: __dump_stack lib/dump_stack.c:88 [en l\u00ednea] dump_stack_lvl+0xd1/0x138 lib/dump_stack.c:106 print_address_description mm/kasan/report.c:284 [en l\u00ednea] print_report+0x15e/0x461 mm/kasan/report.c:395 kasan_report+0xbf/0x1f0 mm/kasan/report.c:495 notifier_call_chain+0x1ee/0x200 kernel/notifier.c:75 call_netdevice_notifiers_info+0x86/0x130 net/core/dev.c:1942 call_netdevice_notifiers_extack net/core/dev.c:1983 [en l\u00ednea] llamar_notificadores_dispositivos_de_red net/core/dev.c:1997 [en l\u00ednea] netdev_wait_allrefs_any net/core/dev.c:10237 [en l\u00ednea] netdev_run_todo+0xbc6/0x1100 net/core/dev.c:10351 tun_detach drivers/net/tun.c:704 [en l\u00ednea] tun_chr_close+0xe4/0x190 drivers/net/tun.c:3467 __fput+0x27c/0xa90 fs/file_table.c:320 tarea_trabajo_ejecutar+0x16f/0x270 kernel/tarea_trabajo.c:179 salir_tarea_trabajo incluir/linux/tarea_trabajo.h:38 [en l\u00ednea] hacer_salir+0xb3d/0x2a30 kernel/exit.c:820 hacer_grupo_salir+0xd4/0x2a0 kernel/exit.c:950 obtener_se\u00f1al+0x21b1/0x2440 kernel/se\u00f1al.c:2858 arch_hacer_se\u00f1al_o_reiniciar+0x86/0x2300 arch/x86/kernel/signal.c:869 bucle_salir_a_modo_usuario kernel/entry/common.c:168 [en l\u00ednea] preparar_salir_a_modo_usuario+0x15f/0x250 kernel/entry/common.c:203 __syscall_salir_a_modo_usuario_trabajo kernel/entry/common.c:285 [en l\u00ednea] syscall_salir_a_modo_usuario+0x1d/0x50 kernel/entry/common.c:296 La causa del problema es que sock_put() de __tun_detach() descarta el \u00faltimo recuento de referencias para struct net y luego notifier_call_chain() de netdev_state_change() accede a ese struct net. Este parche corrige el problema llamando a sock_put() desde tun_detach() despu\u00e9s de que se hayan realizado todos los accesos necesarios para struct net." "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: tun: Se corrige el use after free en tun_detach() syzbot inform\u00f3 use after free en tun_detach() [1]. Esto provoca un seguimiento de llamadas como el siguiente: ==================================================================== ERROR: KASAN: use after free en notifier_call_chain+0x1ee/0x200 kernel/notifier.c:75 Lectura de tama\u00f1o 8 en la direcci\u00f3n ffff88807324e2a8 por la tarea syz-executor.0/3673 CPU: 0 PID: 3673 Comm: syz-executor.0 No contaminado 6.1.0-rc5-syzkaller-00044-gcc675d22e422 #0 Nombre del hardware: Google Google Compute Engine/Google Compute Engine, BIOS Google 26/10/2022 Seguimiento de llamadas: __dump_stack lib/dump_stack.c:88 [en l\u00ednea] dump_stack_lvl+0xd1/0x138 lib/dump_stack.c:106 print_address_description mm/kasan/report.c:284 [en l\u00ednea] print_report+0x15e/0x461 mm/kasan/report.c:395 kasan_report+0xbf/0x1f0 mm/kasan/report.c:495 notifier_call_chain+0x1ee/0x200 kernel/notifier.c:75 call_netdevice_notifiers_info+0x86/0x130 net/core/dev.c:1942 call_netdevice_notifiers_extack net/core/dev.c:1983 [en l\u00ednea] llamar_notificadores_dispositivos_de_red net/core/dev.c:1997 [en l\u00ednea] netdev_wait_allrefs_any net/core/dev.c:10237 [en l\u00ednea] netdev_run_todo+0xbc6/0x1100 net/core/dev.c:10351 tun_detach drivers/net/tun.c:704 [en l\u00ednea] tun_chr_close+0xe4/0x190 drivers/net/tun.c:3467 __fput+0x27c/0xa90 fs/file_table.c:320 tarea_trabajo_ejecutar+0x16f/0x270 kernel/tarea_trabajo.c:179 salir_tarea_trabajo incluir/linux/tarea_trabajo.h:38 [en l\u00ednea] hacer_salir+0xb3d/0x2a30 kernel/exit.c:820 hacer_grupo_salir+0xd4/0x2a0 kernel/exit.c:950 obtener_se\u00f1al+0x21b1/0x2440 kernel/se\u00f1al.c:2858 arch_hacer_se\u00f1al_o_reiniciar+0x86/0x2300 arch/x86/kernel/signal.c:869 bucle_salir_a_modo_usuario kernel/entry/common.c:168 [en l\u00ednea] preparar_salir_a_modo_usuario+0x15f/0x250 kernel/entry/common.c:203 __syscall_salir_a_modo_usuario_trabajo kernel/entry/common.c:285 [en l\u00ednea] syscall_salir_a_modo_usuario+0x1d/0x50 kernel/entry/common.c:296 La causa del problema es que sock_put() de __tun_detach() descarta el \u00faltimo recuento de referencias para struct net y luego notifier_call_chain() de netdev_state_change() accede a ese struct net. Este parche corrige el problema llamando a sock_put() desde tun_detach() despu\u00e9s de que se hayan realizado todos los accesos necesarios para struct net."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.17",
"versionEndExcluding": "4.19.268",
"matchCriteriaId": "F418A145-8A14-43A0-823E-F1C684FB9825"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.226",
"matchCriteriaId": "274F5087-5805-4D03-8C74-8517300658F1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.158",
"matchCriteriaId": "D0FB1AF1-0A0B-4419-B25F-C61F17380E18"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.82",
"matchCriteriaId": "0DC20DB6-73C1-4465-B931-117BFB8EBB02"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.0.12",
"matchCriteriaId": "D6D56E90-F3EE-413D-B3E2-B518932F0C7D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E7E331DA-1FB0-4DEC-91AC-7DA69D461C11"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "17F0B248-42CF-4AE6-A469-BB1BAE7F4705"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E2422816-0C14-4B5E-A1E6-A9D776E5C49B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*",
"matchCriteriaId": "1C6E00FE-5FB9-4D20-A1A1-5A32128F9B76"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*",
"matchCriteriaId": "35B26BE4-43A6-4A36-A7F6-5B3F572D9186"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*",
"matchCriteriaId": "3FFFB0B3-930D-408A-91E2-BAE0C2715D80"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc7:*:*:*:*:*:*",
"matchCriteriaId": "8535320E-A0DB-4277-800E-D0CE5BBA59E8"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/04b995e963229501401810dab89dc73e7f12d054", "url": "https://git.kernel.org/stable/c/04b995e963229501401810dab89dc73e7f12d054",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/16c244bc65d1175775325ec0489a5a5c830e02c7", "url": "https://git.kernel.org/stable/c/16c244bc65d1175775325ec0489a5a5c830e02c7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/1f23f1890d91812c35d32eab1b49621b6d32dc7b", "url": "https://git.kernel.org/stable/c/1f23f1890d91812c35d32eab1b49621b6d32dc7b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/4cde8da2d814a3b7b176db81922d4ddaad7c0f0e", "url": "https://git.kernel.org/stable/c/4cde8da2d814a3b7b176db81922d4ddaad7c0f0e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/5daadc86f27ea4d691e2131c04310d0418c6cd12", "url": "https://git.kernel.org/stable/c/5daadc86f27ea4d691e2131c04310d0418c6cd12",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/5f442e1d403e0496bacb74a58e2be7f500695e6f", "url": "https://git.kernel.org/stable/c/5f442e1d403e0496bacb74a58e2be7f500695e6f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

177
CVE-2022/CVE-2022-490xx/CVE-2022-49015.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49015", "id": "CVE-2022-49015",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T20:15:12.787", "published": "2024-10-21T20:15:12.787",
"lastModified": "2024-10-23T15:12:34.673", "lastModified": "2024-10-24T18:31:54.943",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,39 +15,194 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net:hsr: Se corrige un posible use after free. El skb se entrega a netif_rx() que puede liberarlo; despu\u00e9s de llamarlo, desreferenciar skb puede desencadenar un use after free." "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net:hsr: Se corrige un posible use after free. El skb se entrega a netif_rx() que puede liberarlo; despu\u00e9s de llamarlo, desreferenciar skb puede desencadenar un use after free."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.13",
"versionEndExcluding": "4.9.335",
"matchCriteriaId": "42B78CF7-5696-47EA-8FC2-89655FE68C51"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.10",
"versionEndExcluding": "4.14.301",
"matchCriteriaId": "0EE18A3A-1E78-44D6-9FDB-B267E4819993"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.268",
"matchCriteriaId": "04705C94-71FA-46AB-AF73-B551892B0EBA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.226",
"matchCriteriaId": "274F5087-5805-4D03-8C74-8517300658F1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.158",
"matchCriteriaId": "D0FB1AF1-0A0B-4419-B25F-C61F17380E18"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.82",
"matchCriteriaId": "0DC20DB6-73C1-4465-B931-117BFB8EBB02"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.0.12",
"matchCriteriaId": "D6D56E90-F3EE-413D-B3E2-B518932F0C7D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E7E331DA-1FB0-4DEC-91AC-7DA69D461C11"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "17F0B248-42CF-4AE6-A469-BB1BAE7F4705"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E2422816-0C14-4B5E-A1E6-A9D776E5C49B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*",
"matchCriteriaId": "1C6E00FE-5FB9-4D20-A1A1-5A32128F9B76"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*",
"matchCriteriaId": "35B26BE4-43A6-4A36-A7F6-5B3F572D9186"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*",
"matchCriteriaId": "3FFFB0B3-930D-408A-91E2-BAE0C2715D80"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc7:*:*:*:*:*:*",
"matchCriteriaId": "8535320E-A0DB-4277-800E-D0CE5BBA59E8"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/4b351609af4fdbc23f79ab2b12748f4403ea9af4", "url": "https://git.kernel.org/stable/c/4b351609af4fdbc23f79ab2b12748f4403ea9af4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/53a62c5efe91665f7a41fad0f888a96f94dc59eb", "url": "https://git.kernel.org/stable/c/53a62c5efe91665f7a41fad0f888a96f94dc59eb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/7ca81a161e406834a1fdc405fc83a572bd14b8d9", "url": "https://git.kernel.org/stable/c/7ca81a161e406834a1fdc405fc83a572bd14b8d9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/7e177d32442b7ed08a9fa61b61724abc548cb248", "url": "https://git.kernel.org/stable/c/7e177d32442b7ed08a9fa61b61724abc548cb248",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/8393ce5040803666bfa26a3a7bf41e44fab0ace9", "url": "https://git.kernel.org/stable/c/8393ce5040803666bfa26a3a7bf41e44fab0ace9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/b35d899854d5d5d58eb7d7e7c0f61afc60d3a9e9", "url": "https://git.kernel.org/stable/c/b35d899854d5d5d58eb7d7e7c0f61afc60d3a9e9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/dca370e575d9b6c983f5015e8dc035e23e219ee6", "url": "https://git.kernel.org/stable/c/dca370e575d9b6c983f5015e8dc035e23e219ee6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/f3add2b8cf620966de3ebfa07679ca12d33ec26f", "url": "https://git.kernel.org/stable/c/f3add2b8cf620966de3ebfa07679ca12d33ec26f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

117
CVE-2022/CVE-2022-490xx/CVE-2022-49016.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49016", "id": "CVE-2022-49016",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T20:15:12.840", "published": "2024-10-21T20:15:12.840",
"lastModified": "2024-10-23T15:12:34.673", "lastModified": "2024-10-24T18:35:01.597",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,19 +15,124 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: mdiobus: arregla el recuento de referencias de nodos desequilibrados Obtuve el siguiente informe mientras realizaba la prueba de carga del dispositivo (mscc-miim) con CONFIG_OF_UNITTEST y CONFIG_OF_DYNAMIC habilitados: OF: ERROR: p\u00e9rdida de memoria, se esperaba un recuento de referencias 1 en lugar de 2, of_node_get()/of_node_put() desequilibrado - destruye la entrada cset: adjuntar un nodo superpuesto /spi/soc@0/mdio@7107009c/ethernet-phy@0 Si el 'fwnode' no es un nodo acpi, el recuento de referencias se obtiene en fwnode_mdiobus_phy_device_register(), pero nunca se ha colocado cuando el dispositivo se libera en la ruta normal. Entonces llama a fwnode_handle_put() en phy_device_release() para evitar la p\u00e9rdida. Si es un nodo acpi, nunca se ha obtenido, pero se coloca en la ruta de error, por lo que se llama a fwnode_handle_get() antes de phy_device_register() para mantener equilibrada la operaci\u00f3n de obtenci\u00f3n/colocaci\u00f3n." "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: mdiobus: arregla el recuento de referencias de nodos desequilibrados Obtuve el siguiente informe mientras realizaba la prueba de carga del dispositivo (mscc-miim) con CONFIG_OF_UNITTEST y CONFIG_OF_DYNAMIC habilitados: OF: ERROR: p\u00e9rdida de memoria, se esperaba un recuento de referencias 1 en lugar de 2, of_node_get()/of_node_put() desequilibrado - destruye la entrada cset: adjuntar un nodo superpuesto /spi/soc@0/mdio@7107009c/ethernet-phy@0 Si el 'fwnode' no es un nodo acpi, el recuento de referencias se obtiene en fwnode_mdiobus_phy_device_register(), pero nunca se ha colocado cuando el dispositivo se libera en la ruta normal. Entonces llama a fwnode_handle_put() en phy_device_release() para evitar la p\u00e9rdida. Si es un nodo acpi, nunca se ha obtenido, pero se coloca en la ruta de error, por lo que se llama a fwnode_handle_get() antes de phy_device_register() para mantener equilibrada la operaci\u00f3n de obtenci\u00f3n/colocaci\u00f3n."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.14",
"versionEndExcluding": "5.15.82",
"matchCriteriaId": "6B49AE96-FD69-40D4-A29C-DC4DB7DE3CDB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.0.12",
"matchCriteriaId": "D6D56E90-F3EE-413D-B3E2-B518932F0C7D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E7E331DA-1FB0-4DEC-91AC-7DA69D461C11"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "17F0B248-42CF-4AE6-A469-BB1BAE7F4705"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E2422816-0C14-4B5E-A1E6-A9D776E5C49B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*",
"matchCriteriaId": "1C6E00FE-5FB9-4D20-A1A1-5A32128F9B76"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*",
"matchCriteriaId": "35B26BE4-43A6-4A36-A7F6-5B3F572D9186"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*",
"matchCriteriaId": "3FFFB0B3-930D-408A-91E2-BAE0C2715D80"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc7:*:*:*:*:*:*",
"matchCriteriaId": "8535320E-A0DB-4277-800E-D0CE5BBA59E8"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/2708b357440427d6a9fee667eb7b8307f4625adc", "url": "https://git.kernel.org/stable/c/2708b357440427d6a9fee667eb7b8307f4625adc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/543d917f691ab06885ee779c862065899eaa4251", "url": "https://git.kernel.org/stable/c/543d917f691ab06885ee779c862065899eaa4251",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/cdde1560118f82498fc9e9a7c1ef7f0ef7755891", "url": "https://git.kernel.org/stable/c/cdde1560118f82498fc9e9a7c1ef7f0ef7755891",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

129
CVE-2022/CVE-2022-490xx/CVE-2022-49017.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49017", "id": "CVE-2022-49017",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T20:15:12.910", "published": "2024-10-21T20:15:12.910",
"lastModified": "2024-10-23T15:12:34.673", "lastModified": "2024-10-24T18:36:13.233",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,23 +15,138 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: tipc: volver a obtener el skb cb despu\u00e9s de tipc_msg_validate Como muestra el seguimiento de la llamada, el skb original se liber\u00f3 en tipc_msg_validate(), y desreferenciar el antiguo skb cb causar\u00eda un bloqueo por use after free. ERROR: KASAN: use after free en tipc_crypto_rcv_complete+0x1835/0x2240 [tipc] Seguimiento de llamadas: tipc_crypto_rcv_complete+0x1835/0x2240 [tipc] tipc_crypto_rcv+0xd32/0x1ec0 [tipc] tipc_rcv+0x744/0x1150 [tipc] ... Asignado por la tarea 47078: kmem_cache_alloc_node+0x158/0x4d0 __alloc_skb+0x1c1/0x270 tipc_buf_acquire+0x1e/0xe0 [tipc] tipc_msg_create+0x33/0x1c0 [tipc] tipc_link_build_proto_msg+0x38a/0x2100 [tipc] tipc_link_timeout+0x8b8/0xef0 [tipc] tipc_node_timeout+0x2a1/0x960 [tipc] call_timer_fn+0x2d/0x1c0 ... Liberado por la tarea 47078: tipc_msg_validate+0x7b/0x440 [tipc] tipc_crypto_rcv_complete+0x4b5/0x2240 [tipc] tipc_crypto_rcv+0xd32/0x1ec0 [tipc] tipc_rcv+0x744/0x1150 [tipc] Este parche lo corrige volviendo a obtener el cb skb del nuevo skb asignado despu\u00e9s de llamar a tipc_msg_validate()." "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: tipc: volver a obtener el skb cb despu\u00e9s de tipc_msg_validate Como muestra el seguimiento de la llamada, el skb original se liber\u00f3 en tipc_msg_validate(), y desreferenciar el antiguo skb cb causar\u00eda un bloqueo por use after free. ERROR: KASAN: use after free en tipc_crypto_rcv_complete+0x1835/0x2240 [tipc] Seguimiento de llamadas: tipc_crypto_rcv_complete+0x1835/0x2240 [tipc] tipc_crypto_rcv+0xd32/0x1ec0 [tipc] tipc_rcv+0x744/0x1150 [tipc] ... Asignado por la tarea 47078: kmem_cache_alloc_node+0x158/0x4d0 __alloc_skb+0x1c1/0x270 tipc_buf_acquire+0x1e/0xe0 [tipc] tipc_msg_create+0x33/0x1c0 [tipc] tipc_link_build_proto_msg+0x38a/0x2100 [tipc] tipc_link_timeout+0x8b8/0xef0 [tipc] tipc_node_timeout+0x2a1/0x960 [tipc] call_timer_fn+0x2d/0x1c0 ... Liberado por la tarea 47078: tipc_msg_validate+0x7b/0x440 [tipc] tipc_crypto_rcv_complete+0x4b5/0x2240 [tipc] tipc_crypto_rcv+0xd32/0x1ec0 [tipc] tipc_rcv+0x744/0x1150 [tipc] Este parche lo corrige volviendo a obtener el cb skb del nuevo skb asignado despu\u00e9s de llamar a tipc_msg_validate()."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.158",
"matchCriteriaId": "D0FB1AF1-0A0B-4419-B25F-C61F17380E18"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.82",
"matchCriteriaId": "0DC20DB6-73C1-4465-B931-117BFB8EBB02"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.0.12",
"matchCriteriaId": "D6D56E90-F3EE-413D-B3E2-B518932F0C7D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E7E331DA-1FB0-4DEC-91AC-7DA69D461C11"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "17F0B248-42CF-4AE6-A469-BB1BAE7F4705"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E2422816-0C14-4B5E-A1E6-A9D776E5C49B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*",
"matchCriteriaId": "1C6E00FE-5FB9-4D20-A1A1-5A32128F9B76"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*",
"matchCriteriaId": "35B26BE4-43A6-4A36-A7F6-5B3F572D9186"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*",
"matchCriteriaId": "3FFFB0B3-930D-408A-91E2-BAE0C2715D80"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc7:*:*:*:*:*:*",
"matchCriteriaId": "8535320E-A0DB-4277-800E-D0CE5BBA59E8"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/1daec0815655e110c6f206c5e777a4af8168ff58", "url": "https://git.kernel.org/stable/c/1daec0815655e110c6f206c5e777a4af8168ff58",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/3067bc61fcfe3081bf4807ce65560f499e895e77", "url": "https://git.kernel.org/stable/c/3067bc61fcfe3081bf4807ce65560f499e895e77",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/a1ba595e35aa3afbe417ff0af353afb9f65559c0", "url": "https://git.kernel.org/stable/c/a1ba595e35aa3afbe417ff0af353afb9f65559c0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/e128190adb2edfd5042105b5d1ed4553f295f5ef", "url": "https://git.kernel.org/stable/c/e128190adb2edfd5042105b5d1ed4553f295f5ef",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

112
CVE-2022/CVE-2022-490xx/CVE-2022-49018.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49018", "id": "CVE-2022-49018",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T20:15:12.973", "published": "2024-10-21T20:15:12.973",
"lastModified": "2024-10-23T15:12:34.673", "lastModified": "2024-10-24T18:38:38.033",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,15 +15,117 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mptcp: se corrige la suspensi\u00f3n en atomic en el momento del cierre Matt inform\u00f3 un splat en el momento del cierre de msk: ERROR: funci\u00f3n de suspensi\u00f3n llamada desde un contexto no v\u00e1lido en net/mptcp/protocol.c:2877 in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 155, name: packetdrill preempt_count: 201, expected: 0 Profundidad de anidaci\u00f3n de RCU: 0, expected: 0 4 bloqueos mantenidos por packetdrill/155: #0: ffff888001536990 (&sb->s_type->i_mutex_key#6){+.+.}-{3:3}, en: __sock_release (net/socket.c:650) #1: ffff88800b498130 (sk_lock-AF_INET){+.+.}-{0:0}, en: mptcp_close (net/mptcp/protocol.c:2973) #2: ffff88800b49a130 (sk_lock-AF_INET/1){+.+.}-{0:0}, en: __mptcp_close_ssk (net/mptcp/protocol.c:2363) #3: ffff88800b49a0b0 (slock-AF_INET){+...}-{2:2}, en: __lock_sock_fast (include/net/sock.h:1820) Preempci\u00f3n deshabilitada en: 0x0 CPU: 1 PID: 155 Comm: packetdrill No contaminado 6.1.0-rc5 #365 Nombre del hardware: QEMU PC est\u00e1ndar (i440FX + PIIX, 1996), BIOS 1.15.0-1 01/04/2014 Seguimiento de llamadas: dump_stack_lvl (lib/dump_stack.c:107 (discriminador 4)) __might_resched.cold (kernel/sched/core.c:9891) __mptcp_destroy_sock (include/linux/kernel.h:110) __mptcp_close (net/mptcp/protocol.c:2959) mptcp_subflow_queue_clean (include/net/sock.h:1777) __mptcp_close_ssk (net/mptcp/protocol.c:2363) mptcp_destroy_common (net/mptcp/protocol.c:3170) mptcp_destroy (include/net/sock.h:1495) __mptcp_destroy_sock (net/mptcp/protocol.c:2886) __mptcp_close (net/mptcp/protocol.c:2959) mptcp_close (net/mptcp/protocol.c:2974) inet_release (net/ipv4/af_inet.c:432) __sock_release (net/socket.c:651) sock_close (net/socket.c:1367) __fput (fs/file_table.c:320) task_work_run (kernel/task_work.c:181 (discriminador 1)) salir_a_modo_usuario_preparar (include/linux/reanudar_modo_usuario.h:49) No podemos llamar a mptcp_close bajo la variante de bloqueo de socket 'r\u00e1pido', reempl\u00e1celo con sock_lock_nested() ya que el c\u00f3digo relevante ya est\u00e1 bajo la protecci\u00f3n de bloqueo de socket msk de escucha." "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mptcp: se corrige la suspensi\u00f3n en atomic en el momento del cierre Matt inform\u00f3 un splat en el momento del cierre de msk: ERROR: funci\u00f3n de suspensi\u00f3n llamada desde un contexto no v\u00e1lido en net/mptcp/protocol.c:2877 in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 155, name: packetdrill preempt_count: 201, expected: 0 Profundidad de anidaci\u00f3n de RCU: 0, expected: 0 4 bloqueos mantenidos por packetdrill/155: #0: ffff888001536990 (&sb->s_type->i_mutex_key#6){+.+.}-{3:3}, en: __sock_release (net/socket.c:650) #1: ffff88800b498130 (sk_lock-AF_INET){+.+.}-{0:0}, en: mptcp_close (net/mptcp/protocol.c:2973) #2: ffff88800b49a130 (sk_lock-AF_INET/1){+.+.}-{0:0}, en: __mptcp_close_ssk (net/mptcp/protocol.c:2363) #3: ffff88800b49a0b0 (slock-AF_INET){+...}-{2:2}, en: __lock_sock_fast (include/net/sock.h:1820) Preempci\u00f3n deshabilitada en: 0x0 CPU: 1 PID: 155 Comm: packetdrill No contaminado 6.1.0-rc5 #365 Nombre del hardware: QEMU PC est\u00e1ndar (i440FX + PIIX, 1996), BIOS 1.15.0-1 01/04/2014 Seguimiento de llamadas: dump_stack_lvl (lib/dump_stack.c:107 (discriminador 4)) __might_resched.cold (kernel/sched/core.c:9891) __mptcp_destroy_sock (include/linux/kernel.h:110) __mptcp_close (net/mptcp/protocol.c:2959) mptcp_subflow_queue_clean (include/net/sock.h:1777) __mptcp_close_ssk (net/mptcp/protocol.c:2363) mptcp_destroy_common (net/mptcp/protocol.c:3170) mptcp_destroy (include/net/sock.h:1495) __mptcp_destroy_sock (net/mptcp/protocol.c:2886) __mptcp_close (net/mptcp/protocol.c:2959) mptcp_close (net/mptcp/protocol.c:2974) inet_release (net/ipv4/af_inet.c:432) __sock_release (net/socket.c:651) sock_close (net/socket.c:1367) __fput (fs/file_table.c:320) task_work_run (kernel/task_work.c:181 (discriminador 1)) salir_a_modo_usuario_preparar (include/linux/reanudar_modo_usuario.h:49) No podemos llamar a mptcp_close bajo la variante de bloqueo de socket 'r\u00e1pido', reempl\u00e1celo con sock_lock_nested() ya que el c\u00f3digo relevante ya est\u00e1 bajo la protecci\u00f3n de bloqueo de socket msk de escucha."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-667"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.19.14",
"versionEndExcluding": "6.0",
"matchCriteriaId": "D2B58E9C-FBF6-43D8-AB7E-A1076CD9AED2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.0",
"versionEndExcluding": "6.0.12",
"matchCriteriaId": "F513F5E9-B8E2-43FB-AA15-D6D48CA2B0E4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E7E331DA-1FB0-4DEC-91AC-7DA69D461C11"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "17F0B248-42CF-4AE6-A469-BB1BAE7F4705"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E2422816-0C14-4B5E-A1E6-A9D776E5C49B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*",
"matchCriteriaId": "1C6E00FE-5FB9-4D20-A1A1-5A32128F9B76"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*",
"matchCriteriaId": "35B26BE4-43A6-4A36-A7F6-5B3F572D9186"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*",
"matchCriteriaId": "3FFFB0B3-930D-408A-91E2-BAE0C2715D80"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc7:*:*:*:*:*:*",
"matchCriteriaId": "8535320E-A0DB-4277-800E-D0CE5BBA59E8"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/b4f166651d03b5484fa179817ba8ad4899a5a6ac", "url": "https://git.kernel.org/stable/c/b4f166651d03b5484fa179817ba8ad4899a5a6ac",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/d8e6c5500dbf0f3e87aace90d4beba6ae928e866", "url": "https://git.kernel.org/stable/c/d8e6c5500dbf0f3e87aace90d4beba6ae928e866",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

141
CVE-2022/CVE-2022-490xx/CVE-2022-49019.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49019", "id": "CVE-2022-49019",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T20:15:13.040", "published": "2024-10-21T20:15:13.040",
"lastModified": "2024-10-23T15:12:34.673", "lastModified": "2024-10-24T18:43:50.413",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,27 +15,152 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: ethernet: nixge: fix NULL dereference En la funci\u00f3n nixge_hw_dma_bd_release(), es posible desreferenciar el puntero NULL priv->rx_bd_v en caso de que falle su asignaci\u00f3n en nixge_hw_dma_bd_init(). Mueva el bucle for() con la desreferencia priv->rx_bd_v bajo la verificaci\u00f3n de su validez. Encontrado por Linux Verification Center (linuxtesting.org) con SVACE." "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: ethernet: nixge: fix NULL dereference En la funci\u00f3n nixge_hw_dma_bd_release(), es posible desreferenciar el puntero NULL priv->rx_bd_v en caso de que falle su asignaci\u00f3n en nixge_hw_dma_bd_init(). Mueva el bucle for() con la desreferencia priv->rx_bd_v bajo la verificaci\u00f3n de su validez. Encontrado por Linux Verification Center (linuxtesting.org) con SVACE."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.17",
"versionEndExcluding": "5.4.226",
"matchCriteriaId": "7B8F7CF0-7F50-4543-87DD-CDAD13FA2425"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.158",
"matchCriteriaId": "D0FB1AF1-0A0B-4419-B25F-C61F17380E18"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.82",
"matchCriteriaId": "0DC20DB6-73C1-4465-B931-117BFB8EBB02"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.0.12",
"matchCriteriaId": "D6D56E90-F3EE-413D-B3E2-B518932F0C7D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E7E331DA-1FB0-4DEC-91AC-7DA69D461C11"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "17F0B248-42CF-4AE6-A469-BB1BAE7F4705"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E2422816-0C14-4B5E-A1E6-A9D776E5C49B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*",
"matchCriteriaId": "1C6E00FE-5FB9-4D20-A1A1-5A32128F9B76"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*",
"matchCriteriaId": "35B26BE4-43A6-4A36-A7F6-5B3F572D9186"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*",
"matchCriteriaId": "3FFFB0B3-930D-408A-91E2-BAE0C2715D80"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc7:*:*:*:*:*:*",
"matchCriteriaId": "8535320E-A0DB-4277-800E-D0CE5BBA59E8"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/45752af0247589e6d3dede577415bfe117b4392c", "url": "https://git.kernel.org/stable/c/45752af0247589e6d3dede577415bfe117b4392c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/80e82f7b440b65cf131dce10f487dc73a7046e6b", "url": "https://git.kernel.org/stable/c/80e82f7b440b65cf131dce10f487dc73a7046e6b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/910c0264b64ef2dad8887714a7c56c93e39a0ed3", "url": "https://git.kernel.org/stable/c/910c0264b64ef2dad8887714a7c56c93e39a0ed3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/9256db4e45e8b497b0e993cc3ed4ad08eb2389b6", "url": "https://git.kernel.org/stable/c/9256db4e45e8b497b0e993cc3ed4ad08eb2389b6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/9c584d6d9cfb935dce8fc81a4c26debac0a3049b", "url": "https://git.kernel.org/stable/c/9c584d6d9cfb935dce8fc81a4c26debac0a3049b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

177
CVE-2022/CVE-2022-490xx/CVE-2022-49020.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49020", "id": "CVE-2022-49020",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T20:15:13.100", "published": "2024-10-21T20:15:13.100",
"lastModified": "2024-10-23T15:12:34.673", "lastModified": "2024-10-24T18:43:20.887",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,39 +15,194 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net/9p: Se soluciona una posible fuga de socket en p9_socket_open Tanto p9_fd_create_tcp() como p9_fd_create_unix() llamar\u00e1n a p9_socket_open(). Si la creaci\u00f3n de p9_trans_fd fallo, p9_fd_create_tcp() y p9_fd_create_unix() devolver\u00e1n un error directamente en lugar de liberar el cscoket, lo que provocar\u00e1 una fuga de socket. Este parche agrega sock_release() para solucionar el problema de la fuga." "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net/9p: Se soluciona una posible fuga de socket en p9_socket_open Tanto p9_fd_create_tcp() como p9_fd_create_unix() llamar\u00e1n a p9_socket_open(). Si la creaci\u00f3n de p9_trans_fd fallo, p9_fd_create_tcp() y p9_fd_create_unix() devolver\u00e1n un error directamente en lugar de liberar el cscoket, lo que provocar\u00e1 una fuga de socket. Este parche agrega sock_release() para solucionar el problema de la fuga."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.6.33",
"versionEndExcluding": "4.9.335",
"matchCriteriaId": "136F2799-F7E6-44CC-9C33-543F433340FC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.10",
"versionEndExcluding": "4.14.301",
"matchCriteriaId": "0EE18A3A-1E78-44D6-9FDB-B267E4819993"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.268",
"matchCriteriaId": "04705C94-71FA-46AB-AF73-B551892B0EBA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.226",
"matchCriteriaId": "274F5087-5805-4D03-8C74-8517300658F1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.158",
"matchCriteriaId": "D0FB1AF1-0A0B-4419-B25F-C61F17380E18"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.82",
"matchCriteriaId": "0DC20DB6-73C1-4465-B931-117BFB8EBB02"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.0.12",
"matchCriteriaId": "D6D56E90-F3EE-413D-B3E2-B518932F0C7D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E7E331DA-1FB0-4DEC-91AC-7DA69D461C11"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "17F0B248-42CF-4AE6-A469-BB1BAE7F4705"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E2422816-0C14-4B5E-A1E6-A9D776E5C49B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*",
"matchCriteriaId": "1C6E00FE-5FB9-4D20-A1A1-5A32128F9B76"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*",
"matchCriteriaId": "35B26BE4-43A6-4A36-A7F6-5B3F572D9186"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*",
"matchCriteriaId": "3FFFB0B3-930D-408A-91E2-BAE0C2715D80"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc7:*:*:*:*:*:*",
"matchCriteriaId": "8535320E-A0DB-4277-800E-D0CE5BBA59E8"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/0396227f4daf4792a6a8aaa3b7771dc25c4cd443", "url": "https://git.kernel.org/stable/c/0396227f4daf4792a6a8aaa3b7771dc25c4cd443",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/2d24d91b9f44620824fc37b766f7cae00ca32748", "url": "https://git.kernel.org/stable/c/2d24d91b9f44620824fc37b766f7cae00ca32748",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/8782b32ef867de7981bbe9e86ecb90e92e8780bd", "url": "https://git.kernel.org/stable/c/8782b32ef867de7981bbe9e86ecb90e92e8780bd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/8b14bd0b500aec1458b51cb621c8e5fab3304260", "url": "https://git.kernel.org/stable/c/8b14bd0b500aec1458b51cb621c8e5fab3304260",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/aa08323fe18cb7cf95317ffa2d54ca1de8e74ebd", "url": "https://git.kernel.org/stable/c/aa08323fe18cb7cf95317ffa2d54ca1de8e74ebd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/dcc14cfd7debe11b825cb077e75d91d2575b4cb8", "url": "https://git.kernel.org/stable/c/dcc14cfd7debe11b825cb077e75d91d2575b4cb8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/ded893965b895b2dccd3d1436d8d3daffa23ea64", "url": "https://git.kernel.org/stable/c/ded893965b895b2dccd3d1436d8d3daffa23ea64",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/e01c1542379fb395e7da53706df598f38905dfbf", "url": "https://git.kernel.org/stable/c/e01c1542379fb395e7da53706df598f38905dfbf",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

177
CVE-2022/CVE-2022-490xx/CVE-2022-49021.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49021", "id": "CVE-2022-49021",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T20:15:13.163", "published": "2024-10-21T20:15:13.163",
"lastModified": "2024-10-23T15:12:34.673", "lastModified": "2024-10-24T18:44:24.567",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,39 +15,194 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: phy: fix null-ptr-deref while probe() failed Obtuve un informe null-ptr-deref como el siguiente al realizar la prueba de inyecci\u00f3n de fallos: ERROR: desreferencia de puntero NULL del kernel, direcci\u00f3n: 0000000000000058 Oops: 0000 [#1] PREEMPT SMP KASAN PTI CPU: 1 PID: 253 Comm: 507-spi-dm9051 Tainted: GBN 6.1.0-rc3+ Nombre del hardware: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 04/01/2014 RIP: 0010:klist_put+0x2d/0xd0 Rastreo de llamadas: klist_remove+0xf1/0x1c0 device_release_driver_internal+0x23e/0x2d0 bus_remove_device+0x1bd/0x240 device_del+0x357/0x770 phy_device_remove+0x11/0x30 mdiobus_unregister+0xa5/0x140 release_nodes+0x6a/0xa0 devres_release_all+0xf8/0x150 device_unbind_cleanup+0x19/0xd0 //ruta de la sonda: phy_device_register() device_add() phy_connect phy_attach_direct() //establecer el controlador del dispositivo probe() //ha fallodo, el controlador no est\u00e1 vinculado device_bind_driver() //la sonda ha fallodo, no se llama //ruta de eliminaci\u00f3n: phy_device_remove() device_del() device_release_driver_internal() __device_release_driver() //dev->drv no es NULL klist_remove() <- knode_driver a\u00fan no se agreg\u00f3, causa null-ptr-deref En phy_attach_direct(), despu\u00e9s de configurar 'dev->driver', probe() fallo, device_bind_driver() no se llama, por lo que knode_driver->n_klist no est\u00e1 configurado, luego causa null-ptr-deref en __device_release_driver() mientras se elimina el dispositivo. Solucione esto configurando dev->driver en NULL en la ruta de error en phy_attach_direct()." "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: phy: fix null-ptr-deref while probe() failed Obtuve un informe null-ptr-deref como el siguiente al realizar la prueba de inyecci\u00f3n de fallos: ERROR: desreferencia de puntero NULL del kernel, direcci\u00f3n: 0000000000000058 Oops: 0000 [#1] PREEMPT SMP KASAN PTI CPU: 1 PID: 253 Comm: 507-spi-dm9051 Tainted: GBN 6.1.0-rc3+ Nombre del hardware: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 04/01/2014 RIP: 0010:klist_put+0x2d/0xd0 Rastreo de llamadas: klist_remove+0xf1/0x1c0 device_release_driver_internal+0x23e/0x2d0 bus_remove_device+0x1bd/0x240 device_del+0x357/0x770 phy_device_remove+0x11/0x30 mdiobus_unregister+0xa5/0x140 release_nodes+0x6a/0xa0 devres_release_all+0xf8/0x150 device_unbind_cleanup+0x19/0xd0 //ruta de la sonda: phy_device_register() device_add() phy_connect phy_attach_direct() //establecer el controlador del dispositivo probe() //ha fallodo, el controlador no est\u00e1 vinculado device_bind_driver() //la sonda ha fallodo, no se llama //ruta de eliminaci\u00f3n: phy_device_remove() device_del() device_release_driver_internal() __device_release_driver() //dev->drv no es NULL klist_remove() <- knode_driver a\u00fan no se agreg\u00f3, causa null-ptr-deref En phy_attach_direct(), despu\u00e9s de configurar 'dev->driver', probe() fallo, device_bind_driver() no se llama, por lo que knode_driver->n_klist no est\u00e1 configurado, luego causa null-ptr-deref en __device_release_driver() mientras se elimina el dispositivo. Solucione esto configurando dev->driver en NULL en la ruta de error en phy_attach_direct()."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.6.14",
"versionEndExcluding": "4.9.335",
"matchCriteriaId": "DF95240D-8688-4572-B73C-F0DC8473CE27"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.10",
"versionEndExcluding": "4.14.301",
"matchCriteriaId": "0EE18A3A-1E78-44D6-9FDB-B267E4819993"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.268",
"matchCriteriaId": "04705C94-71FA-46AB-AF73-B551892B0EBA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.226",
"matchCriteriaId": "274F5087-5805-4D03-8C74-8517300658F1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.158",
"matchCriteriaId": "D0FB1AF1-0A0B-4419-B25F-C61F17380E18"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.82",
"matchCriteriaId": "0DC20DB6-73C1-4465-B931-117BFB8EBB02"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.0.12",
"matchCriteriaId": "D6D56E90-F3EE-413D-B3E2-B518932F0C7D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E7E331DA-1FB0-4DEC-91AC-7DA69D461C11"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "17F0B248-42CF-4AE6-A469-BB1BAE7F4705"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E2422816-0C14-4B5E-A1E6-A9D776E5C49B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*",
"matchCriteriaId": "1C6E00FE-5FB9-4D20-A1A1-5A32128F9B76"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*",
"matchCriteriaId": "35B26BE4-43A6-4A36-A7F6-5B3F572D9186"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*",
"matchCriteriaId": "3FFFB0B3-930D-408A-91E2-BAE0C2715D80"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc7:*:*:*:*:*:*",
"matchCriteriaId": "8535320E-A0DB-4277-800E-D0CE5BBA59E8"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/0744c7be4de564db03e24527b2e096b7e0e20972", "url": "https://git.kernel.org/stable/c/0744c7be4de564db03e24527b2e096b7e0e20972",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/369eb2c9f1f72adbe91e0ea8efb130f0a2ba11a6", "url": "https://git.kernel.org/stable/c/369eb2c9f1f72adbe91e0ea8efb130f0a2ba11a6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/3e21f85d87c836462bb52ef2078ea561260935c1", "url": "https://git.kernel.org/stable/c/3e21f85d87c836462bb52ef2078ea561260935c1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/51d7f6b20fae8bae64ad1136f1e30d1fd5ba78f7", "url": "https://git.kernel.org/stable/c/51d7f6b20fae8bae64ad1136f1e30d1fd5ba78f7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/7730904f50c7187dd16c76949efb56b5fb55cd57", "url": "https://git.kernel.org/stable/c/7730904f50c7187dd16c76949efb56b5fb55cd57",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/8aaafe0f71314f46a066382a047ba8bb3840d273", "url": "https://git.kernel.org/stable/c/8aaafe0f71314f46a066382a047ba8bb3840d273",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/eaa5722549ac2604ffa56c2e946acc83226f130c", "url": "https://git.kernel.org/stable/c/eaa5722549ac2604ffa56c2e946acc83226f130c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/fe6bc99c27c21348f548966118867ed26a9a372c", "url": "https://git.kernel.org/stable/c/fe6bc99c27c21348f548966118867ed26a9a372c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

129
CVE-2022/CVE-2022-490xx/CVE-2022-49022.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49022", "id": "CVE-2022-49022",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T20:15:13.233", "published": "2024-10-21T20:15:13.233",
"lastModified": "2024-10-23T15:12:34.673", "lastModified": "2024-10-24T18:48:52.560",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,23 +15,138 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: wifi: mac8021: se corrige un posible acceso fuera de los l\u00edmites en ieee80211_get_rate_duration Se corrige un posible acceso fuera de los l\u00edmites en la rutina ieee80211_get_rate_duration seg\u00fan lo informado por el siguiente informe de UBSAN: UBSAN: array-index-out-of-bounds en net/mac80211/airtime.c:455:47 el \u00edndice 15 est\u00e1 fuera de rango para el tipo 'u16 [12]' CPU: 2 PID: 217 Comm: kworker/u32:10 No contaminado 6.1.0-060100rc3-generic Nombre del hardware: Acer Aspire TC-281/Aspire TC-281, BIOS R01-A2 18/07/2017 Cola de trabajo: mt76 mt76u_tx_status_data [mt76_usb] Seguimiento de llamadas: show_stack+0x4e/0x61 dump_stack_lvl+0x4a/0x6f dump_stack+0x10/0x18 ubsan_epilogue+0x9/0x43 __ubsan_handle_out_of_bounds.cold+0x42/0x47 ieee80211_get_rate_duration.constprop.0+0x22f/0x2a0 [mac80211] ? ieee80211_tx_status_ext+0x32e/0x640 [mac80211] ieee80211_calc_rx_airtime+0xda/0x120 [mac80211] ieee80211_calc_tx_airtime+0xb4/0x100 [mac80211] mt76x02_send_tx_status+0x266/0x480 [mt76x02_lib] mt76x02_tx_status_data+0x52/0x80 [mt76x02_lib] mt76u_tx_status_data+0x67/0xd0 [mt76_usb] proceso_uno_trabajo+0x225/0x400 subproceso_de_trabajo+0x50/0x3e0 ? proceso_uno_trabajo+0x400/0x400 subproceso_k+0xe9/0x110 ? subproceso_k_completo_y_salida+0x20/0x20 ret_de_la_bifurcaci\u00f3n+0x22/0x30" "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: wifi: mac8021: se corrige un posible acceso fuera de los l\u00edmites en ieee80211_get_rate_duration Se corrige un posible acceso fuera de los l\u00edmites en la rutina ieee80211_get_rate_duration seg\u00fan lo informado por el siguiente informe de UBSAN: UBSAN: array-index-out-of-bounds en net/mac80211/airtime.c:455:47 el \u00edndice 15 est\u00e1 fuera de rango para el tipo 'u16 [12]' CPU: 2 PID: 217 Comm: kworker/u32:10 No contaminado 6.1.0-060100rc3-generic Nombre del hardware: Acer Aspire TC-281/Aspire TC-281, BIOS R01-A2 18/07/2017 Cola de trabajo: mt76 mt76u_tx_status_data [mt76_usb] Seguimiento de llamadas: show_stack+0x4e/0x61 dump_stack_lvl+0x4a/0x6f dump_stack+0x10/0x18 ubsan_epilogue+0x9/0x43 __ubsan_handle_out_of_bounds.cold+0x42/0x47 ieee80211_get_rate_duration.constprop.0+0x22f/0x2a0 [mac80211] ? ieee80211_tx_status_ext+0x32e/0x640 [mac80211] ieee80211_calc_rx_airtime+0xda/0x120 [mac80211] ieee80211_calc_tx_airtime+0xb4/0x100 [mac80211] mt76x02_send_tx_status+0x266/0x480 [mt76x02_lib] mt76x02_tx_status_data+0x52/0x80 [mt76x02_lib] mt76u_tx_status_data+0x67/0xd0 [mt76_usb] proceso_uno_trabajo+0x225/0x400 subproceso_de_trabajo+0x50/0x3e0 ? proceso_uno_trabajo+0x400/0x400 subproceso_k+0xe9/0x110 ? subproceso_k_completo_y_salida+0x20/0x20 ret_de_la_bifurcaci\u00f3n+0x22/0x30"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-129"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.158",
"matchCriteriaId": "D0FB1AF1-0A0B-4419-B25F-C61F17380E18"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.82",
"matchCriteriaId": "0DC20DB6-73C1-4465-B931-117BFB8EBB02"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.0.12",
"matchCriteriaId": "D6D56E90-F3EE-413D-B3E2-B518932F0C7D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E7E331DA-1FB0-4DEC-91AC-7DA69D461C11"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "17F0B248-42CF-4AE6-A469-BB1BAE7F4705"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E2422816-0C14-4B5E-A1E6-A9D776E5C49B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*",
"matchCriteriaId": "1C6E00FE-5FB9-4D20-A1A1-5A32128F9B76"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*",
"matchCriteriaId": "35B26BE4-43A6-4A36-A7F6-5B3F572D9186"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*",
"matchCriteriaId": "3FFFB0B3-930D-408A-91E2-BAE0C2715D80"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc7:*:*:*:*:*:*",
"matchCriteriaId": "8535320E-A0DB-4277-800E-D0CE5BBA59E8"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/0184ede0ec61b9cd075babfaa45081b1bf322234", "url": "https://git.kernel.org/stable/c/0184ede0ec61b9cd075babfaa45081b1bf322234",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/3e8f7abcc3473bc9603323803aeaed4ffcc3a2ab", "url": "https://git.kernel.org/stable/c/3e8f7abcc3473bc9603323803aeaed4ffcc3a2ab",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/59b54f0563b6546c94bdb6823d3b382c75407019", "url": "https://git.kernel.org/stable/c/59b54f0563b6546c94bdb6823d3b382c75407019",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/f0fcad4c7201ecfaa17357f4ce0c50b4708df22d", "url": "https://git.kernel.org/stable/c/f0fcad4c7201ecfaa17357f4ce0c50b4708df22d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

129
CVE-2022/CVE-2022-490xx/CVE-2022-49030.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49030", "id": "CVE-2022-49030",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T20:15:13.747", "published": "2024-10-21T20:15:13.747",
"lastModified": "2024-10-23T15:12:34.673", "lastModified": "2024-10-24T18:42:07.703",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,23 +15,138 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: libbpf: desbordamiento de tama\u00f1o del controlador para ringbuf mmap El tama\u00f1o m\u00e1ximo de ringbuf es de 2 GB en un host x86-64, por lo que 2 * max_entries desbordar\u00e1n u32 al asignar la p\u00e1gina del productor y las p\u00e1ginas de datos. Solo convertir max_entries a size_t no es suficiente, porque para la aplicaci\u00f3n de 32 bits en un kernel de 64 bits, el tama\u00f1o de la regi\u00f3n mmap de solo lectura tambi\u00e9n podr\u00eda desbordar size_t. Entonces, arr\u00e9glelo convirtiendo el tama\u00f1o de la regi\u00f3n mmap de solo lectura en __u64 y verificando si habr\u00e1 o no desbordamiento durante mmap." "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: libbpf: desbordamiento de tama\u00f1o del controlador para ringbuf mmap El tama\u00f1o m\u00e1ximo de ringbuf es de 2 GB en un host x86-64, por lo que 2 * max_entries desbordar\u00e1n u32 al asignar la p\u00e1gina del productor y las p\u00e1ginas de datos. Solo convertir max_entries a size_t no es suficiente, porque para la aplicaci\u00f3n de 32 bits en un kernel de 64 bits, el tama\u00f1o de la regi\u00f3n mmap de solo lectura tambi\u00e9n podr\u00eda desbordar size_t. Entonces, arr\u00e9glelo convirtiendo el tama\u00f1o de la regi\u00f3n mmap de solo lectura en __u64 y verificando si habr\u00e1 o no desbordamiento durante mmap."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.8",
"versionEndExcluding": "5.10.158",
"matchCriteriaId": "7D209983-E824-4989-9782-937639AA49FC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.82",
"matchCriteriaId": "0DC20DB6-73C1-4465-B931-117BFB8EBB02"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.0.12",
"matchCriteriaId": "D6D56E90-F3EE-413D-B3E2-B518932F0C7D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E7E331DA-1FB0-4DEC-91AC-7DA69D461C11"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "17F0B248-42CF-4AE6-A469-BB1BAE7F4705"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E2422816-0C14-4B5E-A1E6-A9D776E5C49B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*",
"matchCriteriaId": "1C6E00FE-5FB9-4D20-A1A1-5A32128F9B76"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*",
"matchCriteriaId": "35B26BE4-43A6-4A36-A7F6-5B3F572D9186"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*",
"matchCriteriaId": "3FFFB0B3-930D-408A-91E2-BAE0C2715D80"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc7:*:*:*:*:*:*",
"matchCriteriaId": "8535320E-A0DB-4277-800E-D0CE5BBA59E8"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/0140e079a42064680394fff1199a7b5483688dec", "url": "https://git.kernel.org/stable/c/0140e079a42064680394fff1199a7b5483688dec",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/535a25ab4f9a45f74ba38ab71de95e97474922ed", "url": "https://git.kernel.org/stable/c/535a25ab4f9a45f74ba38ab71de95e97474922ed",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/8a549ab6724520aa3c07f47e0eba820293551490", "url": "https://git.kernel.org/stable/c/8a549ab6724520aa3c07f47e0eba820293551490",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/927cbb478adf917e0a142b94baa37f06279cc466", "url": "https://git.kernel.org/stable/c/927cbb478adf917e0a142b94baa37f06279cc466",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

57
CVE-2023/CVE-2023-385xx/CVE-2023-38566.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-38566", "id": "CVE-2023-38566",
"sourceIdentifier": "secure@intel.com", "sourceIdentifier": "secure@intel.com",
"published": "2024-02-14T14:16:01.670", "published": "2024-02-14T14:16:01.670",
"lastModified": "2024-02-14T15:01:46.050", "lastModified": "2024-10-24T19:14:10.307",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -17,6 +17,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{ {
"source": "secure@intel.com", "source": "secure@intel.com",
"type": "Secondary", "type": "Secondary",
@ -40,6 +60,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
},
{ {
"source": "secure@intel.com", "source": "secure@intel.com",
"type": "Secondary", "type": "Secondary",
@ -51,10 +81,31 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intel:implicit_spmd_program_compiler:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.21.0",
"matchCriteriaId": "1EF64A27-6BA8-4DBB-9E1C-7D82499AB470"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00994.html", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00994.html",
"source": "secure@intel.com" "source": "secure@intel.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

57
CVE-2023/CVE-2023-394xx/CVE-2023-39432.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39432", "id": "CVE-2023-39432",
"sourceIdentifier": "secure@intel.com", "sourceIdentifier": "secure@intel.com",
"published": "2024-02-14T14:16:02.880", "published": "2024-02-14T14:16:02.880",
"lastModified": "2024-02-14T15:01:46.050", "lastModified": "2024-10-24T19:13:32.777",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -17,6 +17,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{ {
"source": "secure@intel.com", "source": "secure@intel.com",
"type": "Secondary", "type": "Secondary",
@ -40,6 +60,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{ {
"source": "secure@intel.com", "source": "secure@intel.com",
"type": "Secondary", "type": "Secondary",
@ -51,10 +81,31 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intel:ethernet_adapter_complete_driver:*:*:*:*:*:*:*:*",
"versionEndExcluding": "28.2",
"matchCriteriaId": "B65F456A-03EB-4094-B7C2-D6CBED49C749"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00993.html", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00993.html",
"source": "secure@intel.com" "source": "secure@intel.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

57
CVE-2023/CVE-2023-399xx/CVE-2023-39932.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39932", "id": "CVE-2023-39932",
"sourceIdentifier": "secure@intel.com", "sourceIdentifier": "secure@intel.com",
"published": "2024-02-14T14:16:03.540", "published": "2024-02-14T14:16:03.540",
"lastModified": "2024-02-14T15:01:46.050", "lastModified": "2024-10-24T19:04:48.510",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -17,6 +17,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{ {
"source": "secure@intel.com", "source": "secure@intel.com",
"type": "Secondary", "type": "Secondary",
@ -40,6 +60,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
},
{ {
"source": "secure@intel.com", "source": "secure@intel.com",
"type": "Secondary", "type": "Secondary",
@ -51,10 +81,31 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intel:system_usage_report_for_gameplay:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0.1901",
"matchCriteriaId": "B14A97A1-E617-4C3A-BC3A-3025CAD906C0"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01004.html", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01004.html",
"source": "secure@intel.com" "source": "secure@intel.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

57
CVE-2023/CVE-2023-399xx/CVE-2023-39941.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39941", "id": "CVE-2023-39941",
"sourceIdentifier": "secure@intel.com", "sourceIdentifier": "secure@intel.com",
"published": "2024-02-14T14:16:04.240", "published": "2024-02-14T14:16:04.240",
"lastModified": "2024-02-14T15:01:46.050", "lastModified": "2024-10-24T19:28:18.327",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -17,6 +17,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{ {
"source": "secure@intel.com", "source": "secure@intel.com",
"type": "Secondary", "type": "Secondary",
@ -40,6 +60,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{ {
"source": "secure@intel.com", "source": "secure@intel.com",
"type": "Secondary", "type": "Secondary",
@ -51,10 +81,31 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intel:system_usage_report_for_gameplay:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.4.10587",
"matchCriteriaId": "4237A233-6949-4C50-8AE4-975F18C1B58B"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00998.html", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00998.html",
"source": "secure@intel.com" "source": "secure@intel.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

57
CVE-2023/CVE-2023-410xx/CVE-2023-41091.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41091", "id": "CVE-2023-41091",
"sourceIdentifier": "secure@intel.com", "sourceIdentifier": "secure@intel.com",
"published": "2024-02-14T14:16:05.587", "published": "2024-02-14T14:16:05.587",
"lastModified": "2024-02-14T15:01:46.050", "lastModified": "2024-10-24T19:14:34.080",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -17,6 +17,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{ {
"source": "secure@intel.com", "source": "secure@intel.com",
"type": "Secondary", "type": "Secondary",
@ -40,6 +60,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
},
{ {
"source": "secure@intel.com", "source": "secure@intel.com",
"type": "Secondary", "type": "Secondary",
@ -51,10 +81,31 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intel:mpi_library:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2021.11",
"matchCriteriaId": "B18F3FAB-D682-481E-BBFD-6C67C5ACFB90"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01005.html", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01005.html",
"source": "secure@intel.com" "source": "secure@intel.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

8
CVE-2023/CVE-2023-481xx/CVE-2023-48194.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-48194", "id": "CVE-2023-48194",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-07-09T18:15:08.790", "published": "2024-07-09T18:15:08.790",
"lastModified": "2024-07-12T17:13:57.027", "lastModified": "2024-10-24T18:15:05.247",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -124,6 +124,10 @@
"tags": [ "tags": [
"Exploit" "Exploit"
] ]
},
{
"url": "https://www.tenda.com.cn/download/detail-3683.html",
"source": "cve@mitre.org"
} }
] ]
} }

4
CVE-2023/CVE-2023-58xx/CVE-2023-5824.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2023-5824", "id": "CVE-2023-5824",
"sourceIdentifier": "secalert@redhat.com", "sourceIdentifier": "secalert@redhat.com",
"published": "2023-11-03T08:15:08.270", "published": "2023-11-03T08:15:08.270",
"lastModified": "2024-09-16T16:15:09.590", "lastModified": "2024-10-24T18:15:05.393",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Squid is vulnerable to Denial of Service attack against HTTP and HTTPS clients due to an Improper Handling of Structural Elements bug." "value": "A flaw was found in Squid. The limits applied for validation of HTTP response headers are applied before caching. However, Squid may grow a cached HTTP response header beyond the configured maximum size, causing a stall or crash of the worker process when a large header is retrieved from the disk cache, resulting in a denial of service."
}, },
{ {
"lang": "es", "lang": "es",

60
CVE-2024/CVE-2024-102xx/CVE-2024-10295.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-10295",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-10-24T18:15:05.597",
"lastModified": "2024-10-24T19:35:03.070",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in Gateway. Sending a non-base64 'basic' auth with special characters can cause APICast to incorrectly authenticate a request. A malformed basic authentication header containing special characters bypasses authentication and allows unauthorized access to the backend. This issue can occur due to a failure in the base64 decoding process, which causes APICast to skip the rest of the authentication checks and proceed with routing the request upstream."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secalert@redhat.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2024-10295",
"source": "secalert@redhat.com"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2321258",
"source": "secalert@redhat.com"
}
]
}

100
CVE-2024/CVE-2024-103xx/CVE-2024-10313.json Normal file
View File

@ -0,0 +1,100 @@
{
"id": "CVE-2024-10313",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2024-10-24T18:15:05.920",
"lastModified": "2024-10-24T18:15:05.920",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "iniNet Solutions SpiderControl SCADA PC HMI Editor has a path traversal \nvulnerability. When the software loads a malicious \u2018ems' project \ntemplate file constructed by an attacker, it can write files to \narbitrary directories. This can lead to overwriting system files, \ncausing system paralysis, or writing to startup items, resulting in \nremote control."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "PASSIVE",
"vulnerableSystemConfidentiality": "HIGH",
"vulnerableSystemIntegrity": "HIGH",
"vulnerableSystemAvailability": "HIGH",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 8.6,
"baseSeverity": "HIGH"
}
}
],
"cvssMetricV31": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-298-02",
"source": "ics-cert@hq.dhs.gov"
}
]
}

133
CVE-2024/CVE-2024-103xx/CVE-2024-10337.json Normal file
View File

@ -0,0 +1,133 @@
{
"id": "CVE-2024-10337",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-24T18:15:06.170",
"lastModified": "2024-10-24T18:15:06.170",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in SourceCodeHero Clothes Recommendation System 1.0. Affected is an unknown function of the file /admin/home.php?con=add. The manipulation of the argument cat/subcat/ t1/t2/text leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 5.1,
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "MULTIPLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 6.4,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.281682",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.281682",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.427443",
"source": "cna@vuldb.com"
}
]
}

133
CVE-2024/CVE-2024-103xx/CVE-2024-10338.json Normal file
View File

@ -0,0 +1,133 @@
{
"id": "CVE-2024-10338",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-24T18:15:06.437",
"lastModified": "2024-10-24T18:15:06.437",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in SourceCodeHero Clothes Recommendation System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/home.php. The manipulation of the argument view/view1 leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 5.1,
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "MULTIPLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 6.4,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.281683",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.281683",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.427447",
"source": "cna@vuldb.com"
}
]
}

381
CVE-2024/CVE-2024-204xx/CVE-2024-20437.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20437", "id": "CVE-2024-20437",
"sourceIdentifier": "ykramarz@cisco.com", "sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-09-25T17:15:16.630", "published": "2024-09-25T17:15:16.630",
"lastModified": "2024-09-26T13:32:02.803", "lastModified": "2024-10-24T19:45:01.540",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -17,6 +17,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{ {
"source": "ykramarz@cisco.com", "source": "ykramarz@cisco.com",
"type": "Secondary", "type": "Secondary",
@ -40,6 +60,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
},
{ {
"source": "ykramarz@cisco.com", "source": "ykramarz@cisco.com",
"type": "Secondary", "type": "Secondary",
@ -51,10 +81,355 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2B270A04-9961-4E99-806B-441CD674AFBD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "1360069D-0358-4746-8C3F-44C2A40988D7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C5DD2403-113B-4100-8BD4-90E1927E6648"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DAF73937-BCE2-4BEF-B4B0-83212DA4A6C8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.4a:*:*:*:*:*:*:*",
"matchCriteriaId": "2DDB1E60-C2A9-4570-BE80-F3D478A53738"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.4b:*:*:*:*:*:*:*",
"matchCriteriaId": "9841799A-87E2-46AE-807A-824981EAB35A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.4c:*:*:*:*:*:*:*",
"matchCriteriaId": "0CEF022B-271F-4017-B74B-82748D5EBA01"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6B2902D8-3A7B-4C47-9BC6-8CA4C580A346"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "8871B890-78F4-4D9D-AEFF-6A393493C51E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.5b:*:*:*:*:*:*:*",
"matchCriteriaId": "9E489AC5-A445-44FF-AA85-F0915577384E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "917BA05C-2A18-4C68-B508-85C2B5A94416"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "06337791-7D8D-4EAA-BACC-4E270F377B3E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "336A8630-653C-4E28-8DE1-76CDD8573980"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.8a:*:*:*:*:*:*:*",
"matchCriteriaId": "0A1767AE-7D9F-4BAA-90E1-CF8314CD0B53"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5A6B707B-4543-41F1-83DF-49A93BF56FB1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.4.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "DC8F611B-D347-4A21-90E6-56CF4D8A35A3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.4.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "D9A92CE4-B4B0-4C14-AE11-8DFE511406F3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "274E3E6F-4280-4EAE-B102-1BE57FE1F1D2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.4.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "46B52A51-51DB-4A12-AB1D-8D9605226599"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "938B0720-8CA7-43BA-9708-5CE9EC7A565A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.5.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "D4BE7166-DBD3-4CE6-A14A-725FE896B85E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4DE62C4B-7C06-4907-BADE-416C1618D2D9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "0C60DF3F-DBD9-4BBF-812E-4BB0C47BDF3C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1w:*:*:*:*:*:*:*",
"matchCriteriaId": "26FEE2E2-DD85-4006-8895-0BDA04E8EE4C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1x:*:*:*:*:*:*:*",
"matchCriteriaId": "A0CD237B-2843-4D37-87D7-AE6D1A53458A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1y:*:*:*:*:*:*:*",
"matchCriteriaId": "1B80614B-6362-45F0-B305-2F137B053DCF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1z:*:*:*:*:*:*:*",
"matchCriteriaId": "47B20C7E-1C9C-4EF4-91E4-388643C4B9C0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1z1:*:*:*:*:*:*:*",
"matchCriteriaId": "EB7966A0-D84D-47F7-AED9-D041BCDA6703"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "04D19D8C-FACF-49B4-BA99-CC3A3FDADAFB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0B78942C-BEE1-4D18-9075-8E1D991BF621"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "5B306D35-4A13-4D23-8EC2-D000E8ADCDA5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9F21093D-1036-4F6B-B90F-ACE1EF99EA33"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "280D24C6-A2BF-46E8-B512-6A3FA7833922"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "1F903F51-ABF4-49B0-A5BA-A6B51F79666F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E3F244E7-8EE9-4E58-83FA-EEDD3C8F792D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.6a:*:*:*:*:*:*:*",
"matchCriteriaId": "5238B1D1-740D-4B37-A0CB-1B3343E55D05"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "38B87B17-C653-40AC-8AE4-066BB1123C88"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.7.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "9012A66E-82C4-4ACF-A4BB-37EC54B87B50"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.7.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "9C945710-7DC3-43D9-9FBE-F2A1B8666C73"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "849C6FF1-F7C0-4021-BCA2-A791C87E4F37"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7592C7E3-3735-425F-A276-9EE03224CD5E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.8.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "1103BE75-EB64-4A9A-801E-EDE6A1F861F5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5B0C2129-8149-4362-827C-A5494C9D398B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "7452C7E9-6241-42C5-9A7F-13C0BD38A2B4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1w:*:*:*:*:*:*:*",
"matchCriteriaId": "38C48FC4-5362-4B61-8B8C-7CAFFB81045E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1x:*:*:*:*:*:*:*",
"matchCriteriaId": "2BC43383-DF99-4D38-A220-0A202623B36A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1x1:*:*:*:*:*:*:*",
"matchCriteriaId": "B7E6CD08-EC7E-42C1-B2C2-CA5E154545A0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1y:*:*:*:*:*:*:*",
"matchCriteriaId": "DE62DC68-E882-49E7-AAD2-2F73637FFB4A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1y1:*:*:*:*:*:*:*",
"matchCriteriaId": "57CD29C9-C629-48B0-ABDD-CEC3DEB6FB11"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D197445E-EC12-429C-BDD4-F63FA5C1B3E3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "BD27DF50-9E81-4EC5-BA73-513F1DFB972C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "51EA3EAA-A379-467E-AF9A-FCFBACAE49C7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "4FC63AAF-758F-4A70-9738-96E75A0A1DDA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E67BE408-8DCF-491F-9EA9-E368565C1B49"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.4a:*:*:*:*:*:*:*",
"matchCriteriaId": "D9CFE98A-FBA5-4837-BBD9-3C875ECEBF1B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "42FAEC29-D754-49D6-85F1-F5DDFAF6E80F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.10.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "CCE76032-948F-444F-BA5D-72A34D1CD382"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.10.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "9A965A2A-129C-45C3-BCB1-2860F583D020"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F313F2EC-F3D6-4639-934C-402DDA3DA806"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.11.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "4AFB2CA6-8332-4E4D-BDB4-C3B770D3AD6C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.11.99sw:*:*:*:*:*:*:*",
"matchCriteriaId": "6F7C157F-5569-4072-805F-7AF598F6B56F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1BF0778B-015D-481B-BAC0-40667F3453D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "1EEBC0EB-0DBB-4530-AFC4-AA0036469656"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.1w:*:*:*:*:*:*:*",
"matchCriteriaId": "66D0DB87-6BB7-4FCF-BF20-6D4D48D72B79"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.1x:*:*:*:*:*:*:*",
"matchCriteriaId": "E0A766E7-CF3C-4529-AFA4-D780059A66BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.1y:*:*:*:*:*:*:*",
"matchCriteriaId": "46B7F7EA-6512-433F-B1E4-B2F889427464"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-csrf-ycUYxkKO", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-csrf-ycUYxkKO",
"source": "ykramarz@cisco.com" "source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

566
CVE-2024/CVE-2024-204xx/CVE-2024-20455.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20455", "id": "CVE-2024-20455",
"sourceIdentifier": "ykramarz@cisco.com", "sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-09-25T17:15:16.827", "published": "2024-09-25T17:15:16.827",
"lastModified": "2024-09-26T13:32:02.803", "lastModified": "2024-10-24T19:47:49.750",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -17,6 +17,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0
},
{ {
"source": "ykramarz@cisco.com", "source": "ykramarz@cisco.com",
"type": "Secondary", "type": "Secondary",
@ -40,6 +60,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{ {
"source": "ykramarz@cisco.com", "source": "ykramarz@cisco.com",
"type": "Secondary", "type": "Secondary",
@ -51,10 +81,540 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E306B09C-CB48-4067-B60C-5F738555EEAC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "CD446C51-E713-4E46-8328-0A0477D140D2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "4FF0DD16-D76A-45EA-B01A-20C71AEFA3B4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.1t:*:*:*:*:*:*:*",
"matchCriteriaId": "4BDD0CEC-4A19-438D-B2A1-8664A1D8F3C4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8B4D4659-A304-459F-8AB3-ED6D84B44C0F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4B7EE7C7-D6C1-4C35-8C80-EAF3FC7E7EFA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "B51FA707-8DB1-4596-9122-D4BFEF17F400"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1r:*:*:*:*:*:*:*",
"matchCriteriaId": "C04DF35A-1B6F-420A-8D84-74EB41BF3700"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1v:*:*:*:*:*:*:*",
"matchCriteriaId": "211CC9B2-6108-4C50-AB31-DC527C43053E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "75CCB5F1-27F5-4FF9-8389-0A9ABCF7F070"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "08DCCBA3-82D2-4444-B5D3-E5FC58D024F9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "128F95D7-E49F-4B36-8F47-823C0298449E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "E21B3881-37E9-4C00-9336-12C9C28D1B61"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.1w:*:*:*:*:*:*:*",
"matchCriteriaId": "E54599DB-A85E-4EEA-9985-2CBF90E28A08"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.1x:*:*:*:*:*:*:*",
"matchCriteriaId": "4046C325-7EDB-4C95-AA98-541BEC8F9E0F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.1z:*:*:*:*:*:*:*",
"matchCriteriaId": "E5B70A3D-CBE1-4218-A7B4-F85741A57BD7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2B270A04-9961-4E99-806B-441CD674AFBD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "1360069D-0358-4746-8C3F-44C2A40988D7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C5DD2403-113B-4100-8BD4-90E1927E6648"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DAF73937-BCE2-4BEF-B4B0-83212DA4A6C8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.4a:*:*:*:*:*:*:*",
"matchCriteriaId": "2DDB1E60-C2A9-4570-BE80-F3D478A53738"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.4b:*:*:*:*:*:*:*",
"matchCriteriaId": "9841799A-87E2-46AE-807A-824981EAB35A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.4c:*:*:*:*:*:*:*",
"matchCriteriaId": "0CEF022B-271F-4017-B74B-82748D5EBA01"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6B2902D8-3A7B-4C47-9BC6-8CA4C580A346"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "8871B890-78F4-4D9D-AEFF-6A393493C51E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.5b:*:*:*:*:*:*:*",
"matchCriteriaId": "9E489AC5-A445-44FF-AA85-F0915577384E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "917BA05C-2A18-4C68-B508-85C2B5A94416"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "06337791-7D8D-4EAA-BACC-4E270F377B3E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "336A8630-653C-4E28-8DE1-76CDD8573980"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.8a:*:*:*:*:*:*:*",
"matchCriteriaId": "0A1767AE-7D9F-4BAA-90E1-CF8314CD0B53"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5A6B707B-4543-41F1-83DF-49A93BF56FB1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.4.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "DC8F611B-D347-4A21-90E6-56CF4D8A35A3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.4.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "D9A92CE4-B4B0-4C14-AE11-8DFE511406F3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "274E3E6F-4280-4EAE-B102-1BE57FE1F1D2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.4.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "46B52A51-51DB-4A12-AB1D-8D9605226599"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "938B0720-8CA7-43BA-9708-5CE9EC7A565A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.5.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "D4BE7166-DBD3-4CE6-A14A-725FE896B85E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4DE62C4B-7C06-4907-BADE-416C1618D2D9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "0C60DF3F-DBD9-4BBF-812E-4BB0C47BDF3C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1w:*:*:*:*:*:*:*",
"matchCriteriaId": "26FEE2E2-DD85-4006-8895-0BDA04E8EE4C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1x:*:*:*:*:*:*:*",
"matchCriteriaId": "A0CD237B-2843-4D37-87D7-AE6D1A53458A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1y:*:*:*:*:*:*:*",
"matchCriteriaId": "1B80614B-6362-45F0-B305-2F137B053DCF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1z:*:*:*:*:*:*:*",
"matchCriteriaId": "47B20C7E-1C9C-4EF4-91E4-388643C4B9C0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1z1:*:*:*:*:*:*:*",
"matchCriteriaId": "EB7966A0-D84D-47F7-AED9-D041BCDA6703"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "04D19D8C-FACF-49B4-BA99-CC3A3FDADAFB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0B78942C-BEE1-4D18-9075-8E1D991BF621"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "5B306D35-4A13-4D23-8EC2-D000E8ADCDA5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9F21093D-1036-4F6B-B90F-ACE1EF99EA33"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "280D24C6-A2BF-46E8-B512-6A3FA7833922"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "1F903F51-ABF4-49B0-A5BA-A6B51F79666F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E3F244E7-8EE9-4E58-83FA-EEDD3C8F792D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.6a:*:*:*:*:*:*:*",
"matchCriteriaId": "5238B1D1-740D-4B37-A0CB-1B3343E55D05"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "38B87B17-C653-40AC-8AE4-066BB1123C88"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.7.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "9012A66E-82C4-4ACF-A4BB-37EC54B87B50"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.7.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "9C945710-7DC3-43D9-9FBE-F2A1B8666C73"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "849C6FF1-F7C0-4021-BCA2-A791C87E4F37"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7592C7E3-3735-425F-A276-9EE03224CD5E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.8.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "1103BE75-EB64-4A9A-801E-EDE6A1F861F5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5B0C2129-8149-4362-827C-A5494C9D398B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "7452C7E9-6241-42C5-9A7F-13C0BD38A2B4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1w:*:*:*:*:*:*:*",
"matchCriteriaId": "38C48FC4-5362-4B61-8B8C-7CAFFB81045E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1x:*:*:*:*:*:*:*",
"matchCriteriaId": "2BC43383-DF99-4D38-A220-0A202623B36A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1x1:*:*:*:*:*:*:*",
"matchCriteriaId": "B7E6CD08-EC7E-42C1-B2C2-CA5E154545A0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1y:*:*:*:*:*:*:*",
"matchCriteriaId": "DE62DC68-E882-49E7-AAD2-2F73637FFB4A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1y1:*:*:*:*:*:*:*",
"matchCriteriaId": "57CD29C9-C629-48B0-ABDD-CEC3DEB6FB11"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D197445E-EC12-429C-BDD4-F63FA5C1B3E3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "BD27DF50-9E81-4EC5-BA73-513F1DFB972C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "51EA3EAA-A379-467E-AF9A-FCFBACAE49C7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "4FC63AAF-758F-4A70-9738-96E75A0A1DDA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E67BE408-8DCF-491F-9EA9-E368565C1B49"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.4a:*:*:*:*:*:*:*",
"matchCriteriaId": "D9CFE98A-FBA5-4837-BBD9-3C875ECEBF1B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "36A5F20F-3F38-4FB9-B49D-28569EB1A763"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "4D2264D7-5E89-4F50-B948-FAB41D07C8BA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.5b:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB8368D-B9F9-4679-8154-1174E140CA17"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "42FAEC29-D754-49D6-85F1-F5DDFAF6E80F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.10.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "CCE76032-948F-444F-BA5D-72A34D1CD382"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.10.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "9A965A2A-129C-45C3-BCB1-2860F583D020"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F313F2EC-F3D6-4639-934C-402DDA3DA806"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.11.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "4AFB2CA6-8332-4E4D-BDB4-C3B770D3AD6C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.11.99sw:*:*:*:*:*:*:*",
"matchCriteriaId": "6F7C157F-5569-4072-805F-7AF598F6B56F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1BF0778B-015D-481B-BAC0-40667F3453D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "1EEBC0EB-0DBB-4530-AFC4-AA0036469656"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.1w:*:*:*:*:*:*:*",
"matchCriteriaId": "66D0DB87-6BB7-4FCF-BF20-6D4D48D72B79"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EE165207-A066-44C1-B78A-6EFD80023204"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "4AF792BC-C270-4294-8E4E-71FAC3ACFCF8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8577AF01-F2C7-48D3-AB0B-78BD63A60029"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.13.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "CD0D2D94-6470-4E4B-A1B1-0124F92AA793"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:17.5.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "70AD0EE7-90D6-446C-AF16-FA1110AC470B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:17.6.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "BD0B0C1F-9D10-48E7-BE69-0143A45D3EA3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:17.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2F380EA8-8A31-46D0-9FFD-6B6CD24C5ED3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:17.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3BE315D8-FED1-4F83-B7A6-B211E91168CC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:17.7.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "1609BF92-B0FD-4D45-8605-492C71B334A1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:17.8.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "0E7CEBF6-8D1D-40E4-9854-3A9C38ACAB86"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:17.9.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "FFB324BF-9415-4B70-BF11-AC20481F9FDD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:17.9.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "BE462494-BC2A-420E-87C8-07170CA2D84C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:17.9.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "DD114AA0-3EA1-4BA0-B04A-924CBAA7DC41"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:17.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4EBF2D46-7D17-43CB-B3B2-130A8C2B39B1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:17.10.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "DB8F04EF-2B0B-48B9-938F-58F2E9D6622D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:17.11.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "B35CEF2A-3905-40AF-A582-F0D77FD48058"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:17.12.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "227945F0-83AD-4B29-8CFE-4DE6206DBE5B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:17.13.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "E54227CC-A1B1-4533-810E-E460B6E942BE"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-utd-dos-hDATqxs", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-utd-dos-hDATqxs",
"source": "ykramarz@cisco.com" "source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

61
CVE-2024/CVE-2024-204xx/CVE-2024-20464.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20464", "id": "CVE-2024-20464",
"sourceIdentifier": "ykramarz@cisco.com", "sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-09-25T17:15:17.043", "published": "2024-09-25T17:15:17.043",
"lastModified": "2024-09-26T13:32:02.803", "lastModified": "2024-10-24T19:47:29.740",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -17,6 +17,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0
},
{ {
"source": "ykramarz@cisco.com", "source": "ykramarz@cisco.com",
"type": "Secondary", "type": "Secondary",
@ -40,6 +60,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{ {
"source": "ykramarz@cisco.com", "source": "ykramarz@cisco.com",
"type": "Secondary", "type": "Secondary",
@ -51,10 +81,35 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8577AF01-F2C7-48D3-AB0B-78BD63A60029"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.13.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "CD0D2D94-6470-4E4B-A1B1-0124F92AA793"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pim-APbVfySJ", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pim-APbVfySJ",
"source": "ykramarz@cisco.com" "source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

71
CVE-2024/CVE-2024-204xx/CVE-2024-20465.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20465", "id": "CVE-2024-20465",
"sourceIdentifier": "ykramarz@cisco.com", "sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-09-25T17:15:17.220", "published": "2024-09-25T17:15:17.220",
"lastModified": "2024-09-26T13:32:02.803", "lastModified": "2024-10-24T19:46:15.007",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -17,6 +17,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{ {
"source": "ykramarz@cisco.com", "source": "ykramarz@cisco.com",
"type": "Secondary", "type": "Secondary",
@ -40,6 +60,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{ {
"source": "ykramarz@cisco.com", "source": "ykramarz@cisco.com",
"type": "Secondary", "type": "Secondary",
@ -51,10 +81,45 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(8\\)e2:*:*:*:*:*:*:*",
"matchCriteriaId": "83C79479-27C6-4273-BC80-70395D609197"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(8\\)e3:*:*:*:*:*:*:*",
"matchCriteriaId": "28ACC494-2B4B-4BCE-9275-B7B10CC69B1B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(8\\)e4:*:*:*:*:*:*:*",
"matchCriteriaId": "B8BB9098-7C1D-4776-8B1F-EF4A0461CCDB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(8\\)e5:*:*:*:*:*:*:*",
"matchCriteriaId": "602A88C0-30D1-4B63-A8F7-EF1D35350897"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-repacl-9eXgnBpD", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-repacl-9eXgnBpD",
"source": "ykramarz@cisco.com" "source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

67
CVE-2024/CVE-2024-31xx/CVE-2024-3150.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-3150", "id": "CVE-2024-3150",
"sourceIdentifier": "security@huntr.dev", "sourceIdentifier": "security@huntr.dev",
"published": "2024-06-06T19:16:00.350", "published": "2024-06-06T19:16:00.350",
"lastModified": "2024-06-07T14:56:05.647", "lastModified": "2024-10-24T19:35:19.290",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -16,6 +16,28 @@
} }
], ],
"metrics": { "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [ "cvssMetricV30": [
{ {
"source": "security@huntr.dev", "source": "security@huntr.dev",
@ -41,8 +63,18 @@
}, },
"weaknesses": [ "weaknesses": [
{ {
"source": "security@huntr.dev", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-755"
}
]
},
{
"source": "security@huntr.dev",
"type": "Secondary",
"description": [ "description": [
{ {
"lang": "en", "lang": "en",
@ -51,14 +83,39 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mintplexlabs:anythingllm:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.0.0",
"matchCriteriaId": "0D667E32-5A5C-479C-BB81-47F3BCA38C13"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/mintplex-labs/anything-llm/commit/200bd7f0615347ed2efc07903d510e5a208b0afc", "url": "https://github.com/mintplex-labs/anything-llm/commit/200bd7f0615347ed2efc07903d510e5a208b0afc",
"source": "security@huntr.dev" "source": "security@huntr.dev",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://huntr.com/bounties/745f5c80-14ea-4055-9f15-a066ae93e5a3", "url": "https://huntr.com/bounties/745f5c80-14ea-4055-9f15-a066ae93e5a3",
"source": "security@huntr.dev" "source": "security@huntr.dev",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

74
CVE-2024/CVE-2024-351xx/CVE-2024-35178.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35178", "id": "CVE-2024-35178",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2024-06-06T16:15:11.937", "published": "2024-06-06T16:15:11.937",
"lastModified": "2024-06-07T14:56:05.647", "lastModified": "2024-10-24T19:22:04.123",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -17,6 +17,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{ {
"source": "security-advisories@github.com", "source": "security-advisories@github.com",
"type": "Secondary", "type": "Secondary",
@ -40,6 +60,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{ {
"source": "security-advisories@github.com", "source": "security-advisories@github.com",
"type": "Secondary", "type": "Secondary",
@ -51,14 +81,50 @@
] ]
} }
], ],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jupyter:jupyter_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.14.1",
"matchCriteriaId": "2738BF03-97D1-4B7F-8822-49E173B57302"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/jupyter-server/jupyter_server/commit/79fbf801c5908f4d1d9bc90004b74cfaaeeed2df", "url": "https://github.com/jupyter-server/jupyter_server/commit/79fbf801c5908f4d1d9bc90004b74cfaaeeed2df",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://github.com/jupyter-server/jupyter_server/security/advisories/GHSA-hrw6-wg82-cm62", "url": "https://github.com/jupyter-server/jupyter_server/security/advisories/GHSA-hrw6-wg82-cm62",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

6
CVE-2024/CVE-2024-37xx/CVE-2024-3727.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-3727", "id": "CVE-2024-3727",
"sourceIdentifier": "secalert@redhat.com", "sourceIdentifier": "secalert@redhat.com",
"published": "2024-05-14T15:42:07.060", "published": "2024-05-14T15:42:07.060",
"lastModified": "2024-10-17T01:15:13.357", "lastModified": "2024-10-24T18:15:08.177",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -120,6 +120,10 @@
"url": "https://access.redhat.com/errata/RHSA-2024:7941", "url": "https://access.redhat.com/errata/RHSA-2024:7941",
"source": "secalert@redhat.com" "source": "secalert@redhat.com"
}, },
{
"url": "https://access.redhat.com/errata/RHSA-2024:8260",
"source": "secalert@redhat.com"
},
{ {
"url": "https://access.redhat.com/security/cve/CVE-2024-3727", "url": "https://access.redhat.com/security/cve/CVE-2024-3727",
"source": "secalert@redhat.com" "source": "secalert@redhat.com"

56
CVE-2024/CVE-2024-383xx/CVE-2024-38314.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-38314",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-10-24T18:15:07.957",
"lastModified": "2024-10-24T18:15:07.957",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Maximo Application Suite - Monitor Component 8.10, 8.11, and 9.0 could disclose information in the form of the hard-coded cryptographic key to an attacker that has compromised environment."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-321"
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7173988",
"source": "psirt@us.ibm.com"
}
]
}

31
CVE-2024/CVE-2024-404xx/CVE-2024-40431.json
View File

@ -2,16 +2,43 @@
"id": "CVE-2024-40431", "id": "CVE-2024-40431",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-10-23T22:15:02.340", "published": "2024-10-23T22:15:02.340",
"lastModified": "2024-10-23T22:15:02.340", "lastModified": "2024-10-24T18:35:07.010",
"vulnStatus": "Received", "vulnStatus": "Received",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "A lack of input validation in Realtek SD card reader driver before 10.0.26100.21374 through the implementation of the IOCTL_SCSI_PASS_THROUGH control of the SD card reader driver allows an attacker to write to predictable kernel memory locations, even as a low-privileged user." "value": "A lack of input validation in Realtek SD card reader driver before 10.0.26100.21374 through the implementation of the IOCTL_SCSI_PASS_THROUGH control of the SD card reader driver allows an attacker to write to predictable kernel memory locations, even as a low-privileged user."
},
{
"lang": "es",
"value": "La falta de validaci\u00f3n de entrada en Realtek SD card reader driver anterior a 10.0.26100.21374 a trav\u00e9s de la implementaci\u00f3n del control IOCTL_SCSI_PASS_THROUGH del controlador del lector de tarjetas SD permite que un atacante escriba en ubicaciones de memoria del kernel predecibles, incluso como un usuario con pocos privilegios."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"references": [ "references": [
{ {
"url": "https://zwclose.github.io/2024/10/14/rtsper1.html", "url": "https://zwclose.github.io/2024/10/14/rtsper1.html",

27
CVE-2024/CVE-2024-441xx/CVE-2024-44141.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-44141", "id": "CVE-2024-44141",
"sourceIdentifier": "product-security@apple.com", "sourceIdentifier": "product-security@apple.com",
"published": "2024-10-24T17:15:16.390", "published": "2024-10-24T17:15:16.390",
"lastModified": "2024-10-24T17:15:16.390", "lastModified": "2024-10-24T18:35:07.340",
"vulnStatus": "Received", "vulnStatus": "Received",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -11,7 +11,30 @@
"value": "The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.6. A person with physical access to an unlocked Mac may be able to gain root code execution." "value": "The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.6. A person with physical access to an unlocked Mac may be able to gain root code execution."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.7,
"impactScore": 5.9
}
]
},
"references": [ "references": [
{ {
"url": "https://support.apple.com/en-us/120911", "url": "https://support.apple.com/en-us/120911",

6
CVE-2024/CVE-2024-462xx/CVE-2024-46257.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-46257", "id": "CVE-2024-46257",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-09-27T18:15:05.870", "published": "2024-09-27T18:15:05.870",
"lastModified": "2024-10-03T16:35:05.240", "lastModified": "2024-10-24T18:15:08.617",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -60,6 +60,10 @@
"url": "https://github.com/NginxProxyManager/nginx-proxy-manager/commit/99cce7e2b0da2978411cedd7cac5fffbe15bc466", "url": "https://github.com/NginxProxyManager/nginx-proxy-manager/commit/99cce7e2b0da2978411cedd7cac5fffbe15bc466",
"source": "cve@mitre.org" "source": "cve@mitre.org"
}, },
{
"url": "https://github.com/NginxProxyManager/nginx-proxy-manager/pull/4073/commits/c39d5433bcd13993def222bbb2b6988bbb810a05",
"source": "cve@mitre.org"
},
{ {
"url": "https://github.com/barttran2k/POC_CVE-2024-46256", "url": "https://github.com/barttran2k/POC_CVE-2024-46256",
"source": "cve@mitre.org" "source": "cve@mitre.org"

25
CVE-2024/CVE-2024-464xx/CVE-2024-46478.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-46478",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-24T18:15:08.863",
"lastModified": "2024-10-24T18:15:08.863",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HTMLDOC v1.9.18 contains a buffer overflow in parse_pre function,ps-pdf.cxx:5681."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/michaelrsweet/htmldoc/commit/683bec548e642cf4a17e003fb34f6bbaf2d27b98",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/michaelrsweet/htmldoc/issues/529",
"source": "cve@mitre.org"
}
]
}

60
CVE-2024/CVE-2024-469xx/CVE-2024-46994.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-46994",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-10-24T19:15:13.843",
"lastModified": "2024-10-24T19:15:13.843",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in Blog posts and Contents list Feature. Version 5.1.2 fixes this issue."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://basercms.net/security/JVN_00876083",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/baserproject/basercms/security/advisories/GHSA-wrjc-fmfq-w3jr",
"source": "security-advisories@github.com"
}
]
}

60
CVE-2024/CVE-2024-469xx/CVE-2024-46995.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-46995",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-10-24T19:15:14.137",
"lastModified": "2024-10-24T19:15:14.137",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in HTTP 400 Bad Request. Version 5.1.2 fixes this issue."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://basercms.net/security/JVN_06274755",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/baserproject/basercms/security/advisories/GHSA-mr7q-fv7j-jcgv",
"source": "security-advisories@github.com"
}
]
}

60
CVE-2024/CVE-2024-469xx/CVE-2024-46996.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-46996",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-10-24T19:15:14.383",
"lastModified": "2024-10-24T19:15:14.383",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in the Blog posts feature. Version 5.1.2 fixes this issue."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.1,
"impactScore": 4.2
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://basercms.net/security/JVN_00876083",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/baserproject/basercms/security/advisories/GHSA-66jv-qrm3-vvfg",
"source": "security-advisories@github.com"
}
]
}

60
CVE-2024/CVE-2024-469xx/CVE-2024-46998.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-46998",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-10-24T19:15:14.600",
"lastModified": "2024-10-24T19:15:14.600",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in the Edit Email Form Settings Feature. Version 5.1.2 fixes the issue."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 4.2
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://basercms.net/security/JVN_98693329",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/baserproject/basercms/security/advisories/GHSA-p3m2-mj3j-j49x",
"source": "security-advisories@github.com"
}
]
}

56
CVE-2024/CVE-2024-471xx/CVE-2024-47173.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-47173",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-10-24T19:15:14.817",
"lastModified": "2024-10-24T19:15:14.817",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Aimeos is an e-commerce framework. All SaaS and marketplace setups using the Aimeos GraphQL API admin interface version from 2024.04 up to 2024.07.1 are affected by a potential denial of service attack. Version 2024.07.2 fixes the issue."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 4.2
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-270"
}
]
}
],
"references": [
{
"url": "https://github.com/aimeos/ai-admin-graphql/security/advisories/GHSA-qxgx-hvg3-v92w",
"source": "security-advisories@github.com"
}
]
}

111
CVE-2024/CVE-2024-475xx/CVE-2024-47575.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-47575", "id": "CVE-2024-47575",
"sourceIdentifier": "psirt@fortinet.com", "sourceIdentifier": "psirt@fortinet.com",
"published": "2024-10-23T15:15:30.707", "published": "2024-10-23T15:15:30.707",
"lastModified": "2024-10-24T14:20:16.333", "lastModified": "2024-10-24T18:56:47.930",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"cisaExploitAdd": "2024-10-23", "cisaExploitAdd": "2024-10-23",
"cisaActionDue": "2024-11-13", "cisaActionDue": "2024-11-13",
@ -21,6 +21,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{ {
"source": "psirt@fortinet.com", "source": "psirt@fortinet.com",
"type": "Secondary", "type": "Secondary",
@ -55,10 +75,95 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2.0",
"versionEndExcluding": "6.2.13",
"matchCriteriaId": "D7E60883-7F64-4C22-99F9-802A7623DAE0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.4.0",
"versionEndExcluding": "6.4.15",
"matchCriteriaId": "D2AD66B0-9C99-4F83-80AA-B54E6354ADFD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.0.0",
"versionEndExcluding": "7.0.13",
"matchCriteriaId": "37456E27-0EE2-4AF8-B92F-A5284FEC0409"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.2.0",
"versionEndExcluding": "7.2.8",
"matchCriteriaId": "01E63E1E-4084-4C73-862F-A4CC07914C23"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.4.0",
"versionEndExcluding": "7.4.5",
"matchCriteriaId": "0666260A-1327-4C43-A841-04FB4459449C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortimanager:7.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0141F06A-F5FE-4DF3-B60E-DD76A1AD8A56"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortimanager_cloud:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.4.1",
"versionEndIncluding": "6.4.7",
"matchCriteriaId": "5BB52FA5-7811-4123-8989-59369583F82F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortimanager_cloud:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.0.1",
"versionEndExcluding": "7.0.13",
"matchCriteriaId": "29B3A5F2-3121-4902-BBB6-8B4D07767F77"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortimanager_cloud:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.2.1",
"versionEndExcluding": "7.2.8",
"matchCriteriaId": "E3A26BF0-DF69-42F6-B9D8-D3BEE3DD352C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortimanager_cloud:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.4.1",
"versionEndExcluding": "7.4.5",
"matchCriteriaId": "6E0BCF26-B311-4FFF-866B-3DCA14A26268"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-423", "url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-423",
"source": "psirt@fortinet.com" "source": "psirt@fortinet.com",
"tags": [
"Exploit",
"Mitigation",
"Vendor Advisory"
]
} }
] ]
} }

25
CVE-2024/CVE-2024-481xx/CVE-2024-48139.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-48139",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-24T19:15:15.050",
"lastModified": "2024-10-24T19:15:15.050",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A prompt injection vulnerability in the chatbox of Blackbox AI v1.3.95 allows attackers to access and exfiltrate all previous and subsequent chat data between the user and the AI assistant via a crafted message."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/soursec/CVEs/tree/main/CVE-2024-48139",
"source": "cve@mitre.org"
},
{
"url": "https://marketplace.visualstudio.com/items?itemName=Blackboxapp.blackbox",
"source": "cve@mitre.org"
}
]
}

25
CVE-2024/CVE-2024-481xx/CVE-2024-48140.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-48140",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-24T19:15:15.150",
"lastModified": "2024-10-24T19:15:15.150",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A prompt injection vulnerability in the chatbox of Butterfly Effect Limited Monica Your AI Copilot powered by ChatGPT4 v6.3.0 allows attackers to access and exfiltrate all previous and subsequent chat data between the user and the AI assistant via a crafted message."
}
],
"metrics": {},
"references": [
{
"url": "https://chromewebstore.google.com/detail/monica-your-ai-copilot-po/ofpnmcalabcbjgholdjcjblkibolbppb?hl=en",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/soursec/CVEs/tree/main/CVE-2024-48140",
"source": "cve@mitre.org"
}
]
}

25
CVE-2024/CVE-2024-481xx/CVE-2024-48141.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-48141",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-24T19:15:15.240",
"lastModified": "2024-10-24T19:15:15.240",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A prompt injection vulnerability in the chatbox of Zhipu AI CodeGeeX v2.17.0 allows attackers to access and exfiltrate all previous and subsequent chat data between the user and the AI assistant via a crafted message."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/soursec/CVEs/tree/main/CVE-2024-48141",
"source": "cve@mitre.org"
},
{
"url": "https://marketplace.visualstudio.com/items?itemName=aminer.codegeex",
"source": "cve@mitre.org"
}
]
}

25
CVE-2024/CVE-2024-481xx/CVE-2024-48142.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-48142",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-24T19:15:15.333",
"lastModified": "2024-10-24T19:15:15.333",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A prompt injection vulnerability in the chatbox of Butterfly Effect Limited Monica ChatGPT AI Assistant v2.4.0 allows attackers to access and exfiltrate all previous and subsequent chat data between the user and the AI assistant via a crafted message."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/soursec/CVEs/tree/main/CVE-2024-48142",
"source": "cve@mitre.org"
},
{
"url": "https://monica.im/desktop",
"source": "cve@mitre.org"
}
]
}

25
CVE-2024/CVE-2024-481xx/CVE-2024-48143.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-48143",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-24T19:15:15.427",
"lastModified": "2024-10-24T19:15:15.427",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A lack of rate limiting in the OTP validation component of Digitory Multi Channel Integrated POS v1.0 allows attackers to gain access to the ordering system and place an excessive amount of food orders."
}
],
"metrics": {},
"references": [
{
"url": "https://digitory.com/multi-channel-integrated-pos/",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/soursec/CVEs/tree/main/CVE-2024-48143",
"source": "cve@mitre.org"
}
]
}

25
CVE-2024/CVE-2024-481xx/CVE-2024-48144.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-48144",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-24T19:15:15.510",
"lastModified": "2024-10-24T19:15:15.510",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A prompt injection vulnerability in the chatbox of Fusion Chat Chat AI Assistant Ask Me Anything v1.2.4.0 allows attackers to access and exfiltrate all previous and subsequent chat data between the user and the AI assistant via a crafted message."
}
],
"metrics": {},
"references": [
{
"url": "https://apps.microsoft.com/detail/9n3ff8j3d7zr?hl=en-US&gl=US",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/soursec/CVEs/tree/main/CVE-2024-48144",
"source": "cve@mitre.org"
}
]
}

25
CVE-2024/CVE-2024-481xx/CVE-2024-48145.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-48145",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-24T19:15:15.607",
"lastModified": "2024-10-24T19:15:15.607",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A prompt injection vulnerability in the chatbox of Netangular Technologies ChatNet AI Version v1.0 allows attackers to access and exfiltrate all previous and subsequent chat data between the user and the AI assistant via a crafted message."
}
],
"metrics": {},
"references": [
{
"url": "https://apps.microsoft.com/detail/9n3zxd05895t?hl=en-us&gl=US",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/soursec/CVEs/tree/main/CVE-2024-48145",
"source": "cve@mitre.org"
}
]
}

25
CVE-2024/CVE-2024-484xx/CVE-2024-48427.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-48427",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-24T19:15:15.703",
"lastModified": "2024-10-24T19:15:15.703",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A SQL injection vulnerability in Sourcecodester Packers and Movers Management System v1.0 allows remote authenticated users to execute arbitrary SQL commands via the id parameter in /mpms/admin/?page=services/manage_service&id"
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/vighneshnair7/CVE-2024-48427/blob/main/README.md",
"source": "cve@mitre.org"
},
{
"url": "https://www.sourcecodester.com/php/15360/packers-and-movers-management-system-phpoop-free-source-code.html",
"source": "cve@mitre.org"
}
]
}

21
CVE-2024/CVE-2024-484xx/CVE-2024-48440.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-48440",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-24T18:15:09.190",
"lastModified": "2024-10-24T18:15:09.190",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Shenzhen Tuoshi Network Communications Co.,Ltd 5G CPE Router NR500-EA RG500UEAABxCOMSLICv3.2.2543.12.18 was discovered to contain a command injection vulnerability via the component at_command.asp."
}
],
"metrics": {},
"references": [
{
"url": "https://medium.com/%40sengkyaut/unauthenticated-factory-mode-reset-and-at-command-injection-in-jboneos-or-jbonecloud-firmware-1dec156b7ddd",
"source": "cve@mitre.org"
}
]
}

21
CVE-2024/CVE-2024-484xx/CVE-2024-48441.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-48441",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-24T18:15:09.583",
"lastModified": "2024-10-24T18:15:09.583",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Wuhan Tianyu Information Industry Co., Ltd Tianyu CPE Router CommonCPExCPETS_v3.2.468.11.04_P4 was discovered to contain a command injection vulnerability via the component at_command.asp."
}
],
"metrics": {},
"references": [
{
"url": "https://medium.com/%40sengkyaut/unauthenticated-factory-mode-reset-and-at-command-injection-in-jboneos-or-jbonecloud-firmware-1dec156b7ddd",
"source": "cve@mitre.org"
}
]
}

21
CVE-2024/CVE-2024-484xx/CVE-2024-48442.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-48442",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-24T18:15:09.890",
"lastModified": "2024-10-24T18:15:09.890",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Incorrect access control in Shenzhen Tuoshi Network Communications Co.,Ltd 5G CPE Router NR500-EA RG500UEAABxCOMSLICv3.2.2543.12.18 allows attackers to access the SSH protocol without authentication."
}
],
"metrics": {},
"references": [
{
"url": "https://medium.com/%40sengkyaut/unauthenticated-factory-mode-reset-and-at-command-injection-in-jboneos-or-jbonecloud-firmware-1dec156b7ddd",
"source": "cve@mitre.org"
}
]
}

29
CVE-2024/CVE-2024-484xx/CVE-2024-48454.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-48454",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-24T19:15:15.803",
"lastModified": "2024-10-24T19:15:15.803",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue in SourceCodester Purchase Order Management System v1.0 allows a remote attacker to execute arbitrary code via the /admin?page=user component"
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/N0zoM1z0/CVEs/blob/main/CVE-2024-48454.md",
"source": "cve@mitre.org"
},
{
"url": "https://www.sourcecodester.com/",
"source": "cve@mitre.org"
},
{
"url": "https://www.sourcecodester.com/php/14935/purchase-order-management-system-using-php-free-source-code.html",
"source": "cve@mitre.org"
}
]
}

25
CVE-2024/CVE-2024-485xx/CVE-2024-48514.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-48514",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-24T18:15:10.227",
"lastModified": "2024-10-24T18:15:10.227",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "php-heic-to-jpg <= 1.0.5 is vulnerable to remote code execution. An attacker who can upload heic images is able to execute code on the remote server via the file name. As a result, the CIA is no longer guaranteed. This affects php-heic-to-jpg 1.0.5 and below."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/MaestroError/php-heic-to-jpg",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/marcoris/CVEs/tree/master/CVE-2024-48514",
"source": "cve@mitre.org"
}
]
}

39
CVE-2024/CVE-2024-485xx/CVE-2024-48541.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-48541", "id": "CVE-2024-48541",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-10-24T17:15:17.060", "published": "2024-10-24T17:15:17.060",
"lastModified": "2024-10-24T17:15:17.060", "lastModified": "2024-10-24T19:35:04.263",
"vulnStatus": "Received", "vulnStatus": "Received",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -11,7 +11,42 @@
"value": "Incorrect access control in the firmware update and download processes of Ruochan Smart v4.4.7 allows attackers to access sensitive information by analyzing the code and data within the APK file." "value": "Incorrect access control in the firmware update and download processes of Ruochan Smart v4.4.7 allows attackers to access sensitive information by analyzing the code and data within the APK file."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.5,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"references": [ "references": [
{ {
"url": "http://www.ruochanit.com/", "url": "http://www.ruochanit.com/",

39
CVE-2024/CVE-2024-485xx/CVE-2024-48542.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-48542", "id": "CVE-2024-48542",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-10-24T17:15:17.163", "published": "2024-10-24T17:15:17.163",
"lastModified": "2024-10-24T17:15:17.163", "lastModified": "2024-10-24T19:35:05.013",
"vulnStatus": "Received", "vulnStatus": "Received",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -11,7 +11,42 @@
"value": "Incorrect access control in the firmware update and download processes of Yamaha Headphones Controller v1.6.7 allows attackers to access sensitive information by analyzing the code and data within the APK file." "value": "Incorrect access control in the firmware update and download processes of Yamaha Headphones Controller v1.6.7 allows attackers to access sensitive information by analyzing the code and data within the APK file."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.5,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/HankJames/Vul-Reports/blob/main/FirmwareLeakage/com.yamaha.sc.hpcontroller/com.yamaha.sc.hpcontroller.md", "url": "https://github.com/HankJames/Vul-Reports/blob/main/FirmwareLeakage/com.yamaha.sc.hpcontroller/com.yamaha.sc.hpcontroller.md",

39
CVE-2024/CVE-2024-485xx/CVE-2024-48545.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-48545", "id": "CVE-2024-48545",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-10-24T17:15:17.353", "published": "2024-10-24T17:15:17.353",
"lastModified": "2024-10-24T17:15:17.353", "lastModified": "2024-10-24T19:35:05.767",
"vulnStatus": "Received", "vulnStatus": "Received",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -11,7 +11,42 @@
"value": "Incorrect access control in the firmware update and download processes of IVY Smart v4.5.0 allows attackers to access sensitive information by analyzing the code and data within the APK file." "value": "Incorrect access control in the firmware update and download processes of IVY Smart v4.5.0 allows attackers to access sensitive information by analyzing the code and data within the APK file."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.5,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/HankJames/Vul-Reports/blob/main/FirmwareLeakage/com.ivyiot.IvySmart/com.ivyiot.IvySmart.md", "url": "https://github.com/HankJames/Vul-Reports/blob/main/FirmwareLeakage/com.ivyiot.IvySmart/com.ivyiot.IvySmart.md",

39
CVE-2024/CVE-2024-485xx/CVE-2024-48546.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-48546", "id": "CVE-2024-48546",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-10-24T17:15:17.447", "published": "2024-10-24T17:15:17.447",
"lastModified": "2024-10-24T17:15:17.447", "lastModified": "2024-10-24T19:35:06.563",
"vulnStatus": "Received", "vulnStatus": "Received",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -11,7 +11,42 @@
"value": "Incorrect access control in the firmware update and download processes of Wear Sync v1.2.0 allows attackers to access sensitive information by analyzing the code and data within the APK file." "value": "Incorrect access control in the firmware update and download processes of Wear Sync v1.2.0 allows attackers to access sensitive information by analyzing the code and data within the APK file."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.5,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/HankJames/Vul-Reports/blob/main/FirmwareLeakage/com.yingsheng.nadai/com.yingsheng.nadai.md", "url": "https://github.com/HankJames/Vul-Reports/blob/main/FirmwareLeakage/com.yingsheng.nadai/com.yingsheng.nadai.md",

39
CVE-2024/CVE-2024-485xx/CVE-2024-48547.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-48547", "id": "CVE-2024-48547",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-10-24T17:15:17.540", "published": "2024-10-24T17:15:17.540",
"lastModified": "2024-10-24T17:15:17.540", "lastModified": "2024-10-24T19:35:07.320",
"vulnStatus": "Received", "vulnStatus": "Received",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -11,7 +11,42 @@
"value": "Incorrect access control in the firmware update and download processes of DreamCatcher Life v1.8.7 allows attackers to access sensitive information by analyzing the code and data within the APK file." "value": "Incorrect access control in the firmware update and download processes of DreamCatcher Life v1.8.7 allows attackers to access sensitive information by analyzing the code and data within the APK file."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.5,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/HankJames/Vul-Reports/blob/main/FirmwareLeakage/com.dc.dreamcatcherlife/com.dc.dreamcatcherlife.md", "url": "https://github.com/HankJames/Vul-Reports/blob/main/FirmwareLeakage/com.dc.dreamcatcherlife/com.dc.dreamcatcherlife.md",

140
CVE-2024/CVE-2024-498xx/CVE-2024-49863.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-49863", "id": "CVE-2024-49863",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T18:15:06.120", "published": "2024-10-21T18:15:06.120",
"lastModified": "2024-10-23T15:13:58.783", "lastModified": "2024-10-24T19:43:56.103",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,35 +15,155 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: vhost/scsi: null-ptr-dereference en vhost_scsi_get_req() Desde el commit 3f8ca2e115e5 (\"vhost/scsi: Extraer c\u00f3digo de manejo com\u00fan del manejador de cola de control\"), se puede activar un error de desreferencia de puntero nulo cuando el invitado env\u00eda una solicitud SCSI AN. En vhost_scsi_ctl_handle_vq(), `vc.target` se asigna con `&amp;v_req.tmf.lun[1]` dentro de un bloque switch-case y luego se pasa a vhost_scsi_get_req() que extrae `vc-&gt;req` y `tpg`. Sin embargo, para una solicitud `VIRTIO_SCSI_T_AN_*`, tpg no es necesario, por lo que `vc.target` se establece en NULL en esta rama. M\u00e1s adelante, en vhost_scsi_get_req(), `vc-&gt;target` se desreferencia sin comprobarlo, lo que genera un error de desreferencia de puntero nulo. Este error se puede activar desde el invitado. Cuando se produce este error, el proceso vhost_worker se elimina mientras mantiene `vq-&gt;mutex` y el tpg correspondiente permanecer\u00e1 ocupado indefinidamente. A continuaci\u00f3n se muestra el informe de KASAN: Oops: error de protecci\u00f3n general, probablemente para la direcci\u00f3n no can\u00f3nica 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN NOPTI KASAN: null-ptr-deref en el rango [0x000000000000000-0x0000000000000007] CPU: 1 PID: 840 Comm: poc No contaminado 6.10.0+ #1 Nombre del hardware: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 RIP: 0010:vhost_scsi_get_req+0x165/0x3a0 C\u00f3digo: 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 2b 02 00 00 48 b8 00 00 00 00 00 fc ff df 4d 8b 65 30 4c 89 e2 48 c1 ea 03 b6 04 4 c 89 e2 83 e2 07 38 d0 7f 08 84 c0 0f 85 be 01 00 00 RSP: 0018:ffff888017affb50 EFLAGS: 00010246 RAX: dffffc0000000000 RBX: ffff88801b000000 RCX: 00000000000000000 RDX: 00000000000000000 RSI: 0000000000000000 RDI: ffff888017affcb8 RBP: ffff888017affb80 R08: 0000000000000000 R09: 0000000000000000 R10: 000000000000000 R11: 0000000000000000 R12: 0000000000000000 R13: ffff888017affc88 R14: ffff888017affd1c R15: ffff888017993000 FS: 000055556e076500(0000) GS:ffff88806b100000(0000) knlGS:00000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00000000200027c0 CR3: 0000000010ed0004 CR4: 0000000000370ef0 Seguimiento de llamadas: ? show_regs+0x86/0xa0 ? die_addr+0x4b/0xd0 ? exc_general_protection+0x163/0x260 ? asm_exc_general_protection+0x27/0x30 ? vhost_scsi_get_req+0x165/0x3a0 vhost_scsi_ctl_handle_vq+0x2a4/0xca0 ? __pfx_vhost_scsi_ctl_handle_vq+0x10/0x10 ? __switch_to+0x721/0xeb0 ? __schedule+0xda5/0x5710 ? __kasan_check_write+0x14/0x30 ? _raw_spin_lock+0x82/0xf0 vhost_scsi_ctl_handle_kick+0x52/0x90 vhost_run_work_list+0x134/0x1b0 vhost_task_fn+0x121/0x350 ... ---[ fin del seguimiento 000000000000000 ]--- Agreguemos una comprobaci\u00f3n en vhost_scsi_get_req. [se corrigen los espacios en blanco]" "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: vhost/scsi: null-ptr-dereference en vhost_scsi_get_req() Desde el commit 3f8ca2e115e5 (\"vhost/scsi: Extraer c\u00f3digo de manejo com\u00fan del manejador de cola de control\"), se puede activar un error de desreferencia de puntero nulo cuando el invitado env\u00eda una solicitud SCSI AN. En vhost_scsi_ctl_handle_vq(), `vc.target` se asigna con `&amp;v_req.tmf.lun[1]` dentro de un bloque switch-case y luego se pasa a vhost_scsi_get_req() que extrae `vc-&gt;req` y `tpg`. Sin embargo, para una solicitud `VIRTIO_SCSI_T_AN_*`, tpg no es necesario, por lo que `vc.target` se establece en NULL en esta rama. M\u00e1s adelante, en vhost_scsi_get_req(), `vc-&gt;target` se desreferencia sin comprobarlo, lo que genera un error de desreferencia de puntero nulo. Este error se puede activar desde el invitado. Cuando se produce este error, el proceso vhost_worker se elimina mientras mantiene `vq-&gt;mutex` y el tpg correspondiente permanecer\u00e1 ocupado indefinidamente. A continuaci\u00f3n se muestra el informe de KASAN: Oops: error de protecci\u00f3n general, probablemente para la direcci\u00f3n no can\u00f3nica 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN NOPTI KASAN: null-ptr-deref en el rango [0x000000000000000-0x0000000000000007] CPU: 1 PID: 840 Comm: poc No contaminado 6.10.0+ #1 Nombre del hardware: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 RIP: 0010:vhost_scsi_get_req+0x165/0x3a0 C\u00f3digo: 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 2b 02 00 00 48 b8 00 00 00 00 00 fc ff df 4d 8b 65 30 4c 89 e2 48 c1 ea 03 b6 04 4 c 89 e2 83 e2 07 38 d0 7f 08 84 c0 0f 85 be 01 00 00 RSP: 0018:ffff888017affb50 EFLAGS: 00010246 RAX: dffffc0000000000 RBX: ffff88801b000000 RCX: 00000000000000000 RDX: 00000000000000000 RSI: 0000000000000000 RDI: ffff888017affcb8 RBP: ffff888017affb80 R08: 0000000000000000 R09: 0000000000000000 R10: 000000000000000 R11: 0000000000000000 R12: 0000000000000000 R13: ffff888017affc88 R14: ffff888017affd1c R15: ffff888017993000 FS: 000055556e076500(0000) GS:ffff88806b100000(0000) knlGS:00000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00000000200027c0 CR3: 0000000010ed0004 CR4: 0000000000370ef0 Seguimiento de llamadas: ? show_regs+0x86/0xa0 ? die_addr+0x4b/0xd0 ? exc_general_protection+0x163/0x260 ? asm_exc_general_protection+0x27/0x30 ? vhost_scsi_get_req+0x165/0x3a0 vhost_scsi_ctl_handle_vq+0x2a4/0xca0 ? __pfx_vhost_scsi_ctl_handle_vq+0x10/0x10 ? __switch_to+0x721/0xeb0 ? __schedule+0xda5/0x5710 ? __kasan_check_write+0x14/0x30 ? _raw_spin_lock+0x82/0xf0 vhost_scsi_ctl_handle_kick+0x52/0x90 vhost_run_work_list+0x134/0x1b0 vhost_task_fn+0x121/0x350 ... ---[ fin del seguimiento 000000000000000 ]--- Agreguemos una comprobaci\u00f3n en vhost_scsi_get_req. [se corrigen los espacios en blanco]"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.10.227",
"matchCriteriaId": "BD12FA67-D2AC-4EB0-BED4-7D4E94D30EF8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.168",
"matchCriteriaId": "4D51C05D-455B-4D8D-89E7-A58E140B864C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.113",
"matchCriteriaId": "D01BD22E-ACD1-4618-9D01-6116570BE1EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.55",
"matchCriteriaId": "E90B9576-56C4-47BC-AAB0-C5B2D438F5D0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.14",
"matchCriteriaId": "4C16BCE0-FFA0-4599-BE0A-1FD65101C021"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.11",
"versionEndExcluding": "6.11.3",
"matchCriteriaId": "54D9C704-D679-41A7-9C40-10A6B1E7FFE9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*",
"matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/00fb5b23e1c9cdbe496f5cd6b40367cb895f6c93", "url": "https://git.kernel.org/stable/c/00fb5b23e1c9cdbe496f5cd6b40367cb895f6c93",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/221af82f606d928ccef19a16d35633c63026f1be", "url": "https://git.kernel.org/stable/c/221af82f606d928ccef19a16d35633c63026f1be",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/25613e6d9841a1f9fb985be90df921fa99f800de", "url": "https://git.kernel.org/stable/c/25613e6d9841a1f9fb985be90df921fa99f800de",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/46128370a72c431df733af5ebb065c4d48c9ad39", "url": "https://git.kernel.org/stable/c/46128370a72c431df733af5ebb065c4d48c9ad39",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/61517f33e76d2c5247c1e61e668693afe5b67e6f", "url": "https://git.kernel.org/stable/c/61517f33e76d2c5247c1e61e668693afe5b67e6f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/6592347f06e2b19a624270a85ad4b3ae48c3b241", "url": "https://git.kernel.org/stable/c/6592347f06e2b19a624270a85ad4b3ae48c3b241",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/ace9c778a214da9c98d7b69d904d1b0816f4f681", "url": "https://git.kernel.org/stable/c/ace9c778a214da9c98d7b69d904d1b0816f4f681",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

87
CVE-2024/CVE-2024-498xx/CVE-2024-49876.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-49876", "id": "CVE-2024-49876",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T18:15:09.450", "published": "2024-10-21T18:15:09.450",
"lastModified": "2024-10-23T15:13:58.783", "lastModified": "2024-10-24T19:57:06.843",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,19 +15,94 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/xe: corregir UAF en torno a la destrucci\u00f3n de cola Actualmente hacemos cosas como poner en cola el paso de destrucci\u00f3n final en un wq de sistema aleatorio, que sobrevivir\u00e1 a la instancia del controlador. Con un mal momento, podemos desmantelar el controlador con una o m\u00e1s colas de trabajo de trabajo a\u00fan activas, lo que genera varios splats de UAF. Agregue un paso fini para garantizar que las colas de usuario se desmantelen correctamente. En este punto, GuC ya deber\u00eda estar destruido, por lo que la cola en s\u00ed ya no deber\u00eda ser referenciada desde el punto de vista del hardware. v2 (Matt B): parece mucho m\u00e1s seguro usar una cola de espera y luego simplemente esperar a que xa_array se vac\u00ede antes de activar el drenaje. (seleccionado de el commit 861108666cc0e999cffeab6aff17b662e68774e3)" "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/xe: corregir UAF en torno a la destrucci\u00f3n de cola Actualmente hacemos cosas como poner en cola el paso de destrucci\u00f3n final en un wq de sistema aleatorio, que sobrevivir\u00e1 a la instancia del controlador. Con un mal momento, podemos desmantelar el controlador con una o m\u00e1s colas de trabajo de trabajo a\u00fan activas, lo que genera varios splats de UAF. Agregue un paso fini para garantizar que las colas de usuario se desmantelen correctamente. En este punto, GuC ya deber\u00eda estar destruido, por lo que la cola en s\u00ed ya no deber\u00eda ser referenciada desde el punto de vista del hardware. v2 (Matt B): parece mucho m\u00e1s seguro usar una cola de espera y luego simplemente esperar a que xa_array se vac\u00ede antes de activar el drenaje. (seleccionado de el commit 861108666cc0e999cffeab6aff17b662e68774e3)"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.8",
"versionEndExcluding": "6.10.14",
"matchCriteriaId": "0E3AE738-A62B-4806-9D9C-933998214C6A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.11",
"versionEndExcluding": "6.11.3",
"matchCriteriaId": "54D9C704-D679-41A7-9C40-10A6B1E7FFE9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/272b0e78874586d6ccae04079d75b27b47705544", "url": "https://git.kernel.org/stable/c/272b0e78874586d6ccae04079d75b27b47705544",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/2d2be279f1ca9e7288282d4214f16eea8a727cdb", "url": "https://git.kernel.org/stable/c/2d2be279f1ca9e7288282d4214f16eea8a727cdb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/421c74670b0f9d5c007f1276d3647aa58f407fde", "url": "https://git.kernel.org/stable/c/421c74670b0f9d5c007f1276d3647aa58f407fde",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

150
CVE-2024/CVE-2024-498xx/CVE-2024-49877.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-49877", "id": "CVE-2024-49877",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T18:15:09.657", "published": "2024-10-21T18:15:09.657",
"lastModified": "2024-10-23T15:13:58.783", "lastModified": "2024-10-24T19:58:55.383",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,35 +15,165 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ocfs2: se corrige una posible desreferencia de puntero nulo en ocfs2_set_buffer_uptodate. Al realizar una limpieza, si hay indicadores sin OCFS2_BH_READAHEAD, puede provocar una desreferencia de puntero NULL en el siguiente ocfs2_set_buffer_uptodate() si bh es NULL." "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ocfs2: se corrige una posible desreferencia de puntero nulo en ocfs2_set_buffer_uptodate. Al realizar una limpieza, si hay indicadores sin OCFS2_BH_READAHEAD, puede provocar una desreferencia de puntero NULL en el siguiente ocfs2_set_buffer_uptodate() si bh es NULL."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.10.227",
"matchCriteriaId": "BD12FA67-D2AC-4EB0-BED4-7D4E94D30EF8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.168",
"matchCriteriaId": "4D51C05D-455B-4D8D-89E7-A58E140B864C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.113",
"matchCriteriaId": "D01BD22E-ACD1-4618-9D01-6116570BE1EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.55",
"matchCriteriaId": "E90B9576-56C4-47BC-AAB0-C5B2D438F5D0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.14",
"matchCriteriaId": "4C16BCE0-FFA0-4599-BE0A-1FD65101C021"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.11",
"versionEndExcluding": "6.11.3",
"matchCriteriaId": "54D9C704-D679-41A7-9C40-10A6B1E7FFE9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:4.4.204:*:*:*:*:*:*:*",
"matchCriteriaId": "4CD0C33E-F341-44B8-BD8E-BDFE6954476A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:4.9.204:*:*:*:*:*:*:*",
"matchCriteriaId": "C4000497-39AF-4DC4-9B31-71D5611DD9E0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:4.14.157:*:*:*:*:*:*:*",
"matchCriteriaId": "C1D9C583-BA78-4ABB-8A07-528B6053D90F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:4.19.87:*:*:*:*:*:*:*",
"matchCriteriaId": "B063F8FB-11F3-4592-A40B-7150C0FDE562"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/01cb2e751cc61ade454c9bc1aaa2eac1f8197112", "url": "https://git.kernel.org/stable/c/01cb2e751cc61ade454c9bc1aaa2eac1f8197112",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/33b525cef4cff49e216e4133cc48452e11c0391e", "url": "https://git.kernel.org/stable/c/33b525cef4cff49e216e4133cc48452e11c0391e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/46b1edf0536a5291a8ad2337f88c926214b209d9", "url": "https://git.kernel.org/stable/c/46b1edf0536a5291a8ad2337f88c926214b209d9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/4846e72ab5a0726e49ad4188b9d9df091ae78c64", "url": "https://git.kernel.org/stable/c/4846e72ab5a0726e49ad4188b9d9df091ae78c64",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/61b84013e560382cbe7dd56758be3154d43a3988", "url": "https://git.kernel.org/stable/c/61b84013e560382cbe7dd56758be3154d43a3988",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/d52c5652e7dcb7a0648bbb8642cc3e617070ab49", "url": "https://git.kernel.org/stable/c/d52c5652e7dcb7a0648bbb8642cc3e617070ab49",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/df944dc46d06af65a75191183d52be017e6b9dbe", "url": "https://git.kernel.org/stable/c/df944dc46d06af65a75191183d52be017e6b9dbe",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

130
CVE-2024/CVE-2024-498xx/CVE-2024-49879.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-49879", "id": "CVE-2024-49879",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T18:15:10.147", "published": "2024-10-21T18:15:10.147",
"lastModified": "2024-10-23T15:13:58.783", "lastModified": "2024-10-24T19:59:12.897",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,35 +15,145 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm: omapdrm: Agregar comprobaci\u00f3n faltante para alloc_ordered_workqueue, ya que puede devolver un puntero NULL y provocar una desreferencia del puntero NULL. Agregar comprobaci\u00f3n para el valor de retorno de alloc_ordered_workqueue." "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm: omapdrm: Agregar comprobaci\u00f3n faltante para alloc_ordered_workqueue, ya que puede devolver un puntero NULL y provocar una desreferencia del puntero NULL. Agregar comprobaci\u00f3n para el valor de retorno de alloc_ordered_workqueue."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.11",
"versionEndExcluding": "5.10.227",
"matchCriteriaId": "E02B18E0-7618-4F55-A9D9-FC9A13DCDEEF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.168",
"matchCriteriaId": "4D51C05D-455B-4D8D-89E7-A58E140B864C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.113",
"matchCriteriaId": "D01BD22E-ACD1-4618-9D01-6116570BE1EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.55",
"matchCriteriaId": "E90B9576-56C4-47BC-AAB0-C5B2D438F5D0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.10.14",
"matchCriteriaId": "4C16BCE0-FFA0-4599-BE0A-1FD65101C021"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.11",
"versionEndExcluding": "6.11.3",
"matchCriteriaId": "54D9C704-D679-41A7-9C40-10A6B1E7FFE9"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/0d71916694aceb207fefecf62dfa811ec1108bbd", "url": "https://git.kernel.org/stable/c/0d71916694aceb207fefecf62dfa811ec1108bbd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/2bda89735199683b03f55b807bd1e31a3857520b", "url": "https://git.kernel.org/stable/c/2bda89735199683b03f55b807bd1e31a3857520b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/334de68eda2b99892ba869c15cb59bc956fd9f42", "url": "https://git.kernel.org/stable/c/334de68eda2b99892ba869c15cb59bc956fd9f42",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/b57b53e8ffcdfda87d954fc4187426a54fe75a3d", "url": "https://git.kernel.org/stable/c/b57b53e8ffcdfda87d954fc4187426a54fe75a3d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/e60b0d3b5aa2e8d934deca9e11215af84e632bc9", "url": "https://git.kernel.org/stable/c/e60b0d3b5aa2e8d934deca9e11215af84e632bc9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/e794b7b9b92977365c693760a259f8eef940c536", "url": "https://git.kernel.org/stable/c/e794b7b9b92977365c693760a259f8eef940c536",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/f37a1d9e5e22d5489309c3cd2db476dcdcc6530c", "url": "https://git.kernel.org/stable/c/f37a1d9e5e22d5489309c3cd2db476dcdcc6530c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

81
CVE-2024/CVE-2024-499xx/CVE-2024-49923.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-49923", "id": "CVE-2024-49923",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T18:15:14.390", "published": "2024-10-21T18:15:14.390",
"lastModified": "2024-10-23T15:13:25.583", "lastModified": "2024-10-24T19:43:27.327",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,19 +15,88 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amd/display: Pasar un valor distinto de nulo a dcn20_validate_apply_pipe_split_flags [QU\u00c9 Y C\u00d3MO] \"dcn20_validate_apply_pipe_split_flags\" desreferencia la combinaci\u00f3n y, por lo tanto, no puede ser un puntero nulo. Pasemos un puntero v\u00e1lido para evitar la desreferencia nula. Esto soluciona 2 problemas de FORWARD_NULL informados por Coverity." "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amd/display: Pasar un valor distinto de nulo a dcn20_validate_apply_pipe_split_flags [QU\u00c9 Y C\u00d3MO] \"dcn20_validate_apply_pipe_split_flags\" desreferencia la combinaci\u00f3n y, por lo tanto, no puede ser un puntero nulo. Pasemos un puntero v\u00e1lido para evitar la desreferencia nula. Esto soluciona 2 problemas de FORWARD_NULL informados por Coverity."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.10.14",
"matchCriteriaId": "652638C5-5F25-4DF3-AD42-DD3252A97152"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.11",
"versionEndExcluding": "6.11.3",
"matchCriteriaId": "54D9C704-D679-41A7-9C40-10A6B1E7FFE9"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/5559598742fb4538e4c51c48ef70563c49c2af23", "url": "https://git.kernel.org/stable/c/5559598742fb4538e4c51c48ef70563c49c2af23",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/85aa996ecfaa95d1e922867390502d23ce21b905", "url": "https://git.kernel.org/stable/c/85aa996ecfaa95d1e922867390502d23ce21b905",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/9a05270869f40c89f8d184fe2d37cb86e0d7e5f5", "url": "https://git.kernel.org/stable/c/9a05270869f40c89f8d184fe2d37cb86e0d7e5f5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

128
CVE-2024/CVE-2024-500xx/CVE-2024-50033.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-50033", "id": "CVE-2024-50033",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T20:15:16.477", "published": "2024-10-21T20:15:16.477",
"lastModified": "2024-10-23T15:12:34.673", "lastModified": "2024-10-24T19:56:04.097",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,31 +15,141 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: slip: hacer que slhc_remember() sea m\u00e1s robusto contra paquetes maliciosos syzbot descubri\u00f3 que slhc_remember() no realizaba comprobaciones contra paquetes maliciosos [1]. slhc_remember() solo comprobaba que el tama\u00f1o del paquete fuera al menos 20, lo que no es suficiente. Necesitamos asegurarnos de que el paquete incluya los encabezados IPv4 y TCP que se supone que deben transportarse. Agregue punteros iph y th para que el c\u00f3digo sea m\u00e1s legible. [1] ERROR: KMSAN: valor no inicializado en slhc_remember+0x2e8/0x7b0 drivers/net/slip/slhc.c:666 slhc_remember+0x2e8/0x7b0 drivers/net/slip/slhc.c:666 ppp_receive_nonmp_frame+0xe45/0x35e0 drivers/net/ppp/ppp_generic.c:2455 ppp_receive_frame drivers/net/ppp/ppp_generic.c:2372 [en l\u00ednea] ppp_do_recv+0x65f/0x40d0 drivers/net/ppp/ppp_generic.c:2212 ppp_input+0x7dc/0xe60 drivers/net/ppp/ppp_generic.c:2327 pppoe_rcv_core+0x1d3/0x720 drivers/net/ppp/pppoe.c:379 sk_backlog_rcv+0x13b/0x420 include/net/sock.h:1113 __release_sock+0x1da/0x330 net/core/sock.c:3072 release_sock+0x6b/0x250 net/core/sock.c:3626 pppoe_sendmsg+0x2b8/0xb90 drivers/net/ppp/pppoe.c:903 sock_sendmsg_nosec net/socket.c:729 [en l\u00ednea] __sock_sendmsg+0x30f/0x380 net/socket.c:744 ____sys_sendmsg+0x903/0xb60 net/socket.c:2602 ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2656 __sys_sendmmsg+0x3c1/0x960 net/socket.c:2742 __do_sys_sendmmsg net/socket.c:2771 [en l\u00ednea] __se_sys_sendmmsg net/socket.c:2768 [en l\u00ednea] __x64_sys_sendmmsg+0xbc/0x120 net/socket.c:2768 x64_sys_call+0xb6e/0x3ba0 arch/x86/include/generated/asm/syscalls_64.h:308 do_syscall_x64 arch/x86/entry/common.c:52 [en l\u00ednea] do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f Uninit se cre\u00f3 en: slab_post_alloc_hook mm/slub.c:4091 [en l\u00ednea] slab_alloc_node mm/slub.c:4134 [en l\u00ednea] kmem_cache_alloc_node_noprof+0x6bf/0xb80 mm/slub.c:4186 kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:587 __alloc_skb+0x363/0x7b0 net/core/skbuff.c:678 alloc_skb include/linux/skbuff.h:1322 [en l\u00ednea] sock_wmalloc+0xfe/0x1a0 red/core/sock.c:2732 pppoe_sendmsg+0x3a7/0xb90 drivers/net/ppp/pppoe.c:867 sock_sendmsg_nosec red/socket.c:729 [en l\u00ednea] __sock_sendmsg+0x30f/0x380 red/socket.c:744 ____sys_sendmsg+0x903/0xb60 red/socket.c:2602 ___sys_sendmsg+0x28d/0x3c0 red/socket.c:2656 __sys_sendmmsg+0x3c1/0x960 red/socket.c:2742 __do_sys_sendmmsg red/socket.c:2771 [en l\u00ednea] __se_sys_sendmmsg net/socket.c:2768 [en l\u00ednea] __x64_sys_sendmmsg+0xbc/0x120 net/socket.c:2768 x64_sys_call+0xb6e/0x3ba0 arch/x86/include/generated/asm/syscalls_64.h:308 do_syscall_x64 arch/x86/entry/common.c:52 [en l\u00ednea] do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f CPU: 0 UID: 0 PID: 5460 Comm: syz.2.33 No contaminado 6.12.0-rc2-syzkaller-00006-g87d6aab2389e #0 Nombre del hardware: Google Google Compute Engine/Google Compute Engine, BIOS Google 13/09/2024" "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: slip: hacer que slhc_remember() sea m\u00e1s robusto contra paquetes maliciosos syzbot descubri\u00f3 que slhc_remember() no realizaba comprobaciones contra paquetes maliciosos [1]. slhc_remember() solo comprobaba que el tama\u00f1o del paquete fuera al menos 20, lo que no es suficiente. Necesitamos asegurarnos de que el paquete incluya los encabezados IPv4 y TCP que se supone que deben transportarse. Agregue punteros iph y th para que el c\u00f3digo sea m\u00e1s legible. [1] ERROR: KMSAN: valor no inicializado en slhc_remember+0x2e8/0x7b0 drivers/net/slip/slhc.c:666 slhc_remember+0x2e8/0x7b0 drivers/net/slip/slhc.c:666 ppp_receive_nonmp_frame+0xe45/0x35e0 drivers/net/ppp/ppp_generic.c:2455 ppp_receive_frame drivers/net/ppp/ppp_generic.c:2372 [en l\u00ednea] ppp_do_recv+0x65f/0x40d0 drivers/net/ppp/ppp_generic.c:2212 ppp_input+0x7dc/0xe60 drivers/net/ppp/ppp_generic.c:2327 pppoe_rcv_core+0x1d3/0x720 drivers/net/ppp/pppoe.c:379 sk_backlog_rcv+0x13b/0x420 include/net/sock.h:1113 __release_sock+0x1da/0x330 net/core/sock.c:3072 release_sock+0x6b/0x250 net/core/sock.c:3626 pppoe_sendmsg+0x2b8/0xb90 drivers/net/ppp/pppoe.c:903 sock_sendmsg_nosec net/socket.c:729 [en l\u00ednea] __sock_sendmsg+0x30f/0x380 net/socket.c:744 ____sys_sendmsg+0x903/0xb60 net/socket.c:2602 ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2656 __sys_sendmmsg+0x3c1/0x960 net/socket.c:2742 __do_sys_sendmmsg net/socket.c:2771 [en l\u00ednea] __se_sys_sendmmsg net/socket.c:2768 [en l\u00ednea] __x64_sys_sendmmsg+0xbc/0x120 net/socket.c:2768 x64_sys_call+0xb6e/0x3ba0 arch/x86/include/generated/asm/syscalls_64.h:308 do_syscall_x64 arch/x86/entry/common.c:52 [en l\u00ednea] do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f Uninit se cre\u00f3 en: slab_post_alloc_hook mm/slub.c:4091 [en l\u00ednea] slab_alloc_node mm/slub.c:4134 [en l\u00ednea] kmem_cache_alloc_node_noprof+0x6bf/0xb80 mm/slub.c:4186 kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:587 __alloc_skb+0x363/0x7b0 net/core/skbuff.c:678 alloc_skb include/linux/skbuff.h:1322 [en l\u00ednea] sock_wmalloc+0xfe/0x1a0 red/core/sock.c:2732 pppoe_sendmsg+0x3a7/0xb90 drivers/net/ppp/pppoe.c:867 sock_sendmsg_nosec red/socket.c:729 [en l\u00ednea] __sock_sendmsg+0x30f/0x380 red/socket.c:744 ____sys_sendmsg+0x903/0xb60 red/socket.c:2602 ___sys_sendmsg+0x28d/0x3c0 red/socket.c:2656 __sys_sendmmsg+0x3c1/0x960 red/socket.c:2742 __do_sys_sendmmsg red/socket.c:2771 [en l\u00ednea] __se_sys_sendmmsg net/socket.c:2768 [en l\u00ednea] __x64_sys_sendmmsg+0xbc/0x120 net/socket.c:2768 x64_sys_call+0xb6e/0x3ba0 arch/x86/include/generated/asm/syscalls_64.h:308 do_syscall_x64 arch/x86/entry/common.c:52 [en l\u00ednea] do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f CPU: 0 UID: 0 PID: 5460 Comm: syz.2.33 No contaminado 6.12.0-rc2-syzkaller-00006-g87d6aab2389e #0 Nombre del hardware: Google Google Compute Engine/Google Compute Engine, BIOS Google 13/09/2024"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-908"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.2",
"versionEndExcluding": "5.10.227",
"matchCriteriaId": "6183BF3B-0B09-4239-A6D3-80AFCA3B0CEB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.168",
"matchCriteriaId": "4D51C05D-455B-4D8D-89E7-A58E140B864C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.113",
"matchCriteriaId": "D01BD22E-ACD1-4618-9D01-6116570BE1EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.57",
"matchCriteriaId": "05D83DB8-7465-4F88-AFB2-980011992AC1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.11.4",
"matchCriteriaId": "AA84D336-CE9A-4535-B901-1AD77EC17C34"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*",
"matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/29e8d96d44f51cf89a62dd042be35d052833b95c", "url": "https://git.kernel.org/stable/c/29e8d96d44f51cf89a62dd042be35d052833b95c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/36b054324d18e51cf466134e13b6fbe3c91f52af", "url": "https://git.kernel.org/stable/c/36b054324d18e51cf466134e13b6fbe3c91f52af",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/5e336384cc9b608e0551f99c3d87316ca3b0e51a", "url": "https://git.kernel.org/stable/c/5e336384cc9b608e0551f99c3d87316ca3b0e51a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/7d3fce8cbe3a70a1c7c06c9b53696be5d5d8dd5c", "url": "https://git.kernel.org/stable/c/7d3fce8cbe3a70a1c7c06c9b53696be5d5d8dd5c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/8bb79eb1db85a10865f0d4dd15b013def3f2d246", "url": "https://git.kernel.org/stable/c/8bb79eb1db85a10865f0d4dd15b013def3f2d246",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/ff5e0f895315706e4ca5a19df15be6866cee4f5d", "url": "https://git.kernel.org/stable/c/ff5e0f895315706e4ca5a19df15be6866cee4f5d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

80
CVE-2024/CVE-2024-500xx/CVE-2024-50034.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-50034", "id": "CVE-2024-50034",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T20:15:16.553", "published": "2024-10-21T20:15:16.553",
"lastModified": "2024-10-23T15:12:34.673", "lastModified": "2024-10-24T19:56:29.170",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,15 +15,85 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net/smc: corrige la falta de icsk_syn_mss con IPPROTO_SMC Eric informa un p\u00e1nico en IPPROTO_SMC y proporciona los hechos de que cuando se configura INET_PROTOSW_ICSK, tambi\u00e9n se debe configurar icsk-&gt;icsk_sync_mss. Error: No se puede manejar la desreferencia del puntero NULL del n\u00facleo en la direcci\u00f3n virtual 0000000000000000 Informaci\u00f3n de aborto de memoria: ESR = 0x0000000086000005 EC = 0x21: IABT (EL actual), IL = 32 bits SET = 0, FnV = 0 EA = 0, S1PTW = 0 FSC = 0x05: error de traducci\u00f3n de nivel 1 usuario pgtable: 4k p\u00e1ginas, VA de 48 bits, pgdp=00000001195d1000 [000000000000000] pgd=0800000109c46003, p4d=0800000109c46003, pud=000000000000000 Error interno: Oops: 0000000086000005 [#1] M\u00f3dulos PREEMPT SMP vinculados en: CPU: 1 UID: 0 PID: 8037 Comm: syz.3.265 No contaminado 6.11.0-rc7-syzkaller-g5f5673607153 #0 Nombre del hardware: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : 0x0 lr : cipso_v4_sock_setattr+0x2a8/0x3c0 net/ipv4/cipso_ipv4.c:1910 sp : ffff80009b887a90 x29: ffff80009b887aa0 x28: ffff80008db94050 x27: 0000000000000000 x26: 1fffe0001aa6f5b3 x25: dfff800000000000 x24: ffff0000db75da00 x23: 0000000 x22: ffff0000d8b78518 x21: 0000000000000000 x20: ffff0000d537ad80 x19: ffff0000d8b78000 x18: 1fffe000366d79ee x17: ffff8000800614a8 x16: ffff800080569b84 x15: 0000000000000001 x14: 000000008b336894 x13: 00000000cd96feaa x12: 0000000000000003 x11: 0000000000040000 x10: 00000000000020a3 x9: 1fffe0001b16f0f1 x8: 0000000000000000 x7: 0000000000000000 x6: 000000000000003f x5: 0000000000000040 x4 : 00000000000000001 x3 : 0000000000000000 x2 : 0000000000000002 x1 : 0000000000000000 x0 : ffff0000d8b78000 Rastreo de llamadas: 0x0 netlbl_sock_setattr+0x2e4/0x338 net/netlabel/netlabel_kapi.c:1000 smack_netlbl_add+0xa4/0x154 security/smack/smack_lsm.c:2593 smack_socket_post_create+0xa8/0x14c security/smack/smack_lsm.c:2973 security_socket_post_create+0x94/0xd4 seguridad/seguridad.c:4425 __sock_create+0x4c8/0x884 red/socket.c:1587 sock_create red/socket.c:1622 [en l\u00ednea] __sys_socket_create red/socket.c:1659 [en l\u00ednea] __sys_socket+0x134/0x340 red/socket.c:1706 __do_sys_socket red/socket.c:1720 [en l\u00ednea] __se_sys_socket red/socket.c:1718 [en l\u00ednea] __arm64_sys_socket+0x7c/0x94 red/socket.c:1718 __invoke_syscall arch/arm64/kernel/syscall.c:35 [en l\u00ednea] invocar_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151 el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:712 el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:730 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598 C\u00f3digo: ???????? ???????? ???????? ???????? (????????) ---[ fin del seguimiento 0000000000000000 ]--- Este parche agrega una implementaci\u00f3n de juguete que realiza un retorno simple para evitar tal p\u00e1nico. Esto se debe a que MSS se puede configurar en sock_create_kern o smc_setsockopt, de manera similar a como se hace en AF_SMC. Sin embargo, para AF_SMC, actualmente no hay forma de sincronizar MSS dentro de __sys_connect_file. Esta implementaci\u00f3n de juguete sienta las bases para que admitamos dicha funci\u00f3n para IPPROTO_SMC en el futuro." "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net/smc: corrige la falta de icsk_syn_mss con IPPROTO_SMC Eric informa un p\u00e1nico en IPPROTO_SMC y proporciona los hechos de que cuando se configura INET_PROTOSW_ICSK, tambi\u00e9n se debe configurar icsk-&gt;icsk_sync_mss. Error: No se puede manejar la desreferencia del puntero NULL del n\u00facleo en la direcci\u00f3n virtual 0000000000000000 Informaci\u00f3n de aborto de memoria: ESR = 0x0000000086000005 EC = 0x21: IABT (EL actual), IL = 32 bits SET = 0, FnV = 0 EA = 0, S1PTW = 0 FSC = 0x05: error de traducci\u00f3n de nivel 1 usuario pgtable: 4k p\u00e1ginas, VA de 48 bits, pgdp=00000001195d1000 [000000000000000] pgd=0800000109c46003, p4d=0800000109c46003, pud=000000000000000 Error interno: Oops: 0000000086000005 [#1] M\u00f3dulos PREEMPT SMP vinculados en: CPU: 1 UID: 0 PID: 8037 Comm: syz.3.265 No contaminado 6.11.0-rc7-syzkaller-g5f5673607153 #0 Nombre del hardware: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : 0x0 lr : cipso_v4_sock_setattr+0x2a8/0x3c0 net/ipv4/cipso_ipv4.c:1910 sp : ffff80009b887a90 x29: ffff80009b887aa0 x28: ffff80008db94050 x27: 0000000000000000 x26: 1fffe0001aa6f5b3 x25: dfff800000000000 x24: ffff0000db75da00 x23: 0000000 x22: ffff0000d8b78518 x21: 0000000000000000 x20: ffff0000d537ad80 x19: ffff0000d8b78000 x18: 1fffe000366d79ee x17: ffff8000800614a8 x16: ffff800080569b84 x15: 0000000000000001 x14: 000000008b336894 x13: 00000000cd96feaa x12: 0000000000000003 x11: 0000000000040000 x10: 00000000000020a3 x9: 1fffe0001b16f0f1 x8: 0000000000000000 x7: 0000000000000000 x6: 000000000000003f x5: 0000000000000040 x4 : 00000000000000001 x3 : 0000000000000000 x2 : 0000000000000002 x1 : 0000000000000000 x0 : ffff0000d8b78000 Rastreo de llamadas: 0x0 netlbl_sock_setattr+0x2e4/0x338 net/netlabel/netlabel_kapi.c:1000 smack_netlbl_add+0xa4/0x154 security/smack/smack_lsm.c:2593 smack_socket_post_create+0xa8/0x14c security/smack/smack_lsm.c:2973 security_socket_post_create+0x94/0xd4 seguridad/seguridad.c:4425 __sock_create+0x4c8/0x884 red/socket.c:1587 sock_create red/socket.c:1622 [en l\u00ednea] __sys_socket_create red/socket.c:1659 [en l\u00ednea] __sys_socket+0x134/0x340 red/socket.c:1706 __do_sys_socket red/socket.c:1720 [en l\u00ednea] __se_sys_socket red/socket.c:1718 [en l\u00ednea] __arm64_sys_socket+0x7c/0x94 red/socket.c:1718 __invoke_syscall arch/arm64/kernel/syscall.c:35 [en l\u00ednea] invocar_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151 el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:712 el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:730 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598 C\u00f3digo: ???????? ???????? ???????? ???????? (????????) ---[ fin del seguimiento 0000000000000000 ]--- Este parche agrega una implementaci\u00f3n de juguete que realiza un retorno simple para evitar tal p\u00e1nico. Esto se debe a que MSS se puede configurar en sock_create_kern o smc_setsockopt, de manera similar a como se hace en AF_SMC. Sin embargo, para AF_SMC, actualmente no hay forma de sincronizar MSS dentro de __sys_connect_file. Esta implementaci\u00f3n de juguete sienta las bases para que admitamos dicha funci\u00f3n para IPPROTO_SMC en el futuro."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.11",
"versionEndExcluding": "6.11.4",
"matchCriteriaId": "66F99BD9-E74F-4CC8-834E-B73BD4643C7B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*",
"matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/44dc50df15f5bd4221d8f708885a9d49cda7f57e", "url": "https://git.kernel.org/stable/c/44dc50df15f5bd4221d8f708885a9d49cda7f57e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/6fd27ea183c208e478129a85e11d880fc70040f2", "url": "https://git.kernel.org/stable/c/6fd27ea183c208e478129a85e11d880fc70040f2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

128
CVE-2024/CVE-2024-500xx/CVE-2024-50035.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-50035", "id": "CVE-2024-50035",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T20:15:16.640", "published": "2024-10-21T20:15:16.640",
"lastModified": "2024-10-23T15:12:34.673", "lastModified": "2024-10-24T19:54:01.987",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,31 +15,141 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ppp: se corrige el acceso ilegal a ppp_async_encode() syzbot inform\u00f3 un problema en ppp_async_encode() [1] En este caso, se llama a pppoe_sendmsg() con un tama\u00f1o cero. Luego, se llama a ppp_async_encode() con un skb vac\u00edo. ERROR: KMSAN: valor no inicializado en ppp_async_encode drivers/net/ppp/ppp_async.c:545 [en l\u00ednea] ERROR: KMSAN: valor no inicializado en ppp_async_push+0xb4f/0x2660 drivers/net/ppp/ppp_async.c:675 ppp_async_encode drivers/net/ppp/ppp_async.c:545 [en l\u00ednea] ppp_async_push+0xb4f/0x2660 drivers/net/ppp/ppp_async.c:675 ppp_async_send+0x130/0x1b0 drivers/net/ppp/ppp_async.c:634 ppp_channel_bridge_input drivers/net/ppp/ppp_generic.c:2280 [en l\u00ednea] ppp_input+0x1f1/0xe60 drivers/net/ppp/ppp_generic.c:2304 pppoe_rcv_core+0x1d3/0x720 drivers/net/ppp/pppoe.c:379 sk_backlog_rcv+0x13b/0x420 include/net/sock.h:1113 __release_sock+0x1da/0x330 net/core/sock.c:3072 release_sock+0x6b/0x250 net/core/sock.c:3626 pppoe_sendmsg+0x2b8/0xb90 drivers/net/ppp/pppoe.c:903 sock_sendmsg_nosec net/socket.c:729 [en l\u00ednea] __sock_sendmsg+0x30f/0x380 red/socket.c:744 ____sys_sendmsg+0x903/0xb60 red/socket.c:2602 ___sys_sendmsg+0x28d/0x3c0 red/socket.c:2656 __sys_sendmmsg+0x3c1/0x960 red/socket.c:2742 __do_sys_sendmmsg red/socket.c:2771 [en l\u00ednea] __se_sys_sendmmsg red/socket.c:2768 [en l\u00ednea] __x64_sys_sendmmsg+0xbc/0x120 red/socket.c:2768 x64_sys_call+0xb6e/0x3ba0 arch/x86/include/generated/asm/syscalls_64.h:308 do_syscall_x64 arch/x86/entry/common.c:52 [en l\u00ednea] do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f Uninit se cre\u00f3 en: slab_post_alloc_hook mm/slub.c:4092 [en l\u00ednea] slab_alloc_node mm/slub.c:4135 [en l\u00ednea] kmem_cache_alloc_node_noprof+0x6bf/0xb80 mm/slub.c:4187 kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:587 __alloc_skb+0x363/0x7b0 red/core/skbuff.c:678 alloc_skb include/linux/skbuff.h:1322 [en l\u00ednea] sock_wmalloc+0xfe/0x1a0 red/core/sock.c:2732 pppoe_sendmsg+0x3a7/0xb90 drivers/net/ppp/pppoe.c:867 sock_sendmsg_nosec red/socket.c:729 [en l\u00ednea] __sock_sendmsg+0x30f/0x380 red/socket.c:744 ____sys_sendmsg+0x903/0xb60 red/socket.c:2602 ___sys_sendmsg+0x28d/0x3c0 red/socket.c:2656 __sys_sendmmsg+0x3c1/0x960 red/socket.c:2742 __do_sys_sendmmsg red/socket.c:2771 [en l\u00ednea] __se_sys_sendmmsg red/socket.c:2768 [en l\u00ednea] __x64_sys_sendmmsg+0xbc/0x120 red/socket.c:2768 x64_sys_call+0xb6e/0x3ba0 arch/x86/include/generated/asm/syscalls_64.h:308 do_syscall_x64 arch/x86/entry/common.c:52 [en l\u00ednea] do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f CPU: 1 UID: 0 PID: 5411 Comm: syz.1.14 No contaminado 6.12.0-rc1-syzkaller-00165-g360c1f1f24c6 #0 Nombre del hardware: Google Google Compute Engine/Google Compute Engine, BIOS Google 13/09/2024" "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ppp: se corrige el acceso ilegal a ppp_async_encode() syzbot inform\u00f3 un problema en ppp_async_encode() [1] En este caso, se llama a pppoe_sendmsg() con un tama\u00f1o cero. Luego, se llama a ppp_async_encode() con un skb vac\u00edo. ERROR: KMSAN: valor no inicializado en ppp_async_encode drivers/net/ppp/ppp_async.c:545 [en l\u00ednea] ERROR: KMSAN: valor no inicializado en ppp_async_push+0xb4f/0x2660 drivers/net/ppp/ppp_async.c:675 ppp_async_encode drivers/net/ppp/ppp_async.c:545 [en l\u00ednea] ppp_async_push+0xb4f/0x2660 drivers/net/ppp/ppp_async.c:675 ppp_async_send+0x130/0x1b0 drivers/net/ppp/ppp_async.c:634 ppp_channel_bridge_input drivers/net/ppp/ppp_generic.c:2280 [en l\u00ednea] ppp_input+0x1f1/0xe60 drivers/net/ppp/ppp_generic.c:2304 pppoe_rcv_core+0x1d3/0x720 drivers/net/ppp/pppoe.c:379 sk_backlog_rcv+0x13b/0x420 include/net/sock.h:1113 __release_sock+0x1da/0x330 net/core/sock.c:3072 release_sock+0x6b/0x250 net/core/sock.c:3626 pppoe_sendmsg+0x2b8/0xb90 drivers/net/ppp/pppoe.c:903 sock_sendmsg_nosec net/socket.c:729 [en l\u00ednea] __sock_sendmsg+0x30f/0x380 red/socket.c:744 ____sys_sendmsg+0x903/0xb60 red/socket.c:2602 ___sys_sendmsg+0x28d/0x3c0 red/socket.c:2656 __sys_sendmmsg+0x3c1/0x960 red/socket.c:2742 __do_sys_sendmmsg red/socket.c:2771 [en l\u00ednea] __se_sys_sendmmsg red/socket.c:2768 [en l\u00ednea] __x64_sys_sendmmsg+0xbc/0x120 red/socket.c:2768 x64_sys_call+0xb6e/0x3ba0 arch/x86/include/generated/asm/syscalls_64.h:308 do_syscall_x64 arch/x86/entry/common.c:52 [en l\u00ednea] do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f Uninit se cre\u00f3 en: slab_post_alloc_hook mm/slub.c:4092 [en l\u00ednea] slab_alloc_node mm/slub.c:4135 [en l\u00ednea] kmem_cache_alloc_node_noprof+0x6bf/0xb80 mm/slub.c:4187 kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:587 __alloc_skb+0x363/0x7b0 red/core/skbuff.c:678 alloc_skb include/linux/skbuff.h:1322 [en l\u00ednea] sock_wmalloc+0xfe/0x1a0 red/core/sock.c:2732 pppoe_sendmsg+0x3a7/0xb90 drivers/net/ppp/pppoe.c:867 sock_sendmsg_nosec red/socket.c:729 [en l\u00ednea] __sock_sendmsg+0x30f/0x380 red/socket.c:744 ____sys_sendmsg+0x903/0xb60 red/socket.c:2602 ___sys_sendmsg+0x28d/0x3c0 red/socket.c:2656 __sys_sendmmsg+0x3c1/0x960 red/socket.c:2742 __do_sys_sendmmsg red/socket.c:2771 [en l\u00ednea] __se_sys_sendmmsg red/socket.c:2768 [en l\u00ednea] __x64_sys_sendmmsg+0xbc/0x120 red/socket.c:2768 x64_sys_call+0xb6e/0x3ba0 arch/x86/include/generated/asm/syscalls_64.h:308 do_syscall_x64 arch/x86/entry/common.c:52 [en l\u00ednea] do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f CPU: 1 UID: 0 PID: 5411 Comm: syz.1.14 No contaminado 6.12.0-rc1-syzkaller-00165-g360c1f1f24c6 #0 Nombre del hardware: Google Google Compute Engine/Google Compute Engine, BIOS Google 13/09/2024"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-908"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.6.12",
"versionEndExcluding": "5.10.227",
"matchCriteriaId": "E346E1F4-278B-4263-B0B8-7234D7CC31E4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.168",
"matchCriteriaId": "4D51C05D-455B-4D8D-89E7-A58E140B864C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.113",
"matchCriteriaId": "D01BD22E-ACD1-4618-9D01-6116570BE1EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.57",
"matchCriteriaId": "05D83DB8-7465-4F88-AFB2-980011992AC1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.11.4",
"matchCriteriaId": "AA84D336-CE9A-4535-B901-1AD77EC17C34"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*",
"matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/30d91a478d58cbae3dbaa8224d17d0d839f0d71b", "url": "https://git.kernel.org/stable/c/30d91a478d58cbae3dbaa8224d17d0d839f0d71b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/40dddd4b8bd08a69471efd96107a4e1c73fabefc", "url": "https://git.kernel.org/stable/c/40dddd4b8bd08a69471efd96107a4e1c73fabefc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/8fe992ff3df493d1949922ca234419f3ede08dff", "url": "https://git.kernel.org/stable/c/8fe992ff3df493d1949922ca234419f3ede08dff",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/c007a14797240607038bd3464501109f408940e2", "url": "https://git.kernel.org/stable/c/c007a14797240607038bd3464501109f408940e2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/ce249a4c68d0ce27a8c5d853338d502e2711a314", "url": "https://git.kernel.org/stable/c/ce249a4c68d0ce27a8c5d853338d502e2711a314",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/fadf8fdb3110d3138e05c3765f645535434f8d76", "url": "https://git.kernel.org/stable/c/fadf8fdb3110d3138e05c3765f645535434f8d76",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

123
CVE-2024/CVE-2024-500xx/CVE-2024-50041.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-50041", "id": "CVE-2024-50041",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T20:15:17.133", "published": "2024-10-21T20:15:17.133",
"lastModified": "2024-10-23T15:12:34.673", "lastModified": "2024-10-24T19:31:39.373",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,27 +15,134 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: i40e: Corregir p\u00e9rdida de macvlan sincronizando el acceso a mac_filter_hash Este parche soluciona un problema de p\u00e9rdida de macvlan en el controlador i40e causado por el acceso simult\u00e1neo a vsi-&gt;mac_filter_hash. La p\u00e9rdida se produce cuando varios subprocesos intentan modificar mac_filter_hash simult\u00e1neamente, lo que genera un estado inconsistente y posibles p\u00e9rdidas de memoria. Para solucionar esto, ahora envolvemos las llamadas a i40e_del_mac_filter() y ponemos a cero vf-&gt;default_lan_addr.addr con spin_lock/unlock_bh(&amp;vsi-&gt;mac_filter_hash_lock), lo que garantiza operaciones at\u00f3micas y evita el acceso simult\u00e1neo. Adem\u00e1s, agregamos lockdep_assert_held(&amp;vsi-&gt;mac_filter_hash_lock) en i40e_add_mac_filter() para ayudar a detectar problemas similares en el futuro. Pasos de reproducci\u00f3n: 1. Genere VFs y configure el puerto VLAN en ellos. 2. Active operaciones MACVLAN simult\u00e1neas (por ejemplo, agregar y eliminar filtros MAC o PortVLAN). 3. Observe la posible p\u00e9rdida de memoria y el estado inconsistente en el hash de filtro MAC. Esta sincronizaci\u00f3n garantiza la integridad del hash de filtro MAC y evita la p\u00e9rdida descrita." "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: i40e: Corregir p\u00e9rdida de macvlan sincronizando el acceso a mac_filter_hash Este parche soluciona un problema de p\u00e9rdida de macvlan en el controlador i40e causado por el acceso simult\u00e1neo a vsi-&gt;mac_filter_hash. La p\u00e9rdida se produce cuando varios subprocesos intentan modificar mac_filter_hash simult\u00e1neamente, lo que genera un estado inconsistente y posibles p\u00e9rdidas de memoria. Para solucionar esto, ahora envolvemos las llamadas a i40e_del_mac_filter() y ponemos a cero vf-&gt;default_lan_addr.addr con spin_lock/unlock_bh(&amp;vsi-&gt;mac_filter_hash_lock), lo que garantiza operaciones at\u00f3micas y evita el acceso simult\u00e1neo. Adem\u00e1s, agregamos lockdep_assert_held(&amp;vsi-&gt;mac_filter_hash_lock) en i40e_add_mac_filter() para ayudar a detectar problemas similares en el futuro. Pasos de reproducci\u00f3n: 1. Genere VFs y configure el puerto VLAN en ellos. 2. Active operaciones MACVLAN simult\u00e1neas (por ejemplo, agregar y eliminar filtros MAC o PortVLAN). 3. Observe la posible p\u00e9rdida de memoria y el estado inconsistente en el hash de filtro MAC. Esta sincronizaci\u00f3n garantiza la integridad del hash de filtro MAC y evita la p\u00e9rdida descrita."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.15.54",
"versionEndExcluding": "5.15.168",
"matchCriteriaId": "D9429645-5F5B-486E-877E-5F2E0EB6202F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.18.11",
"versionEndExcluding": "5.19",
"matchCriteriaId": "3F904485-FC3F-4533-8CD9-B8208F0C4707"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.19",
"versionEndExcluding": "6.1.113",
"matchCriteriaId": "7D848431-3C7A-4C40-BC35-515047E89ABE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.57",
"matchCriteriaId": "05D83DB8-7465-4F88-AFB2-980011992AC1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.11.4",
"matchCriteriaId": "AA84D336-CE9A-4535-B901-1AD77EC17C34"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*",
"matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/703c4d820b31bcadf465288d5746c53445f02a55", "url": "https://git.kernel.org/stable/c/703c4d820b31bcadf465288d5746c53445f02a55",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/8831abff1bd5b6bc8224f0c0671f46fbd702b5b2", "url": "https://git.kernel.org/stable/c/8831abff1bd5b6bc8224f0c0671f46fbd702b5b2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/9a9747288ba0a9ad4f5c9877f18dd245770ad64e", "url": "https://git.kernel.org/stable/c/9a9747288ba0a9ad4f5c9877f18dd245770ad64e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/9db6ce9e2738b05a3672aff4d42169cf3bb5a3e3", "url": "https://git.kernel.org/stable/c/9db6ce9e2738b05a3672aff4d42169cf3bb5a3e3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/dac6c7b3d33756d6ce09f00a96ea2ecd79fae9fb", "url": "https://git.kernel.org/stable/c/dac6c7b3d33756d6ce09f00a96ea2ecd79fae9fb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

80
CVE-2024/CVE-2024-500xx/CVE-2024-50043.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-50043", "id": "CVE-2024-50043",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T20:15:17.263", "published": "2024-10-21T20:15:17.263",
"lastModified": "2024-10-23T15:12:34.673", "lastModified": "2024-10-24T19:32:21.480",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,15 +15,85 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: nfsd: corregir posible maldad en FREE_STATEID Cuando se env\u00edan m\u00faltiples FREE_STATEID para el mismo stateid de delegaci\u00f3n, puede conducir a un posible error de subdesbordamiento de contador o de use after free. En nfsd4_free_stateid() bajo el bloqueo del cliente encontramos un stateid de delegaci\u00f3n, sin embargo, el c\u00f3digo elimina el bloqueo antes de llamar a nfs4_put_stid(), que permite que otro FREE_STATE encuentre el stateid nuevamente. El primero proceder\u00e1 a liberar el stateid, lo que conduce a un use after free o a la disminuci\u00f3n del contador ya puesto a cero." "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: nfsd: corregir posible maldad en FREE_STATEID Cuando se env\u00edan m\u00faltiples FREE_STATEID para el mismo stateid de delegaci\u00f3n, puede conducir a un posible error de subdesbordamiento de contador o de use after free. En nfsd4_free_stateid() bajo el bloqueo del cliente encontramos un stateid de delegaci\u00f3n, sin embargo, el c\u00f3digo elimina el bloqueo antes de llamar a nfs4_put_stid(), que permite que otro FREE_STATE encuentre el stateid nuevamente. El primero proceder\u00e1 a liberar el stateid, lo que conduce a un use after free o a la disminuci\u00f3n del contador ya puesto a cero."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.9",
"versionEndExcluding": "6.11.4",
"matchCriteriaId": "2E4E4417-01B4-411F-8007-4D28ACC3C8F7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*",
"matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/7ca9e472ce5c67daa3188a348ece8c02a0765039", "url": "https://git.kernel.org/stable/c/7ca9e472ce5c67daa3188a348ece8c02a0765039",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/c88c150a467fcb670a1608e2272beeee3e86df6e", "url": "https://git.kernel.org/stable/c/c88c150a467fcb670a1608e2272beeee3e86df6e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

128
CVE-2024/CVE-2024-500xx/CVE-2024-50044.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-50044", "id": "CVE-2024-50044",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T20:15:17.313", "published": "2024-10-21T20:15:17.313",
"lastModified": "2024-10-23T15:12:34.673", "lastModified": "2024-10-24T19:36:12.717",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,31 +15,141 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: Bluetooth: RFCOMM: CORREGIR posible bloqueo en rfcomm_sk_state_change rfcomm_sk_state_change intenta usar sock_lock, por lo que nunca se debe llamar con \u00e9l bloqueado, pero rfcomm_sock_ioctl siempre intenta bloquearlo, lo que provoca el siguiente rastro: ======================================================= ADVERTENCIA: se ha detectado una posible dependencia de bloqueo circular 6.8.0-syzkaller-08951-gfe46a7dd189e #0 No contaminado ------------------------------------------------------ syz-executor386/5093 est\u00e1 intentando adquirir el bloqueo: ffff88807c396258 (sk_lock-AF_BLUETOOTH-BTPROTO_RFCOMM){+.+.}-{0:0}, en: lock_sock include/net/sock.h:1671 [en l\u00ednea] ffff88807c396258 (sk_lock-AF_BLUETOOTH-BTPROTO_RFCOMM){+.+.}-{0:0}, en: rfcomm_sk_state_change+0x5b/0x310 net/bluetooth/rfcomm/sock.c:73 pero la tarea ya tiene el bloqueo: ffff88807badfd28 (&amp;d-&gt;lock){+.+.}-{3:3}, en: __rfcomm_dlc_close+0x226/0x6a0 net/bluetooth/rfcomm/core.c:491" "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: Bluetooth: RFCOMM: CORREGIR posible bloqueo en rfcomm_sk_state_change rfcomm_sk_state_change intenta usar sock_lock, por lo que nunca se debe llamar con \u00e9l bloqueado, pero rfcomm_sock_ioctl siempre intenta bloquearlo, lo que provoca el siguiente rastro: ======================================================= ADVERTENCIA: se ha detectado una posible dependencia de bloqueo circular 6.8.0-syzkaller-08951-gfe46a7dd189e #0 No contaminado ------------------------------------------------------ syz-executor386/5093 est\u00e1 intentando adquirir el bloqueo: ffff88807c396258 (sk_lock-AF_BLUETOOTH-BTPROTO_RFCOMM){+.+.}-{0:0}, en: lock_sock include/net/sock.h:1671 [en l\u00ednea] ffff88807c396258 (sk_lock-AF_BLUETOOTH-BTPROTO_RFCOMM){+.+.}-{0:0}, en: rfcomm_sk_state_change+0x5b/0x310 net/bluetooth/rfcomm/sock.c:73 pero la tarea ya tiene el bloqueo: ffff88807badfd28 (&amp;d-&gt;lock){+.+.}-{3:3}, en: __rfcomm_dlc_close+0x226/0x6a0 net/bluetooth/rfcomm/core.c:491"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-667"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.6.27",
"versionEndExcluding": "5.10.227",
"matchCriteriaId": "F57D1442-15E5-4DEF-B815-CC318D489E35"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.168",
"matchCriteriaId": "4D51C05D-455B-4D8D-89E7-A58E140B864C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.113",
"matchCriteriaId": "D01BD22E-ACD1-4618-9D01-6116570BE1EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.57",
"matchCriteriaId": "05D83DB8-7465-4F88-AFB2-980011992AC1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.11.4",
"matchCriteriaId": "AA84D336-CE9A-4535-B901-1AD77EC17C34"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*",
"matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/08d1914293dae38350b8088980e59fbc699a72fe", "url": "https://git.kernel.org/stable/c/08d1914293dae38350b8088980e59fbc699a72fe",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/38b2d5a57d125e1c17661b8308c0240c4a43b534", "url": "https://git.kernel.org/stable/c/38b2d5a57d125e1c17661b8308c0240c4a43b534",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/496b2ab0fd10f205e08909a125485fdc98843dbe", "url": "https://git.kernel.org/stable/c/496b2ab0fd10f205e08909a125485fdc98843dbe",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/4cb9807c9b53bf1e5560420d26f319f528b50268", "url": "https://git.kernel.org/stable/c/4cb9807c9b53bf1e5560420d26f319f528b50268",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/ced98072d3511b232ae1d3347945f35f30c0e303", "url": "https://git.kernel.org/stable/c/ced98072d3511b232ae1d3347945f35f30c0e303",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/ef44274dae9b0a90d1a97ce8b242a3b8243a7745", "url": "https://git.kernel.org/stable/c/ef44274dae9b0a90d1a97ce8b242a3b8243a7745",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

128
CVE-2024/CVE-2024-500xx/CVE-2024-50045.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-50045", "id": "CVE-2024-50045",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T20:15:17.373", "published": "2024-10-21T20:15:17.373",
"lastModified": "2024-10-23T15:12:34.673", "lastModified": "2024-10-24T19:38:03.343",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,31 +15,141 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: netfilter: br_netfilter: fix panic with metadata_dst skb Corrige un p\u00e1nico del kernel en el m\u00f3dulo br_netfilter al enviar tr\u00e1fico sin etiquetar a trav\u00e9s de un dispositivo VxLAN. Esto sucede durante la comprobaci\u00f3n de fragmentaci\u00f3n en br_nf_dev_queue_xmit. Depende de: 1) que se est\u00e9 cargando el m\u00f3dulo br_netfilter; 2) que net.bridge.bridge-nf-call-iptables est\u00e9 establecido en 1; 3) que haya un puente con un netdevice VxLAN (single-vxlan-device) como puerto de puente; 4) que se hayan reenviado o inundado tramas sin etiquetar con un tama\u00f1o superior a la MTU de VxLAN. Al reenviar el paquete sin etiquetar al puerto de puente VxLAN, antes de que se llamen los ganchos de netfilter, se llama a br_handle_egress_vlan_tunnel y cambia skb_dst al dst del t\u00fanel. tunnel_dst es un tipo de metadatos de dst, es decir, skb_valid_dst(skb) es falso y metadata-&gt;dst.dev es NULL. Luego, en los ganchos br_netfilter, en br_nf_dev_queue_xmit, hay una verificaci\u00f3n de tramas que necesitan fragmentarse: las tramas con una MTU m\u00e1s alta que el dispositivo VxLAN terminan llamando a br_nf_ip_fragment, que a su vez llama a ip_skb_dst_mtu. ip_dst_mtu intenta usar skb_dst(skb) como si fuera un dst v\u00e1lido con dst-&gt;dev v\u00e1lido, de ah\u00ed el bloqueo. Este caso nunca fue compatible en primer lugar, por lo que descarta el paquete en su lugar. PING 10.0.0.2 (10.0.0.2) desde 0.0.0.0 h1-eth0: 2000(2028) bytes de datos. [ 176.291791] No se puede manejar la desreferencia del puntero NULL del n\u00facleo en la direcci\u00f3n virtual 0000000000000110 [ 176.292101] Informaci\u00f3n de aborto de memoria: [ 176.292184] ESR = 0x0000000096000004 [ 176.292322] EC = 0x25: DABT (EL actual), IL = 32 bits [ 176.292530] SET = 0, FnV = 0 [ 176.292709] EA = 0, S1PTW = 0 [ 176.292862] FSC = 0x04: error de traducci\u00f3n de nivel 0 [ 176.293013] Informaci\u00f3n de aborto de datos: [ 176.293104] ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000 [ 176.293488] CM = 0, WnR = 0, TnD = 0, TagAccess = 0 [ 176.293787] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0 [ 176.293995] pgtable del usuario: p\u00e1ginas de 4k, VA de 48 bits, pgdp=0000000043ef5000 [ 176.294166] [0000000000000110] pgd=000000000000000, p4d=0000000000000000 [ 176.294827] Error interno: Oops: 0000000096000004 [#1] PREEMPT SMP [ 176.295252] M\u00f3dulos vinculados: vxlan ip6_udp_tunnel udp_tunnel veth br_netfilter bridge stp llc ipv6 crct10dif_ce [ 176.295923] CPU: 0 PID: 188 Comm: ping No contaminado 6.8.0-rc3-g5b3fbd61b9d1 #2 [ 176.296314] Nombre del hardware: linux,dummy-virt (DT) [ 176.296535] pstate: 80000005 (Nzcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 176.296808] pc : br_nf_dev_queue_xmit+0x390/0x4ec [br_netfilter] [ 176.297382] lr : br_nf_dev_queue_xmit+0x2ac/0x4ec [br_netfilter] [ 176.297636] sp : ffff800080003630 [ 176.297743] x29: ffff800080003630 x28: 0000000000000008 x27: ffff6828c49ad9f8 [ 176.298093] x26: ffff6828c49ad000 x25: 0000000000000000 x24: 00000000000003e8 [ 176.298430] x23: 0000000000000000 x22: ffff6828c4960b40 x21: ffff6828c3b16d28 [ 176.298652] x20: ffff6828c3167048 x19: ffff6828c3b16d00 x18: 0000000000000014 [ 176.298926] x17: ffffb0476322f000 x16: ffffb7e164023730 x15: 0000000095744632 [ 176.299296] x14: ffff6828c3f1c880 x13: 0000000000000002 x12: ffffb7e137926a70 [ 176.299574] x11: 000000000000001 x10: ffff6828c3f1c898 x9: 0000000000000000 [ 176.300049] x8: ffff6828c49bf070 x7: 0008460f18d5f20e x6: f20e0100bebafeca [ 176.300302] x5 : ffff6828c7f918fe x4 : ffff6828c49bf070 x3 : 0000000000000000 [ 176.300586] x2 : 0000000000000000 x1 : ffff6828c3c7ad00 x0 : ffff6828c7f918f0 [ 176.300889] Rastreo de llamadas: [ 176.301123] br_nf_dev_queue_xmit+0x390/0x4ec [br_netfilter] [ 176.301411] br_nf_post_routing+0x2a8/0x3e4 [br_netfilter] [ 176.301703] br_nf_hook_slow+0x48/0x124 [ 176.302060] br_forward_finish+0xc8/0xe8 [puente] [ 176.302371] br_nf_hook_thresh+0x124/0x134 [br_filtro de red] [ 176.302605] br_nf_forward_finish+0x118/0x22c [br_filtro de red] [ 176.302824] br_nf_forward_ip.part.0+0x264/0x290 [br_filtro de red] [ 176.303136 ---truncado---" "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: netfilter: br_netfilter: fix panic with metadata_dst skb Corrige un p\u00e1nico del kernel en el m\u00f3dulo br_netfilter al enviar tr\u00e1fico sin etiquetar a trav\u00e9s de un dispositivo VxLAN. Esto sucede durante la comprobaci\u00f3n de fragmentaci\u00f3n en br_nf_dev_queue_xmit. Depende de: 1) que se est\u00e9 cargando el m\u00f3dulo br_netfilter; 2) que net.bridge.bridge-nf-call-iptables est\u00e9 establecido en 1; 3) que haya un puente con un netdevice VxLAN (single-vxlan-device) como puerto de puente; 4) que se hayan reenviado o inundado tramas sin etiquetar con un tama\u00f1o superior a la MTU de VxLAN. Al reenviar el paquete sin etiquetar al puerto de puente VxLAN, antes de que se llamen los ganchos de netfilter, se llama a br_handle_egress_vlan_tunnel y cambia skb_dst al dst del t\u00fanel. tunnel_dst es un tipo de metadatos de dst, es decir, skb_valid_dst(skb) es falso y metadata-&gt;dst.dev es NULL. Luego, en los ganchos br_netfilter, en br_nf_dev_queue_xmit, hay una verificaci\u00f3n de tramas que necesitan fragmentarse: las tramas con una MTU m\u00e1s alta que el dispositivo VxLAN terminan llamando a br_nf_ip_fragment, que a su vez llama a ip_skb_dst_mtu. ip_dst_mtu intenta usar skb_dst(skb) como si fuera un dst v\u00e1lido con dst-&gt;dev v\u00e1lido, de ah\u00ed el bloqueo. Este caso nunca fue compatible en primer lugar, por lo que descarta el paquete en su lugar. PING 10.0.0.2 (10.0.0.2) desde 0.0.0.0 h1-eth0: 2000(2028) bytes de datos. [ 176.291791] No se puede manejar la desreferencia del puntero NULL del n\u00facleo en la direcci\u00f3n virtual 0000000000000110 [ 176.292101] Informaci\u00f3n de aborto de memoria: [ 176.292184] ESR = 0x0000000096000004 [ 176.292322] EC = 0x25: DABT (EL actual), IL = 32 bits [ 176.292530] SET = 0, FnV = 0 [ 176.292709] EA = 0, S1PTW = 0 [ 176.292862] FSC = 0x04: error de traducci\u00f3n de nivel 0 [ 176.293013] Informaci\u00f3n de aborto de datos: [ 176.293104] ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000 [ 176.293488] CM = 0, WnR = 0, TnD = 0, TagAccess = 0 [ 176.293787] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0 [ 176.293995] pgtable del usuario: p\u00e1ginas de 4k, VA de 48 bits, pgdp=0000000043ef5000 [ 176.294166] [0000000000000110] pgd=000000000000000, p4d=0000000000000000 [ 176.294827] Error interno: Oops: 0000000096000004 [#1] PREEMPT SMP [ 176.295252] M\u00f3dulos vinculados: vxlan ip6_udp_tunnel udp_tunnel veth br_netfilter bridge stp llc ipv6 crct10dif_ce [ 176.295923] CPU: 0 PID: 188 Comm: ping No contaminado 6.8.0-rc3-g5b3fbd61b9d1 #2 [ 176.296314] Nombre del hardware: linux,dummy-virt (DT) [ 176.296535] pstate: 80000005 (Nzcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 176.296808] pc : br_nf_dev_queue_xmit+0x390/0x4ec [br_netfilter] [ 176.297382] lr : br_nf_dev_queue_xmit+0x2ac/0x4ec [br_netfilter] [ 176.297636] sp : ffff800080003630 [ 176.297743] x29: ffff800080003630 x28: 0000000000000008 x27: ffff6828c49ad9f8 [ 176.298093] x26: ffff6828c49ad000 x25: 0000000000000000 x24: 00000000000003e8 [ 176.298430] x23: 0000000000000000 x22: ffff6828c4960b40 x21: ffff6828c3b16d28 [ 176.298652] x20: ffff6828c3167048 x19: ffff6828c3b16d00 x18: 0000000000000014 [ 176.298926] x17: ffffb0476322f000 x16: ffffb7e164023730 x15: 0000000095744632 [ 176.299296] x14: ffff6828c3f1c880 x13: 0000000000000002 x12: ffffb7e137926a70 [ 176.299574] x11: 000000000000001 x10: ffff6828c3f1c898 x9: 0000000000000000 [ 176.300049] x8: ffff6828c49bf070 x7: 0008460f18d5f20e x6: f20e0100bebafeca [ 176.300302] x5 : ffff6828c7f918fe x4 : ffff6828c49bf070 x3 : 0000000000000000 [ 176.300586] x2 : 0000000000000000 x1 : ffff6828c3c7ad00 x0 : ffff6828c7f918f0 [ 176.300889] Rastreo de llamadas: [ 176.301123] br_nf_dev_queue_xmit+0x390/0x4ec [br_netfilter] [ 176.301411] br_nf_post_routing+0x2a8/0x3e4 [br_netfilter] [ 176.301703] br_nf_hook_slow+0x48/0x124 [ 176.302060] br_forward_finish+0xc8/0xe8 [puente] [ 176.302371] br_nf_hook_thresh+0x124/0x134 [br_filtro de red] [ 176.302605] br_nf_forward_finish+0x118/0x22c [br_filtro de red] [ 176.302824] br_nf_forward_ip.part.0+0x264/0x290 [br_filtro de red] [ 176.303136 ---truncado---"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.11",
"versionEndExcluding": "5.10.227",
"matchCriteriaId": "E02B18E0-7618-4F55-A9D9-FC9A13DCDEEF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.168",
"matchCriteriaId": "4D51C05D-455B-4D8D-89E7-A58E140B864C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.113",
"matchCriteriaId": "D01BD22E-ACD1-4618-9D01-6116570BE1EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.57",
"matchCriteriaId": "05D83DB8-7465-4F88-AFB2-980011992AC1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.11.4",
"matchCriteriaId": "AA84D336-CE9A-4535-B901-1AD77EC17C34"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*",
"matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/3453f5839420bfbb85c86c61e49f49ffd0f041c4", "url": "https://git.kernel.org/stable/c/3453f5839420bfbb85c86c61e49f49ffd0f041c4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/78ed917133b118661e1fe62d4a85d5d428ee9568", "url": "https://git.kernel.org/stable/c/78ed917133b118661e1fe62d4a85d5d428ee9568",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/915717e0bb9837cc5c101bc545af487bd787239e", "url": "https://git.kernel.org/stable/c/915717e0bb9837cc5c101bc545af487bd787239e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/95c0cff5a1a5d28bf623b92eb5d1a8f56ed30803", "url": "https://git.kernel.org/stable/c/95c0cff5a1a5d28bf623b92eb5d1a8f56ed30803",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/cce8419b8168f6e7eb637103a47f916f3de8bc81", "url": "https://git.kernel.org/stable/c/cce8419b8168f6e7eb637103a47f916f3de8bc81",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/f9ff7665cd128012868098bbd07e28993e314fdb", "url": "https://git.kernel.org/stable/c/f9ff7665cd128012868098bbd07e28993e314fdb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

128
CVE-2024/CVE-2024-500xx/CVE-2024-50046.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-50046", "id": "CVE-2024-50046",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T20:15:17.437", "published": "2024-10-21T20:15:17.437",
"lastModified": "2024-10-23T15:12:34.673", "lastModified": "2024-10-24T18:59:55.950",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,31 +15,141 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: NFSv4: Evitar la desreferencia de puntero NULL en nfs42_complete_copies() En el nodo de un cliente NFS, algunos archivos guardados en el punto de montaje del servidor NFS se copiaron a otra ubicaci\u00f3n del mismo servidor NFS. Accidentalmente, nfs42_complete_copies() tuvo un fallo por desreferencia de puntero NULL con el siguiente syslog: [232064.838881] NFSv4: la recuperaci\u00f3n de estado fall\u00f3 para el archivo abierto nfs/pvc-12b5200d-cd0f-46a3-b9f0-af8f4fe0ef64.qcow2, error = -116 [232064.839360] NFSv4: la recuperaci\u00f3n de estado fall\u00f3 para el archivo abierto nfs/pvc-12b5200d-cd0f-46a3-b9f0-af8f4fe0ef64.qcow2, error = -116 [232066.588183] No se puede manejar la desreferencia de puntero NULL del kernel en la direcci\u00f3n virtual 0000000000000058 [232066.588586] Informaci\u00f3n de cancelaci\u00f3n de memoria: [232066.588701] ESR = 0x0000000096000007 [232066.588862] EC = 0x25: DABT (EL actual), IL = 32 bits [232066.589084] SET = 0, FnV = 0 [232066.589216] EA = 0, S1PTW = 0 [232066.589340] FSC = 0x07: error de traducci\u00f3n de nivel 3 [232066.589559] Informaci\u00f3n de cancelaci\u00f3n de datos: [232066.589683] ISV = 0, ISS = 0x00000007 [232066.589842] CM = 0, WnR = 0 [232066.589967] usuario pgtable: 64k p\u00e1ginas, VA de 48 bits, pgdp=00002000956ff400 [232066.590231] [0000000000000058] pgd=08001100ae100003, p4d=08001100ae100003, pud=08001100ae100003, pmd=08001100b3c00003, pte=000000000000000 [232066.590757] Error interno: Oops: 96000007 [#1] SMP [232066.590958] M\u00f3dulos vinculados en: rpcsec_gss_krb5 auth_rpcgss nfsv4 dns_resolver nfs lockd grace fscache netfs ocfs2_dlmfs ocfs2_stack_o2cb ocfs2_dlm vhost_net vhost vhost_iotlb tap tun ipt_rpfilter xt_multiport ip_set_hash_ip ip_set_hash_net xfrm_interface xfrm6_tunnel tunnel4 tunnel6 esp4 ah4 wireguard libcurve25519_generic veth xt_addrtype xt_set nf_conntrack_netlink ip_set_hash_ipportnet ip_set_hash_ipportip ip_set_bitmap_port ip_set_hash_ipport conjunto de ip ficticio ip_vs_sh ip_vs_wrr ip_vs_rr ip_vs iptable_filter sch_ingress nfnetlink_cttimeout vport_gre ip_gre ip_tunnel gre vport_geneve geneve vport_vxlan vxlan ip6_udp_tunnel udp_tunnel openvswitch nf_conncount dm_round_robin dm_service_time dm_multipath xt_nat xt_MASQUERADE nft_chain_nat nf_nat xt_mark xt_conntrack xt_comment nft_compat nft_counter nf_tables nfnetlink ocfs2 ocfs2_nodemanager ocfs2_stackglue iscsi_tcp libiscsi_tcp libiscsi scsi_transport_iscsi ipmi_ssif nbd overlay 8021q garp mrp enlace tls rfkill sunrpc ext4 mbcache jbd2 [232066.591052] vfat fat cas_cache cas_disk ses enclosure scsi_transport_sas sg acpi_ipmi ipmi_si ipmi_devintf ipmi_msghandler ip_tables vfio_pci vfio_pci_core vfio_virqfd vfio_iommu_type1 vfio dm_mirror dm_region_hash dm_log dm_mod nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 br_netfilter puente stp llc fuse xfs libcrc32c ast drm_vram_helper qla2xxx drm_kms_helper syscopyarea crct10dif_ce sysfillrect ghash_ce sysimgblt sha2_ce fb_sys_fops cec sha256_arm64 sha1_ce drm_ttm_helper ttm nvme_fc igb sbsa_gwdt nvme_fabrics drm nvme_core i2c_algo_bit i40e scsi_transport_fc megaraid_sas aes_neon_bs [232066.596953] CPU: 6 PID: 4124696 Comm: 10.253.166.125- Kdump: cargado No contaminado 5.15.131-9.cl9_ocfs2.aarch64 #1 [232066.597356] Nombre del hardware: Great Wall .\\x93\\x8e...RF6260 V5/GWMSSE2GL1T, BIOS T656FBE_V3.0.18 2024-01-06 [232066.597721] estado de la p\u00e1gina: 20400009 (nzCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [232066.598034] equipo: nfs4_reclaim_open_state+0x220/0x800 [nfsv4] [232066.598327] estado de la p\u00e1gina: nfs4_reclaim_open_state+0x12c/0x800 [nfsv4] [232066.598595] servidor de arranque: ffff8000f568fc70 [232066.598731] x29: ffff8000f568fc70 x28: 0000000000001000 x27: ffff21003db33000 [232066.599030] x26: ffff800005521ae0 x25: 0 x24: 0000000000000001 [232066.599319] x23: ffff800009920008 x22: ffff21003db33040 x21: ffff21003db33050 [232066.599628] x20: ffff410172fe9e40 x19: ffff410172fe9e00 x18: 0000000000000000 [232066.599914] x17: 0000000000000000 x16: 0000000000000004 x15: 0000000000000000 [232066.6001---truncado---" "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: NFSv4: Evitar la desreferencia de puntero NULL en nfs42_complete_copies() En el nodo de un cliente NFS, algunos archivos guardados en el punto de montaje del servidor NFS se copiaron a otra ubicaci\u00f3n del mismo servidor NFS. Accidentalmente, nfs42_complete_copies() tuvo un fallo por desreferencia de puntero NULL con el siguiente syslog: [232064.838881] NFSv4: la recuperaci\u00f3n de estado fall\u00f3 para el archivo abierto nfs/pvc-12b5200d-cd0f-46a3-b9f0-af8f4fe0ef64.qcow2, error = -116 [232064.839360] NFSv4: la recuperaci\u00f3n de estado fall\u00f3 para el archivo abierto nfs/pvc-12b5200d-cd0f-46a3-b9f0-af8f4fe0ef64.qcow2, error = -116 [232066.588183] No se puede manejar la desreferencia de puntero NULL del kernel en la direcci\u00f3n virtual 0000000000000058 [232066.588586] Informaci\u00f3n de cancelaci\u00f3n de memoria: [232066.588701] ESR = 0x0000000096000007 [232066.588862] EC = 0x25: DABT (EL actual), IL = 32 bits [232066.589084] SET = 0, FnV = 0 [232066.589216] EA = 0, S1PTW = 0 [232066.589340] FSC = 0x07: error de traducci\u00f3n de nivel 3 [232066.589559] Informaci\u00f3n de cancelaci\u00f3n de datos: [232066.589683] ISV = 0, ISS = 0x00000007 [232066.589842] CM = 0, WnR = 0 [232066.589967] usuario pgtable: 64k p\u00e1ginas, VA de 48 bits, pgdp=00002000956ff400 [232066.590231] [0000000000000058] pgd=08001100ae100003, p4d=08001100ae100003, pud=08001100ae100003, pmd=08001100b3c00003, pte=000000000000000 [232066.590757] Error interno: Oops: 96000007 [#1] SMP [232066.590958] M\u00f3dulos vinculados en: rpcsec_gss_krb5 auth_rpcgss nfsv4 dns_resolver nfs lockd grace fscache netfs ocfs2_dlmfs ocfs2_stack_o2cb ocfs2_dlm vhost_net vhost vhost_iotlb tap tun ipt_rpfilter xt_multiport ip_set_hash_ip ip_set_hash_net xfrm_interface xfrm6_tunnel tunnel4 tunnel6 esp4 ah4 wireguard libcurve25519_generic veth xt_addrtype xt_set nf_conntrack_netlink ip_set_hash_ipportnet ip_set_hash_ipportip ip_set_bitmap_port ip_set_hash_ipport conjunto de ip ficticio ip_vs_sh ip_vs_wrr ip_vs_rr ip_vs iptable_filter sch_ingress nfnetlink_cttimeout vport_gre ip_gre ip_tunnel gre vport_geneve geneve vport_vxlan vxlan ip6_udp_tunnel udp_tunnel openvswitch nf_conncount dm_round_robin dm_service_time dm_multipath xt_nat xt_MASQUERADE nft_chain_nat nf_nat xt_mark xt_conntrack xt_comment nft_compat nft_counter nf_tables nfnetlink ocfs2 ocfs2_nodemanager ocfs2_stackglue iscsi_tcp libiscsi_tcp libiscsi scsi_transport_iscsi ipmi_ssif nbd overlay 8021q garp mrp enlace tls rfkill sunrpc ext4 mbcache jbd2 [232066.591052] vfat fat cas_cache cas_disk ses enclosure scsi_transport_sas sg acpi_ipmi ipmi_si ipmi_devintf ipmi_msghandler ip_tables vfio_pci vfio_pci_core vfio_virqfd vfio_iommu_type1 vfio dm_mirror dm_region_hash dm_log dm_mod nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 br_netfilter puente stp llc fuse xfs libcrc32c ast drm_vram_helper qla2xxx drm_kms_helper syscopyarea crct10dif_ce sysfillrect ghash_ce sysimgblt sha2_ce fb_sys_fops cec sha256_arm64 sha1_ce drm_ttm_helper ttm nvme_fc igb sbsa_gwdt nvme_fabrics drm nvme_core i2c_algo_bit i40e scsi_transport_fc megaraid_sas aes_neon_bs [232066.596953] CPU: 6 PID: 4124696 Comm: 10.253.166.125- Kdump: cargado No contaminado 5.15.131-9.cl9_ocfs2.aarch64 #1 [232066.597356] Nombre del hardware: Great Wall .\\x93\\x8e...RF6260 V5/GWMSSE2GL1T, BIOS T656FBE_V3.0.18 2024-01-06 [232066.597721] estado de la p\u00e1gina: 20400009 (nzCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [232066.598034] equipo: nfs4_reclaim_open_state+0x220/0x800 [nfsv4] [232066.598327] estado de la p\u00e1gina: nfs4_reclaim_open_state+0x12c/0x800 [nfsv4] [232066.598595] servidor de arranque: ffff8000f568fc70 [232066.598731] x29: ffff8000f568fc70 x28: 0000000000001000 x27: ffff21003db33000 [232066.599030] x26: ffff800005521ae0 x25: 0 x24: 0000000000000001 [232066.599319] x23: ffff800009920008 x22: ffff21003db33040 x21: ffff21003db33050 [232066.599628] x20: ffff410172fe9e40 x19: ffff410172fe9e00 x18: 0000000000000000 [232066.599914] x17: 0000000000000000 x16: 0000000000000004 x15: 0000000000000000 [232066.6001---truncado---"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.227",
"matchCriteriaId": "795A3EE6-0CAB-4409-A903-151C94ACECC0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.168",
"matchCriteriaId": "4D51C05D-455B-4D8D-89E7-A58E140B864C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.113",
"matchCriteriaId": "D01BD22E-ACD1-4618-9D01-6116570BE1EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.57",
"matchCriteriaId": "05D83DB8-7465-4F88-AFB2-980011992AC1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.11.4",
"matchCriteriaId": "AA84D336-CE9A-4535-B901-1AD77EC17C34"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*",
"matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/584c019baedddec3fd634053e8fb2d8836108d38", "url": "https://git.kernel.org/stable/c/584c019baedddec3fd634053e8fb2d8836108d38",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/632344b9efa064ca737bfcdaaaced59fd5f18ae9", "url": "https://git.kernel.org/stable/c/632344b9efa064ca737bfcdaaaced59fd5f18ae9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/a848c29e3486189aaabd5663bc11aea50c5bd144", "url": "https://git.kernel.org/stable/c/a848c29e3486189aaabd5663bc11aea50c5bd144",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/ef9189bb15dcbe7ed3f3515aaa6fc8bf7483960d", "url": "https://git.kernel.org/stable/c/ef9189bb15dcbe7ed3f3515aaa6fc8bf7483960d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/f892165c564e3aab272948dbb556cc20e290c55a", "url": "https://git.kernel.org/stable/c/f892165c564e3aab272948dbb556cc20e290c55a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/fca41e5fa4914d12b2136c25f9dad69520b52683", "url": "https://git.kernel.org/stable/c/fca41e5fa4914d12b2136c25f9dad69520b52683",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

31
CVE-2024/CVE-2024-500xx/CVE-2024-50050.json
View File

@ -2,16 +2,43 @@
"id": "CVE-2024-50050", "id": "CVE-2024-50050",
"sourceIdentifier": "cve-assign@fb.com", "sourceIdentifier": "cve-assign@fb.com",
"published": "2024-10-23T14:15:05.087", "published": "2024-10-23T14:15:05.087",
"lastModified": "2024-10-23T15:12:34.673", "lastModified": "2024-10-24T19:35:08.107",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Llama Stack prior to revision 7a8aa775e5a267cf8660d83140011a0b7f91e005 used pickle as a serialization format for socket communication, potentially allowing for remote code execution. Socket communication has been changed to use JSON instead." "value": "Llama Stack prior to revision 7a8aa775e5a267cf8660d83140011a0b7f91e005 used pickle as a serialization format for socket communication, potentially allowing for remote code execution. Socket communication has been changed to use JSON instead."
},
{
"lang": "es",
"value": "Antes de la revisi\u00f3n 7a8aa775e5a267cf8660d83140011a0b7f91e005, Llama Stack utilizaba pickle como formato de serializaci\u00f3n para la comunicaci\u00f3n por socket, lo que potencialmente permit\u00eda la ejecuci\u00f3n remota de c\u00f3digo. La comunicaci\u00f3n por socket se modific\u00f3 para utilizar JSON en su lugar."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
]
},
"references": [ "references": [
{ {
"url": "https://www.facebook.com/security/advisories/cve-2024-50050", "url": "https://www.facebook.com/security/advisories/cve-2024-50050",

66
CVE-2024/CVE-2024-52xx/CVE-2024-5206.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5206", "id": "CVE-2024-5206",
"sourceIdentifier": "security@huntr.dev", "sourceIdentifier": "security@huntr.dev",
"published": "2024-06-06T19:16:06.363", "published": "2024-06-06T19:16:06.363",
"lastModified": "2024-06-17T19:15:59.190", "lastModified": "2024-10-24T19:48:31.637",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -16,6 +16,28 @@
} }
], ],
"metrics": { "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.0,
"impactScore": 3.6
}
],
"cvssMetricV30": [ "cvssMetricV30": [
{ {
"source": "security@huntr.dev", "source": "security@huntr.dev",
@ -41,8 +63,18 @@
}, },
"weaknesses": [ "weaknesses": [
{ {
"source": "security@huntr.dev", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-922"
}
]
},
{
"source": "security@huntr.dev",
"type": "Secondary",
"description": [ "description": [
{ {
"lang": "en", "lang": "en",
@ -51,14 +83,38 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:scikit-learn:scikit-learn:*:*:*:*:*:python:*:*",
"versionEndExcluding": "1.5.0",
"matchCriteriaId": "C27C3BF2-FC82-4EC8-908F-61EB93677AC1"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/scikit-learn/scikit-learn/commit/70ca21f106b603b611da73012c9ade7cd8e438b8", "url": "https://github.com/scikit-learn/scikit-learn/commit/70ca21f106b603b611da73012c9ade7cd8e438b8",
"source": "security@huntr.dev" "source": "security@huntr.dev",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://huntr.com/bounties/14bc0917-a85b-4106-a170-d09d5191517c", "url": "https://huntr.com/bounties/14bc0917-a85b-4106-a170-d09d5191517c",
"source": "security@huntr.dev" "source": "security@huntr.dev",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

102
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update ### Last Repository Update
```plain ```plain
2024-10-24T18:00:21.352358+00:00 2024-10-24T20:00:26.666685+00:00
``` ```
### Most recent CVE Modification Timestamp synchronized with NVD ### Most recent CVE Modification Timestamp synchronized with NVD
```plain ```plain
2024-10-24T17:58:28.347000+00:00 2024-10-24T19:59:47.737000+00:00
``` ```
### Last Data Feed Release ### Last Data Feed Release
@ -33,62 +33,68 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs ### Total Number of included CVEs
```plain ```plain
266935 266959
``` ```
### CVEs added in the last Commit ### CVEs added in the last Commit
Recently added CVEs: `18` Recently added CVEs: `24`
- [CVE-2024-10335](CVE-2024/CVE-2024-103xx/CVE-2024-10335.json) (`2024-10-24T17:15:14.823`) - [CVE-2024-10295](CVE-2024/CVE-2024-102xx/CVE-2024-10295.json) (`2024-10-24T18:15:05.597`)
- [CVE-2024-10336](CVE-2024/CVE-2024-103xx/CVE-2024-10336.json) (`2024-10-24T17:15:15.143`) - [CVE-2024-10313](CVE-2024/CVE-2024-103xx/CVE-2024-10313.json) (`2024-10-24T18:15:05.920`)
- [CVE-2024-40810](CVE-2024/CVE-2024-408xx/CVE-2024-40810.json) (`2024-10-24T17:15:16.263`) - [CVE-2024-10337](CVE-2024/CVE-2024-103xx/CVE-2024-10337.json) (`2024-10-24T18:15:06.170`)
- [CVE-2024-44141](CVE-2024/CVE-2024-441xx/CVE-2024-44141.json) (`2024-10-24T17:15:16.390`) - [CVE-2024-10338](CVE-2024/CVE-2024-103xx/CVE-2024-10338.json) (`2024-10-24T18:15:06.437`)
- [CVE-2024-44185](CVE-2024/CVE-2024-441xx/CVE-2024-44185.json) (`2024-10-24T17:15:16.470`) - [CVE-2024-38314](CVE-2024/CVE-2024-383xx/CVE-2024-38314.json) (`2024-10-24T18:15:07.957`)
- [CVE-2024-44205](CVE-2024/CVE-2024-442xx/CVE-2024-44205.json) (`2024-10-24T17:15:16.543`) - [CVE-2024-46478](CVE-2024/CVE-2024-464xx/CVE-2024-46478.json) (`2024-10-24T18:15:08.863`)
- [CVE-2024-44206](CVE-2024/CVE-2024-442xx/CVE-2024-44206.json) (`2024-10-24T17:15:16.620`) - [CVE-2024-46994](CVE-2024/CVE-2024-469xx/CVE-2024-46994.json) (`2024-10-24T19:15:13.843`)
- [CVE-2024-48538](CVE-2024/CVE-2024-485xx/CVE-2024-48538.json) (`2024-10-24T16:15:05.210`) - [CVE-2024-46995](CVE-2024/CVE-2024-469xx/CVE-2024-46995.json) (`2024-10-24T19:15:14.137`)
- [CVE-2024-48539](CVE-2024/CVE-2024-485xx/CVE-2024-48539.json) (`2024-10-24T17:15:16.873`) - [CVE-2024-46996](CVE-2024/CVE-2024-469xx/CVE-2024-46996.json) (`2024-10-24T19:15:14.383`)
- [CVE-2024-48540](CVE-2024/CVE-2024-485xx/CVE-2024-48540.json) (`2024-10-24T17:15:16.967`) - [CVE-2024-46998](CVE-2024/CVE-2024-469xx/CVE-2024-46998.json) (`2024-10-24T19:15:14.600`)
- [CVE-2024-48541](CVE-2024/CVE-2024-485xx/CVE-2024-48541.json) (`2024-10-24T17:15:17.060`) - [CVE-2024-47173](CVE-2024/CVE-2024-471xx/CVE-2024-47173.json) (`2024-10-24T19:15:14.817`)
- [CVE-2024-48542](CVE-2024/CVE-2024-485xx/CVE-2024-48542.json) (`2024-10-24T17:15:17.163`) - [CVE-2024-48139](CVE-2024/CVE-2024-481xx/CVE-2024-48139.json) (`2024-10-24T19:15:15.050`)
- [CVE-2024-48544](CVE-2024/CVE-2024-485xx/CVE-2024-48544.json) (`2024-10-24T17:15:17.257`) - [CVE-2024-48140](CVE-2024/CVE-2024-481xx/CVE-2024-48140.json) (`2024-10-24T19:15:15.150`)
- [CVE-2024-48545](CVE-2024/CVE-2024-485xx/CVE-2024-48545.json) (`2024-10-24T17:15:17.353`) - [CVE-2024-48141](CVE-2024/CVE-2024-481xx/CVE-2024-48141.json) (`2024-10-24T19:15:15.240`)
- [CVE-2024-48546](CVE-2024/CVE-2024-485xx/CVE-2024-48546.json) (`2024-10-24T17:15:17.447`) - [CVE-2024-48142](CVE-2024/CVE-2024-481xx/CVE-2024-48142.json) (`2024-10-24T19:15:15.333`)
- [CVE-2024-48547](CVE-2024/CVE-2024-485xx/CVE-2024-48547.json) (`2024-10-24T17:15:17.540`) - [CVE-2024-48143](CVE-2024/CVE-2024-481xx/CVE-2024-48143.json) (`2024-10-24T19:15:15.427`)
- [CVE-2024-48548](CVE-2024/CVE-2024-485xx/CVE-2024-48548.json) (`2024-10-24T17:15:17.663`) - [CVE-2024-48144](CVE-2024/CVE-2024-481xx/CVE-2024-48144.json) (`2024-10-24T19:15:15.510`)
- [CVE-2024-9692](CVE-2024/CVE-2024-96xx/CVE-2024-9692.json) (`2024-10-24T17:15:17.953`) - [CVE-2024-48145](CVE-2024/CVE-2024-481xx/CVE-2024-48145.json) (`2024-10-24T19:15:15.607`)
- [CVE-2024-48427](CVE-2024/CVE-2024-484xx/CVE-2024-48427.json) (`2024-10-24T19:15:15.703`)
- [CVE-2024-48440](CVE-2024/CVE-2024-484xx/CVE-2024-48440.json) (`2024-10-24T18:15:09.190`)
- [CVE-2024-48441](CVE-2024/CVE-2024-484xx/CVE-2024-48441.json) (`2024-10-24T18:15:09.583`)
- [CVE-2024-48442](CVE-2024/CVE-2024-484xx/CVE-2024-48442.json) (`2024-10-24T18:15:09.890`)
- [CVE-2024-48454](CVE-2024/CVE-2024-484xx/CVE-2024-48454.json) (`2024-10-24T19:15:15.803`)
- [CVE-2024-48514](CVE-2024/CVE-2024-485xx/CVE-2024-48514.json) (`2024-10-24T18:15:10.227`)
### CVEs modified in the last Commit ### CVEs modified in the last Commit
Recently modified CVEs: `40` Recently modified CVEs: `63`
- [CVE-2024-21654](CVE-2024/CVE-2024-216xx/CVE-2024-21654.json) (`2024-10-24T16:35:05.720`) - [CVE-2024-3727](CVE-2024/CVE-2024-37xx/CVE-2024-3727.json) (`2024-10-24T18:15:08.177`)
- [CVE-2024-40432](CVE-2024/CVE-2024-404xx/CVE-2024-40432.json) (`2024-10-24T16:35:06.560`) - [CVE-2024-40431](CVE-2024/CVE-2024-404xx/CVE-2024-40431.json) (`2024-10-24T18:35:07.010`)
- [CVE-2024-40457](CVE-2024/CVE-2024-404xx/CVE-2024-40457.json) (`2024-10-24T17:35:07.660`) - [CVE-2024-44141](CVE-2024/CVE-2024-441xx/CVE-2024-44141.json) (`2024-10-24T18:35:07.340`)
- [CVE-2024-42642](CVE-2024/CVE-2024-426xx/CVE-2024-42642.json) (`2024-10-24T17:35:08.450`) - [CVE-2024-46257](CVE-2024/CVE-2024-462xx/CVE-2024-46257.json) (`2024-10-24T18:15:08.617`)
- [CVE-2024-43849](CVE-2024/CVE-2024-438xx/CVE-2024-43849.json) (`2024-10-24T16:02:21.587`) - [CVE-2024-47575](CVE-2024/CVE-2024-475xx/CVE-2024-47575.json) (`2024-10-24T18:56:47.930`)
- [CVE-2024-43851](CVE-2024/CVE-2024-438xx/CVE-2024-43851.json) (`2024-10-24T16:07:41.687`) - [CVE-2024-48541](CVE-2024/CVE-2024-485xx/CVE-2024-48541.json) (`2024-10-24T19:35:04.263`)
- [CVE-2024-46256](CVE-2024/CVE-2024-462xx/CVE-2024-46256.json) (`2024-10-24T17:15:16.690`) - [CVE-2024-48542](CVE-2024/CVE-2024-485xx/CVE-2024-48542.json) (`2024-10-24T19:35:05.013`)
- [CVE-2024-46937](CVE-2024/CVE-2024-469xx/CVE-2024-46937.json) (`2024-10-24T17:35:09.287`) - [CVE-2024-48545](CVE-2024/CVE-2024-485xx/CVE-2024-48545.json) (`2024-10-24T19:35:05.767`)
- [CVE-2024-46943](CVE-2024/CVE-2024-469xx/CVE-2024-46943.json) (`2024-10-24T17:35:10.093`) - [CVE-2024-48546](CVE-2024/CVE-2024-485xx/CVE-2024-48546.json) (`2024-10-24T19:35:06.563`)
- [CVE-2024-47718](CVE-2024/CVE-2024-477xx/CVE-2024-47718.json) (`2024-10-24T16:31:01.107`) - [CVE-2024-48547](CVE-2024/CVE-2024-485xx/CVE-2024-48547.json) (`2024-10-24T19:35:07.320`)
- [CVE-2024-47719](CVE-2024/CVE-2024-477xx/CVE-2024-47719.json) (`2024-10-24T16:21:50.937`) - [CVE-2024-49863](CVE-2024/CVE-2024-498xx/CVE-2024-49863.json) (`2024-10-24T19:43:56.103`)
- [CVE-2024-47723](CVE-2024/CVE-2024-477xx/CVE-2024-47723.json) (`2024-10-24T16:17:24.003`) - [CVE-2024-49876](CVE-2024/CVE-2024-498xx/CVE-2024-49876.json) (`2024-10-24T19:57:06.843`)
- [CVE-2024-49324](CVE-2024/CVE-2024-493xx/CVE-2024-49324.json) (`2024-10-24T16:11:41.700`) - [CVE-2024-49877](CVE-2024/CVE-2024-498xx/CVE-2024-49877.json) (`2024-10-24T19:58:55.383`)
- [CVE-2024-49326](CVE-2024/CVE-2024-493xx/CVE-2024-49326.json) (`2024-10-24T16:13:46.743`) - [CVE-2024-49879](CVE-2024/CVE-2024-498xx/CVE-2024-49879.json) (`2024-10-24T19:59:12.897`)
- [CVE-2024-49327](CVE-2024/CVE-2024-493xx/CVE-2024-49327.json) (`2024-10-24T16:07:26.440`) - [CVE-2024-49923](CVE-2024/CVE-2024-499xx/CVE-2024-49923.json) (`2024-10-24T19:43:27.327`)
- [CVE-2024-49329](CVE-2024/CVE-2024-493xx/CVE-2024-49329.json) (`2024-10-24T16:05:50.380`) - [CVE-2024-50033](CVE-2024/CVE-2024-500xx/CVE-2024-50033.json) (`2024-10-24T19:56:04.097`)
- [CVE-2024-49330](CVE-2024/CVE-2024-493xx/CVE-2024-49330.json) (`2024-10-24T16:01:09.733`) - [CVE-2024-50034](CVE-2024/CVE-2024-500xx/CVE-2024-50034.json) (`2024-10-24T19:56:29.170`)
- [CVE-2024-49912](CVE-2024/CVE-2024-499xx/CVE-2024-49912.json) (`2024-10-24T17:10:24.853`) - [CVE-2024-50035](CVE-2024/CVE-2024-500xx/CVE-2024-50035.json) (`2024-10-24T19:54:01.987`)
- [CVE-2024-49914](CVE-2024/CVE-2024-499xx/CVE-2024-49914.json) (`2024-10-24T17:09:50.003`) - [CVE-2024-50041](CVE-2024/CVE-2024-500xx/CVE-2024-50041.json) (`2024-10-24T19:31:39.373`)
- [CVE-2024-49915](CVE-2024/CVE-2024-499xx/CVE-2024-49915.json) (`2024-10-24T17:08:04.020`) - [CVE-2024-50043](CVE-2024/CVE-2024-500xx/CVE-2024-50043.json) (`2024-10-24T19:32:21.480`)
- [CVE-2024-49916](CVE-2024/CVE-2024-499xx/CVE-2024-49916.json) (`2024-10-24T17:03:19.457`) - [CVE-2024-50044](CVE-2024/CVE-2024-500xx/CVE-2024-50044.json) (`2024-10-24T19:36:12.717`)
- [CVE-2024-49917](CVE-2024/CVE-2024-499xx/CVE-2024-49917.json) (`2024-10-24T16:54:05.930`) - [CVE-2024-50045](CVE-2024/CVE-2024-500xx/CVE-2024-50045.json) (`2024-10-24T19:38:03.343`)
- [CVE-2024-49918](CVE-2024/CVE-2024-499xx/CVE-2024-49918.json) (`2024-10-24T16:49:57.453`) - [CVE-2024-50046](CVE-2024/CVE-2024-500xx/CVE-2024-50046.json) (`2024-10-24T18:59:55.950`)
- [CVE-2024-50057](CVE-2024/CVE-2024-500xx/CVE-2024-50057.json) (`2024-10-24T16:12:52.007`) - [CVE-2024-50050](CVE-2024/CVE-2024-500xx/CVE-2024-50050.json) (`2024-10-24T19:35:08.107`)
- [CVE-2024-9341](CVE-2024/CVE-2024-93xx/CVE-2024-9341.json) (`2024-10-24T17:15:17.773`) - [CVE-2024-5206](CVE-2024/CVE-2024-52xx/CVE-2024-5206.json) (`2024-10-24T19:48:31.637`)
## Download and Usage ## Download and Usage

254
_state.csv
View File

@ -110713,7 +110713,7 @@ CVE-2018-1000017,0,0,abf155a03048c617c9c33f46a7653b5050866e671e65cee00b638c4c600
CVE-2018-1000018,0,0,fd04a3623e6a1b81f11d496b5c329392d7b96a93a7531dc246f52157428f3659,2019-10-03T00:03:26.223000 CVE-2018-1000018,0,0,fd04a3623e6a1b81f11d496b5c329392d7b96a93a7531dc246f52157428f3659,2019-10-03T00:03:26.223000
CVE-2018-1000019,0,0,88484bdf3e9ba6c1892ee004b85922fd27df78067d5e202afa61121d7569364c,2018-03-01T15:16:23.140000 CVE-2018-1000019,0,0,88484bdf3e9ba6c1892ee004b85922fd27df78067d5e202afa61121d7569364c,2018-03-01T15:16:23.140000
CVE-2018-1000020,0,0,a882ce661ccf7a2bb3ba36203ac7c98d7052647b66390429b5e810dd1a88adaa,2018-03-01T15:16:07.233000 CVE-2018-1000020,0,0,a882ce661ccf7a2bb3ba36203ac7c98d7052647b66390429b5e810dd1a88adaa,2018-03-01T15:16:07.233000
CVE-2018-1000021,0,1,16aa697967cece01df5a172ae40abd64f72d1c293c760b27e4c8ce002f774e65,2024-10-24T17:58:28.347000 CVE-2018-1000021,0,0,16aa697967cece01df5a172ae40abd64f72d1c293c760b27e4c8ce002f774e65,2024-10-24T17:58:28.347000
CVE-2018-1000022,0,0,9bacea76ee3e1d6167cd72d73edc3b94b18367353a13f387d19aed83224b05fc,2019-10-03T00:03:26.223000 CVE-2018-1000022,0,0,9bacea76ee3e1d6167cd72d73edc3b94b18367353a13f387d19aed83224b05fc,2019-10-03T00:03:26.223000
CVE-2018-1000023,0,0,bc3f770f777a6275e9db5665c57585c4ce5ef5ab67c9808f67a48c1123de55cc,2018-03-06T19:40:13.193000 CVE-2018-1000023,0,0,bc3f770f777a6275e9db5665c57585c4ce5ef5ab67c9808f67a48c1123de55cc,2018-03-06T19:40:13.193000
CVE-2018-1000024,0,0,c1a881450ea1cf91333a1e295f2dee7392ee819d9a9f291cf56c521df9ff025f,2019-10-03T00:03:26.223000 CVE-2018-1000024,0,0,c1a881450ea1cf91333a1e295f2dee7392ee819d9a9f291cf56c521df9ff025f,2019-10-03T00:03:26.223000
@ -120461,7 +120461,7 @@ CVE-2018-20835,0,0,15c0556de9af98996b470e046a67f7943615247d7412daec831baac21ea81
CVE-2018-20836,0,0,abaa3c066d410ec5d27debe833e9debe09a9765b2ed47d3214e19dd51e330dea,2022-11-03T02:22:37.750000 CVE-2018-20836,0,0,abaa3c066d410ec5d27debe833e9debe09a9765b2ed47d3214e19dd51e330dea,2022-11-03T02:22:37.750000
CVE-2018-20837,0,0,2978ae325c191cd0dd7591d16c18179542066c22bcccb140d8dc55bd4a1162ca,2019-05-10T13:19:38.630000 CVE-2018-20837,0,0,2978ae325c191cd0dd7591d16c18179542066c22bcccb140d8dc55bd4a1162ca,2019-05-10T13:19:38.630000
CVE-2018-20838,0,0,71f073bcba9ed75167dcab655c7308b0be1b751a14540818193176449ecf66b8,2019-05-14T21:29:00.327000 CVE-2018-20838,0,0,71f073bcba9ed75167dcab655c7308b0be1b751a14540818193176449ecf66b8,2019-05-14T21:29:00.327000
CVE-2018-20839,0,1,ae62e74a86fbe2aecc68f84fff9bdbc7f8ea233b7637ace194bc2df4f158679f,2024-10-24T17:34:43.873000 CVE-2018-20839,0,0,ae62e74a86fbe2aecc68f84fff9bdbc7f8ea233b7637ace194bc2df4f158679f,2024-10-24T17:34:43.873000
CVE-2018-2084,0,0,0020cad952c12f021fb73c3b3288bc335919aeabb96cd67ba3037418d26b7da3,2023-11-07T02:56:47.930000 CVE-2018-2084,0,0,0020cad952c12f021fb73c3b3288bc335919aeabb96cd67ba3037418d26b7da3,2023-11-07T02:56:47.930000
CVE-2018-20840,0,0,6aa2d7abfefc2ae0a0305fb29872128b568875331f59b8b45a6d9706775746a5,2019-05-31T16:04:32.797000 CVE-2018-20840,0,0,6aa2d7abfefc2ae0a0305fb29872128b568875331f59b8b45a6d9706775746a5,2019-05-31T16:04:32.797000
CVE-2018-20841,0,0,aeb7d305b77134954205db6f23faa90689035d524bdb86040063a71529d25a2d,2019-06-12T14:37:49.547000 CVE-2018-20841,0,0,aeb7d305b77134954205db6f23faa90689035d524bdb86040063a71529d25a2d,2019-06-12T14:37:49.547000
@ -166543,7 +166543,7 @@ CVE-2021-2019,0,0,c2fe290beda99097f5af950e201b3cf3c32a2eafc405e8b574e7ef8ffeede0
CVE-2021-20190,0,0,d2a8ac28104325dedcd0c87eded18a9574d175e48753331ead04a44d2bda47d0,2023-11-07T03:28:59.363000 CVE-2021-20190,0,0,d2a8ac28104325dedcd0c87eded18a9574d175e48753331ead04a44d2bda47d0,2023-11-07T03:28:59.363000
CVE-2021-20191,0,0,8658ab2c479f565f855ecc101f68d9f5292be58ee1512085fe01387f35c89d78,2023-12-28T19:15:12.460000 CVE-2021-20191,0,0,8658ab2c479f565f855ecc101f68d9f5292be58ee1512085fe01387f35c89d78,2023-12-28T19:15:12.460000
CVE-2021-20192,0,0,3dd8be816a8dc6c137adf1504c8646a23863e79bd887c70954eb2bc7f2280695,2023-11-07T03:28:59.460000 CVE-2021-20192,0,0,3dd8be816a8dc6c137adf1504c8646a23863e79bd887c70954eb2bc7f2280695,2023-11-07T03:28:59.460000
CVE-2021-20193,0,0,8ea9a710b84372c5c5bdf0c3ac3264699fb2ac2a5b25fbc4a4a00f36d0d26388,2023-11-07T03:28:59.727000 CVE-2021-20193,0,1,3e3cf18e7000b6cb7f5439046326d8cb2606b66a11db2d415c8beefc917a97b0,2024-10-24T18:15:14.167000
CVE-2021-20194,0,0,76270653c30089eb381a4aad399b3282136badba7d5b2c69bb6e812746cd2765,2023-02-12T22:15:16.563000 CVE-2021-20194,0,0,76270653c30089eb381a4aad399b3282136badba7d5b2c69bb6e812746cd2765,2023-02-12T22:15:16.563000
CVE-2021-20195,0,0,4ee77b9328d95dff9be6e18003cc5fceadbdb127bccc3a2835319150f0cc6bf8,2022-08-05T15:21:13.307000 CVE-2021-20195,0,0,4ee77b9328d95dff9be6e18003cc5fceadbdb127bccc3a2835319150f0cc6bf8,2022-08-05T15:21:13.307000
CVE-2021-20196,0,0,db1eae87c55f404199c52b091d78744dd8b805a4d21844de7a0eb80d7b2d633d,2023-02-12T22:15:16.717000 CVE-2021-20196,0,0,db1eae87c55f404199c52b091d78744dd8b805a4d21844de7a0eb80d7b2d633d,2023-02-12T22:15:16.717000
@ -188002,7 +188002,7 @@ CVE-2022-0536,0,0,91f301f19d4253daff08336205e0e3c3537069957a66d3022971284bc9d586
CVE-2022-0537,0,0,82e6be18cf2b67d3872e20064a87b31837c5ba663f10e2e86064449f3f59849d,2023-02-09T15:15:41.677000 CVE-2022-0537,0,0,82e6be18cf2b67d3872e20064a87b31837c5ba663f10e2e86064449f3f59849d,2023-02-09T15:15:41.677000
CVE-2022-0538,0,0,f211e15d48cde6e9a155f2a7f0c7b7c71a83640e43b37ce30603647a4743cdc1,2023-11-30T19:15:11.090000 CVE-2022-0538,0,0,f211e15d48cde6e9a155f2a7f0c7b7c71a83640e43b37ce30603647a4743cdc1,2023-11-30T19:15:11.090000
CVE-2022-0539,0,0,52df8def0a42153be3f3b3e13984a2926a87ba49bcd341a0ace0969bd8bfb6c8,2022-02-11T20:12:09.090000 CVE-2022-0539,0,0,52df8def0a42153be3f3b3e13984a2926a87ba49bcd341a0ace0969bd8bfb6c8,2022-02-11T20:12:09.090000
CVE-2022-0540,0,1,527a100a52af0573c416206cfbe3107b225fe52cad259d0ee1d9cbe95957b520,2024-10-24T17:35:01.930000 CVE-2022-0540,0,0,527a100a52af0573c416206cfbe3107b225fe52cad259d0ee1d9cbe95957b520,2024-10-24T17:35:01.930000
CVE-2022-0541,0,0,1c700757b6e4fa56ba498c00af0ce7d372dd534ce8ed3ba62fb4bd9a68959af0,2023-06-26T17:59:57.957000 CVE-2022-0541,0,0,1c700757b6e4fa56ba498c00af0ce7d372dd534ce8ed3ba62fb4bd9a68959af0,2023-06-26T17:59:57.957000
CVE-2022-0542,0,0,9935bbf6286aaccad188d2d765646c50a864096c0ede16765a0d28778e41a694,2022-08-23T14:17:59.497000 CVE-2022-0542,0,0,9935bbf6286aaccad188d2d765646c50a864096c0ede16765a0d28778e41a694,2022-08-23T14:17:59.497000
CVE-2022-0543,0,0,e6010ce946d836356a19b770cc55dbb529d6a129a19fd6cea67d0331bf3526ea,2023-09-29T15:55:24.533000 CVE-2022-0543,0,0,e6010ce946d836356a19b770cc55dbb529d6a129a19fd6cea67d0331bf3526ea,2023-09-29T15:55:24.533000
@ -194462,10 +194462,10 @@ CVE-2022-25464,0,0,fa4446c0b87ccc8489496fa2f9dcccfb6f1f7e87309e1719761a02c32bdef
CVE-2022-25465,0,0,7cbe3853c67634a1c63754575fe4ed932bd1f0187da78b5a63369dcaa7c4cae1,2022-03-11T15:55:36.710000 CVE-2022-25465,0,0,7cbe3853c67634a1c63754575fe4ed932bd1f0187da78b5a63369dcaa7c4cae1,2022-03-11T15:55:36.710000
CVE-2022-2547,0,0,dbeba4a8b3d68d6d3de10cc461419e2c751bf3e1f6f2ec4f183c6a17312177c5,2022-08-19T01:43:28.157000 CVE-2022-2547,0,0,dbeba4a8b3d68d6d3de10cc461419e2c751bf3e1f6f2ec4f183c6a17312177c5,2022-08-19T01:43:28.157000
CVE-2022-25471,0,0,d59a2094cef30b0a74747ab7cc9d6328094a89833946591fcbe214da809a6cc7,2022-03-09T19:47:15.070000 CVE-2022-25471,0,0,d59a2094cef30b0a74747ab7cc9d6328094a89833946591fcbe214da809a6cc7,2022-03-09T19:47:15.070000
CVE-2022-25477,0,1,d86bf46fd43c2390bd2006b2734d584360ad90ef71c9dacdc8f62e8d103e231c,2024-10-24T17:15:13.463000 CVE-2022-25477,0,0,d86bf46fd43c2390bd2006b2734d584360ad90ef71c9dacdc8f62e8d103e231c,2024-10-24T17:15:13.463000
CVE-2022-25478,0,1,969e5355ace0b88eb28ab0ec84456611ef9e7dbfc36a21a1c9cd19341fb8d0ce,2024-10-24T17:15:13.633000 CVE-2022-25478,0,0,969e5355ace0b88eb28ab0ec84456611ef9e7dbfc36a21a1c9cd19341fb8d0ce,2024-10-24T17:15:13.633000
CVE-2022-25479,0,1,5aba7c03ca96aa24702d0d4982b119e260314feacb1ed2b43737243cba1c9dff,2024-10-24T17:15:13.717000 CVE-2022-25479,0,0,5aba7c03ca96aa24702d0d4982b119e260314feacb1ed2b43737243cba1c9dff,2024-10-24T17:15:13.717000
CVE-2022-25480,0,1,c5c263da9f1df4b92b5b97a94c271252be09f3b4a9bab47b12b6b752f161829f,2024-10-24T17:15:13.817000 CVE-2022-25480,0,0,c5c263da9f1df4b92b5b97a94c271252be09f3b4a9bab47b12b6b752f161829f,2024-10-24T17:15:13.817000
CVE-2022-25481,0,0,39cf9a73c463f25981da336ece7b787bc04e88649ca7479c7b1f74ad7e94bf81,2024-08-03T05:16:04.587000 CVE-2022-25481,0,0,39cf9a73c463f25981da336ece7b787bc04e88649ca7479c7b1f74ad7e94bf81,2024-08-03T05:16:04.587000
CVE-2022-25484,0,0,07f0b9f1320784b0105d435f5fd3b8eefe70e3aca276722e91dffdd88cfe785c,2022-03-28T20:53:05.180000 CVE-2022-25484,0,0,07f0b9f1320784b0105d435f5fd3b8eefe70e3aca276722e91dffdd88cfe785c,2022-03-28T20:53:05.180000
CVE-2022-25485,0,0,fe4dcd756be960aeab4fda110858bc8cb2a1cdd75bdac67031c3b935cc94cf47,2022-03-23T18:18:46.160000 CVE-2022-25485,0,0,fe4dcd756be960aeab4fda110858bc8cb2a1cdd75bdac67031c3b935cc94cf47,2022-03-23T18:18:46.160000
@ -208929,7 +208929,7 @@ CVE-2022-43697,0,0,686896906763250874b16d5ab0c4c6c9de8102038fc6500dd580314ffa3b4
CVE-2022-43698,0,0,86648de9a3b9cddadd560e0414759c5c112333ec5a9b33030e1cfeeeda7cfaf5,2023-05-15T19:27:09.167000 CVE-2022-43698,0,0,86648de9a3b9cddadd560e0414759c5c112333ec5a9b33030e1cfeeeda7cfaf5,2023-05-15T19:27:09.167000
CVE-2022-43699,0,0,a3e68481c8e86891832fdc60b1fc21c2f076950a8075ae1b88211a1d0c48ffc1,2023-04-24T19:46:49.317000 CVE-2022-43699,0,0,a3e68481c8e86891832fdc60b1fc21c2f076950a8075ae1b88211a1d0c48ffc1,2023-04-24T19:46:49.317000
CVE-2022-4370,0,0,21e2b08860aeacd5f81650f3feefc307848c743c02a091180993201ae7aeaafc,2023-11-07T03:57:40.473000 CVE-2022-4370,0,0,21e2b08860aeacd5f81650f3feefc307848c743c02a091180993201ae7aeaafc,2023-11-07T03:57:40.473000
CVE-2022-43701,0,0,9a97631cfc4daa1dd88909c635a9b61bbe2a720f49787f3de29503523535fc77,2024-02-13T20:15:51.213000 CVE-2022-43701,0,1,ff7eb56d7ec8625eb0aac7c8283a7142763321b82a88c440976e64f53685f693,2024-10-24T18:35:01.700000
CVE-2022-43702,0,0,9c868191de040381101d2f471e797f332c090e7c70bd985613d0f3d2b84d56fc,2024-02-13T20:15:51.373000 CVE-2022-43702,0,0,9c868191de040381101d2f471e797f332c090e7c70bd985613d0f3d2b84d56fc,2024-02-13T20:15:51.373000
CVE-2022-43703,0,0,298ecbf048f181c8ab59c3a4fa8a669dfea7813a0f682c5d610b3cec4bfbe5a8,2024-02-13T20:15:51.457000 CVE-2022-43703,0,0,298ecbf048f181c8ab59c3a4fa8a669dfea7813a0f682c5d610b3cec4bfbe5a8,2024-02-13T20:15:51.457000
CVE-2022-43704,0,0,4b8a50994e6868c3dec07c015a4af22d97eae7e777cfe2c1b8ae11b7877b17c3,2023-01-27T15:05:28.433000 CVE-2022-43704,0,0,4b8a50994e6868c3dec07c015a4af22d97eae7e777cfe2c1b8ae11b7877b17c3,2023-01-27T15:05:28.433000
@ -212565,18 +212565,18 @@ CVE-2022-48950,0,0,df7cdcc43adc0fe4790bfeee6795f91b28a4c15b10566f630a78891552ade
CVE-2022-48951,0,0,ba9d8cef5379b0ff4a935922614acdd38174cd969734d165c8703c7601b1f6a8,2024-10-23T15:13:25.583000 CVE-2022-48951,0,0,ba9d8cef5379b0ff4a935922614acdd38174cd969734d165c8703c7601b1f6a8,2024-10-23T15:13:25.583000
CVE-2022-48952,0,0,cf21a0255246b5b3ab6d95e6ea99d72bc42c2b56c4888d478133ad8ae4632324,2024-10-23T15:13:25.583000 CVE-2022-48952,0,0,cf21a0255246b5b3ab6d95e6ea99d72bc42c2b56c4888d478133ad8ae4632324,2024-10-23T15:13:25.583000
CVE-2022-48953,0,0,037e26b090bc3b5c06ab9dffbf7de850a858e5fc3604925c0be082d71471c418,2024-10-23T15:13:25.583000 CVE-2022-48953,0,0,037e26b090bc3b5c06ab9dffbf7de850a858e5fc3604925c0be082d71471c418,2024-10-23T15:13:25.583000
CVE-2022-48954,0,0,d03a871ace91d7fda187606652c7e051870285e499bfc0944e94d8b0548b731c,2024-10-23T15:13:25.583000 CVE-2022-48954,0,1,739575e3093a499b0052cdcdfb603ce436f9aa9028374fc974a8acd1648a7210,2024-10-24T19:57:39
CVE-2022-48955,0,0,adfc623e02dfe3e9e8f9ee1f86ccacf1144c3f91e445f7d71c55691d3ddd637d,2024-10-23T15:13:25.583000 CVE-2022-48955,0,1,86162b259bd0edabf491f8d7ac9901887414111ced735b0c7ce8d9a40e920beb,2024-10-24T19:58:17.230000
CVE-2022-48956,0,0,efc542c10b827503bb60baef12ae6363e9aaed958a02fa0171aa8b339eb477e6,2024-10-23T15:13:25.583000 CVE-2022-48956,0,1,7b71de397ebb97c317a78adf75e7c6d21e7a987b6ee245bfd5c45d538640e7d3,2024-10-24T19:59:47.737000
CVE-2022-48957,0,0,b7e09cd0df5d0a3d101f25f751f05c8c173e31e135a7f732ca112404e9035b67,2024-10-24T14:41:15.423000 CVE-2022-48957,0,0,b7e09cd0df5d0a3d101f25f751f05c8c173e31e135a7f732ca112404e9035b67,2024-10-24T14:41:15.423000
CVE-2022-48958,0,0,64a1b4825cb7fe46a7f91cfb2ea852904955b0ccb818b0aff987ae8d6445afa5,2024-10-23T15:13:25.583000 CVE-2022-48958,0,0,64a1b4825cb7fe46a7f91cfb2ea852904955b0ccb818b0aff987ae8d6445afa5,2024-10-23T15:13:25.583000
CVE-2022-48959,0,0,15542692f4371b13a09c39e6e151849b1884a96a610571abab83498557c99ba6,2024-10-23T15:13:25.583000 CVE-2022-48959,0,1,88128a4f0643312be4e2e4a9aa6240bb58f1815b805dfae61f1720ba8689fdcb,2024-10-24T19:23:49.373000
CVE-2022-4896,0,0,04cb60ab8732a1bfba8bf7d8a4df08b8371cdecc380fd455d1b928e8213822e1,2023-09-15T15:18:10.843000 CVE-2022-4896,0,0,04cb60ab8732a1bfba8bf7d8a4df08b8371cdecc380fd455d1b928e8213822e1,2023-09-15T15:18:10.843000
CVE-2022-48960,0,0,7cb8843c394326dbdacddf0f27bacd316ff597acdea2e37e285edd34a46c7da3,2024-10-23T15:13:25.583000 CVE-2022-48960,0,1,306ba4d096a9e7e54cbf14e13ef7e723aedf0c00b16364be4ce75c8355664d3f,2024-10-24T19:24:43.627000
CVE-2022-48961,0,0,9079782a53ac6f878f46ee5a7bd8c6d64ab25ec3e859504aac9ecda2b190e0a9,2024-10-23T15:13:25.583000 CVE-2022-48961,0,0,9079782a53ac6f878f46ee5a7bd8c6d64ab25ec3e859504aac9ecda2b190e0a9,2024-10-23T15:13:25.583000
CVE-2022-48962,0,0,1fbe44df9f14637284a2af17fc0f2951662bf83234ea5e1359c57113b94d87c0,2024-10-23T15:13:25.583000 CVE-2022-48962,0,1,3e9352cb14da09460dabd4c4ed0ebf1fe375e3760484bb430b88096f74fb87ff,2024-10-24T19:27:13.900000
CVE-2022-48963,0,0,370e14d6d7de5be593d3aea44663d07232c2f99638747b44362a7976312c9d6a,2024-10-23T15:13:25.583000 CVE-2022-48963,0,1,2cc67ac27a70e3eaf4305fbb0c71925d0a7c77e13764203ad9a8a86e3f22ee89,2024-10-24T19:27:58.603000
CVE-2022-48964,0,0,b433adf18e64faf47e8adedd875bbd7b9f6f61ed17ec1312cd5f64e587863cf5,2024-10-23T15:13:25.583000 CVE-2022-48964,0,1,13bd5cdda7ac4f5878a520e8c12bce36b9b8e913c0c74c77b4e8a6c22e52198f,2024-10-24T19:28:48.867000
CVE-2022-48965,0,0,5c2d1d54d8b3c46630fcded2c16f38c7fffd2383699aeb72a69572ed1749a87e,2024-10-23T15:13:25.583000 CVE-2022-48965,0,0,5c2d1d54d8b3c46630fcded2c16f38c7fffd2383699aeb72a69572ed1749a87e,2024-10-23T15:13:25.583000
CVE-2022-48966,0,0,7b5ea2cdb27342c6837b1d63b8ed702b4c34ea924734529cc736266041c3d692,2024-10-23T15:13:25.583000 CVE-2022-48966,0,0,7b5ea2cdb27342c6837b1d63b8ed702b4c34ea924734529cc736266041c3d692,2024-10-23T15:13:25.583000
CVE-2022-48967,0,0,9a4dff8791ae44e4087bbdddb5fbc68f8736e971375d2e967fe26661594f6b57,2024-10-23T15:13:25.583000 CVE-2022-48967,0,0,9a4dff8791ae44e4087bbdddb5fbc68f8736e971375d2e967fe26661594f6b57,2024-10-23T15:13:25.583000
@ -212625,22 +212625,22 @@ CVE-2022-49005,0,0,996bcc00649f5f4d6806dab3ae223e12d9b68c5372e06c85334c63daf1a1a
CVE-2022-49006,0,0,11e74bb0eed70588405216f8164bddc6145e3f7d92995a8a649678fb341b062c,2024-10-23T15:13:25.583000 CVE-2022-49006,0,0,11e74bb0eed70588405216f8164bddc6145e3f7d92995a8a649678fb341b062c,2024-10-23T15:13:25.583000
CVE-2022-49007,0,0,d8181ccdf2d774c95472fe77412f5c5f6b4c10d6c0a508bc04c802e0d59cc425,2024-10-23T15:13:25.583000 CVE-2022-49007,0,0,d8181ccdf2d774c95472fe77412f5c5f6b4c10d6c0a508bc04c802e0d59cc425,2024-10-23T15:13:25.583000
CVE-2022-49008,0,0,858dc4a8a05732b95c403be0591a3fe4ca899c97593a1ac4eca126dfe89df3b4,2024-10-23T15:13:25.583000 CVE-2022-49008,0,0,858dc4a8a05732b95c403be0591a3fe4ca899c97593a1ac4eca126dfe89df3b4,2024-10-23T15:13:25.583000
CVE-2022-49009,0,0,1aec1b3dbbd754481a9895696d1234016e9a1841a8ac88e2c3e799ed40d012bd,2024-10-23T15:13:25.583000 CVE-2022-49009,0,1,bd4572466d1414f52fbe7936b1a0c728ae05c93f9a35a8642cb3c09affa0841c,2024-10-24T18:59:25.877000
CVE-2022-4901,0,0,b216b364f33ab0ef7a0c7606c08559e2c099c064cab5e2ac5756fa24252b7a04,2023-03-09T01:06:23.703000 CVE-2022-4901,0,0,b216b364f33ab0ef7a0c7606c08559e2c099c064cab5e2ac5756fa24252b7a04,2023-03-09T01:06:23.703000
CVE-2022-49010,0,0,49975f5b867403a17732cbfe6a5dee552c26356798f44f784cdba98c23cd8df4,2024-10-23T15:13:25.583000 CVE-2022-49010,0,1,d80576c7b56f00013ea7b7dc864a80d590c14a16de91c0b1fdc858f0c8ef5805,2024-10-24T19:03:50.847000
CVE-2022-49011,0,0,dd8bd533bcadf678b7a0db8e543d4ef16f0eea5bec6feba6fc7a987b91b9fa0c,2024-10-23T15:13:25.583000 CVE-2022-49011,0,1,599b28539b8e427f24e26f370e4a82372844dcaf9874238111619d456f6deff5,2024-10-24T19:01:47.513000
CVE-2022-49012,0,0,8a07c2182c08c1ad1a1e47bc11287bb605967cbbc6cf7f351e157a0d363b7429,2024-10-23T15:13:25.583000 CVE-2022-49012,0,1,c7f131c8a5ce582750cf22f237762a39b122200ff928897e73148ae98ccfd3ae,2024-10-24T19:07:46.193000
CVE-2022-49013,0,0,36e914fc82151133b00c14fc0dd6d2d180769b97ee8e5432bf641487fa8d4e47,2024-10-23T15:13:25.583000 CVE-2022-49013,0,1,44aaf107cfeec645dd34f52f0cd065b9499e789ec820d67b73614f086e7af59b,2024-10-24T19:09:30.677000
CVE-2022-49014,0,0,c95ecff56e0869fae06846154373eae8fdf97512991cb1140fbb3620e800e126,2024-10-23T15:12:34.673000 CVE-2022-49014,0,1,578af6a0495c8c75967a8dfd95a15b35f965fe7a5668f9b6fbf3061b11b875bf,2024-10-24T18:29:23.407000
CVE-2022-49015,0,0,d620d6c287c474533517dfcedb468be84f4e45ba759170841969d0058958d06a,2024-10-23T15:12:34.673000 CVE-2022-49015,0,1,362e9ebd4f952db666a5cf7b235271e1730ba231d19e1a877c82c9ab348361bb,2024-10-24T18:31:54.943000
CVE-2022-49016,0,0,40181a51cb7f8d3d385284bf52759235ad6ab4c0905c1e0bc5c375445a969030,2024-10-23T15:12:34.673000 CVE-2022-49016,0,1,c1d9958f2bd8f84adc504d3a1280ec26573c2ebb3355642f1cbe6170b0e41127,2024-10-24T18:35:01.597000
CVE-2022-49017,0,0,0c85b099df4275fc59772759a2c7d8c7b3e6d34ed68e2b25de3128c16b275f11,2024-10-23T15:12:34.673000 CVE-2022-49017,0,1,854114d469a6f0821cf36adf0bc76d655074aeb2472ed60acd8104bc233f489e,2024-10-24T18:36:13.233000
CVE-2022-49018,0,0,8b91d14699188a6466e9b66054c2b091a5111a7978d2fc3244b03468cd297966,2024-10-23T15:12:34.673000 CVE-2022-49018,0,1,3f1b2cc632016094ee9af7738f5b2a34861f719ead535be5133fc7f41ee9348d,2024-10-24T18:38:38.033000
CVE-2022-49019,0,0,b406e6800cc70a1fc2a15f69819be72708afd5adefec73d3ca91358360130730,2024-10-23T15:12:34.673000 CVE-2022-49019,0,1,5c0cc209de7b277a9f730293250f0e61a5ef16c4c75dfb71b519c0273182aba2,2024-10-24T18:43:50.413000
CVE-2022-4902,0,0,287e358bd6e692608595d8f35e480fa1fc0a17dda86b7a57dcb446074ab1fd22,2024-05-17T02:17:02.280000 CVE-2022-4902,0,0,287e358bd6e692608595d8f35e480fa1fc0a17dda86b7a57dcb446074ab1fd22,2024-05-17T02:17:02.280000
CVE-2022-49020,0,0,8b25c362578c653f15013748f84ab47d07734b1a9ed889e7947a86ddd913892d,2024-10-23T15:12:34.673000 CVE-2022-49020,0,1,f909ba59e6e38da2e0c04e27bc86f983845d877b769100ad0347ac8d59e90616,2024-10-24T18:43:20.887000
CVE-2022-49021,0,0,c13080553f6c3a29a539f0228afee28b33a32fbcd7514148f0639e4b5bcab60e,2024-10-23T15:12:34.673000 CVE-2022-49021,0,1,7abf5de0439d79af2db36a4427bee3124c6a1194b3d8cb96c822cec62146005d,2024-10-24T18:44:24.567000
CVE-2022-49022,0,0,375c2c1f5bbfb9be9e7fe5a0f98ed056cada3390d8b8188c759d343f8dc611ad,2024-10-23T15:12:34.673000 CVE-2022-49022,0,1,7916fb2a9efb7b7197f996804cc94d2927bd3fc41af2ccb83d88860d15a94534,2024-10-24T18:48:52.560000
CVE-2022-49023,0,0,0735ff18caf8246b03c79c33b83cf62d783640bfd0713348e2d4e58370c405b0,2024-10-24T03:50:29.357000 CVE-2022-49023,0,0,0735ff18caf8246b03c79c33b83cf62d783640bfd0713348e2d4e58370c405b0,2024-10-24T03:50:29.357000
CVE-2022-49024,0,0,c66f01f2c8a41a2a22849da074498e2a47f55851811c1bb200d8ff998c2a459a,2024-10-24T03:50:03.797000 CVE-2022-49024,0,0,c66f01f2c8a41a2a22849da074498e2a47f55851811c1bb200d8ff998c2a459a,2024-10-24T03:50:03.797000
CVE-2022-49025,0,0,74891ed957efad34f677418cab3fc02558af109bc31094684e4f71f7e513262c,2024-10-24T03:49:31.117000 CVE-2022-49025,0,0,74891ed957efad34f677418cab3fc02558af109bc31094684e4f71f7e513262c,2024-10-24T03:49:31.117000
@ -212649,9 +212649,9 @@ CVE-2022-49027,0,0,08617aba8accba8d40c33a2dd9323ed07c4a53388d9fcae1554c4898c8121
CVE-2022-49028,0,0,151442faeff9b14d8ce2ae4c9a4c94db2834ff9ccfc2de89b8fd58ca69c8cc70,2024-10-24T15:51:45.197000 CVE-2022-49028,0,0,151442faeff9b14d8ce2ae4c9a4c94db2834ff9ccfc2de89b8fd58ca69c8cc70,2024-10-24T15:51:45.197000
CVE-2022-49029,0,0,bc3565ae22eee1b819f7f608c3234a9c6a391de68ad397b4af9e7a0668ef7d9d,2024-10-24T15:59:48.417000 CVE-2022-49029,0,0,bc3565ae22eee1b819f7f608c3234a9c6a391de68ad397b4af9e7a0668ef7d9d,2024-10-24T15:59:48.417000
CVE-2022-4903,0,0,cf9430f75554b10fc3063c2d4e895e2575b24650a7af1dc91ee51937fe80926d,2024-05-17T02:17:02.397000 CVE-2022-4903,0,0,cf9430f75554b10fc3063c2d4e895e2575b24650a7af1dc91ee51937fe80926d,2024-05-17T02:17:02.397000
CVE-2022-49030,0,0,8b08791e22bd0db2cd2447524ac51c27e6a5d22f5626359a796fc03cac974990,2024-10-23T15:12:34.673000 CVE-2022-49030,0,1,904b99924e5bfabd402744e1f2641368862a3c302dd16691ee4dde25d15ff21f,2024-10-24T18:42:07.703000
CVE-2022-49031,0,1,27b7324be957657ebfe2fa70a41fdfbee66b5d1a8d8879fc8bbe3b24c5b9c3f7,2024-10-24T16:03:12.907000 CVE-2022-49031,0,0,27b7324be957657ebfe2fa70a41fdfbee66b5d1a8d8879fc8bbe3b24c5b9c3f7,2024-10-24T16:03:12.907000
CVE-2022-49032,0,1,efe71c7b59c43b9d0e289b0876c4b1896d076c1fbbeb41a201c57f837f1793c0,2024-10-24T16:04:49.880000 CVE-2022-49032,0,0,efe71c7b59c43b9d0e289b0876c4b1896d076c1fbbeb41a201c57f837f1793c0,2024-10-24T16:04:49.880000
CVE-2022-49033,0,0,f1525e73208fdc16ccb4e511516019213374c129e7ea61503d159b482ea92060,2024-10-23T15:12:34.673000 CVE-2022-49033,0,0,f1525e73208fdc16ccb4e511516019213374c129e7ea61503d159b482ea92060,2024-10-23T15:12:34.673000
CVE-2022-49037,0,0,d1881b67cff6ffd1cd4a44c62a3eeff49dad87129228607de02747a08dc9d03b,2024-10-08T16:08:55.390000 CVE-2022-49037,0,0,d1881b67cff6ffd1cd4a44c62a3eeff49dad87129228607de02747a08dc9d03b,2024-10-08T16:08:55.390000
CVE-2022-49038,0,0,26bf80583e02462755629eb75d32d3c2894b1263d5b99e87b4bfae13ac56c00a,2024-10-08T16:08:35.743000 CVE-2022-49038,0,0,26bf80583e02462755629eb75d32d3c2894b1263d5b99e87b4bfae13ac56c00a,2024-10-08T16:08:35.743000
@ -213615,7 +213615,7 @@ CVE-2023-0925,0,0,4b2d3d1a23856c0a21902846c10a74c9d1c5bad5a1e8e0c6c1607e19da19aa
CVE-2023-0926,0,0,4e50daef563561009e2736d35d770281206dfa42abe8d38a838272cf17990583,2024-09-27T01:01:34.407000 CVE-2023-0926,0,0,4e50daef563561009e2736d35d770281206dfa42abe8d38a838272cf17990583,2024-09-27T01:01:34.407000
CVE-2023-0927,0,0,773b229173e7784532274d2f6eabc0f76b0266d6bf855468c451a1f04debdf54,2024-10-17T19:35:08.797000 CVE-2023-0927,0,0,773b229173e7784532274d2f6eabc0f76b0266d6bf855468c451a1f04debdf54,2024-10-17T19:35:08.797000
CVE-2023-0928,0,0,0acefe7eed9fe4105ed5b432871f98d6143fc5b62540ef8fefd4e01e566f14ef,2024-10-17T19:35:09.793000 CVE-2023-0928,0,0,0acefe7eed9fe4105ed5b432871f98d6143fc5b62540ef8fefd4e01e566f14ef,2024-10-17T19:35:09.793000
CVE-2023-0929,0,1,eab1fd4c3fede9fa4b8f33871f99171b792037fca9800419eaa2c4cb096de963,2024-10-24T17:35:03.917000 CVE-2023-0929,0,0,eab1fd4c3fede9fa4b8f33871f99171b792037fca9800419eaa2c4cb096de963,2024-10-24T17:35:03.917000
CVE-2023-0930,0,0,e18d1b0fbdade2cd449125d74b691e87439b144c9386b9fea39e816460e1b0e2,2024-10-15T15:35:10.230000 CVE-2023-0930,0,0,e18d1b0fbdade2cd449125d74b691e87439b144c9386b9fea39e816460e1b0e2,2024-10-15T15:35:10.230000
CVE-2023-0931,0,0,953641c34caa114a9540a7f1849538ff1edf4455e88f10e23e0b0cce71443b02,2024-10-15T15:35:11.250000 CVE-2023-0931,0,0,953641c34caa114a9540a7f1849538ff1edf4455e88f10e23e0b0cce71443b02,2024-10-15T15:35:11.250000
CVE-2023-0932,0,0,4d0dda6ab24f17dca7af549585d283ce204c755c8400e634abdc6516a41c6e97,2024-10-17T19:35:10.763000 CVE-2023-0932,0,0,4d0dda6ab24f17dca7af549585d283ce204c755c8400e634abdc6516a41c6e97,2024-10-17T19:35:10.763000
@ -225521,7 +225521,7 @@ CVE-2023-33466,0,0,25da7ec5f821757081edf53c63649e6eda046cc60994bb8cbca9396d6ade9
CVE-2023-33468,0,0,44c774863a2d55e63b1845bf55de3fe4506ca7c2a56eeb4bf92cb746976655cf,2023-08-16T18:03:44.977000 CVE-2023-33468,0,0,44c774863a2d55e63b1845bf55de3fe4506ca7c2a56eeb4bf92cb746976655cf,2023-08-16T18:03:44.977000
CVE-2023-33469,0,0,9dfbe3344d4b40c67ae0a1b0ae4fa865b29407207caaece6d4bed88b6c198b8f,2023-08-17T01:40:13.813000 CVE-2023-33469,0,0,9dfbe3344d4b40c67ae0a1b0ae4fa865b29407207caaece6d4bed88b6c198b8f,2023-08-17T01:40:13.813000
CVE-2023-3347,0,0,3fd9151d476078e653a42d2b9a1d6a14241e18d5cb22f2096b264fc568cc0686,2024-09-16T13:15:05.877000 CVE-2023-3347,0,0,3fd9151d476078e653a42d2b9a1d6a14241e18d5cb22f2096b264fc568cc0686,2024-09-16T13:15:05.877000
CVE-2023-33472,0,1,4e392d2a388ce9abe0c997c30940e227ec62bc6840750c8b00be8631020e78aa,2024-10-24T16:35:02.907000 CVE-2023-33472,0,0,4e392d2a388ce9abe0c997c30940e227ec62bc6840750c8b00be8631020e78aa,2024-10-24T16:35:02.907000
CVE-2023-33476,0,0,4a297145be72f944481cc47e9f376d2cf456cf13a342260740e97ecbfcefc9c3,2023-11-25T11:15:16.937000 CVE-2023-33476,0,0,4a297145be72f944481cc47e9f376d2cf456cf13a342260740e97ecbfcefc9c3,2023-11-25T11:15:16.937000
CVE-2023-33477,0,0,6db6ebce2662ad326ee213faec74c36ba5dbdc9868890686df97f67004511859,2023-06-13T19:14:00.687000 CVE-2023-33477,0,0,6db6ebce2662ad326ee213faec74c36ba5dbdc9868890686df97f67004511859,2023-06-13T19:14:00.687000
CVE-2023-33478,0,0,f86f0231c2633e904d7fc0f691578684a54f744cc0b0ca1d1e7085ded3951116,2024-09-05T14:35:03.177000 CVE-2023-33478,0,0,f86f0231c2633e904d7fc0f691578684a54f744cc0b0ca1d1e7085ded3951116,2024-09-05T14:35:03.177000
@ -227573,7 +227573,7 @@ CVE-2023-36493,0,0,0616934dcaec5abb5bed6dc7f46ba3e7e0347b94b99ba052265b2e8e47865
CVE-2023-36494,0,0,11b002c7660baf795f5041a7c39da6a423e11c613352f9cd1ef2e12fe703cd9a,2023-08-07T20:03:35.267000 CVE-2023-36494,0,0,11b002c7660baf795f5041a7c39da6a423e11c613352f9cd1ef2e12fe703cd9a,2023-08-07T20:03:35.267000
CVE-2023-36495,0,0,28d1369c4f5d20cb9ac086ea97a0157af8f08160700d1f657cff8ddec1450159,2023-08-03T16:59:42.207000 CVE-2023-36495,0,0,28d1369c4f5d20cb9ac086ea97a0157af8f08160700d1f657cff8ddec1450159,2023-08-03T16:59:42.207000
CVE-2023-36496,0,0,91060cbffad2b263559dece756f0fa782e65c393652585e2593d2c58407be6e8,2024-02-09T19:47:24.757000 CVE-2023-36496,0,0,91060cbffad2b263559dece756f0fa782e65c393652585e2593d2c58407be6e8,2024-02-09T19:47:24.757000
CVE-2023-36497,0,1,062c858d381401dc4b55c0726fe302067b3fe38f1d371f817187f2b4789cc6ab,2024-10-24T17:15:14.313000 CVE-2023-36497,0,0,062c858d381401dc4b55c0726fe302067b3fe38f1d371f817187f2b4789cc6ab,2024-10-24T17:15:14.313000
CVE-2023-36498,0,0,a678a67e9b3bb1a05038ba48ca6584347f7001c5a898ec5bd0190ec5739b189e,2024-02-09T02:09:17.397000 CVE-2023-36498,0,0,a678a67e9b3bb1a05038ba48ca6584347f7001c5a898ec5bd0190ec5739b189e,2024-02-09T02:09:17.397000
CVE-2023-36499,0,0,f49bf2873a664b98dbc596667e3414d454ddd02c49bd9fd984d848d5a7274992,2023-08-09T18:02:22.460000 CVE-2023-36499,0,0,f49bf2873a664b98dbc596667e3414d454ddd02c49bd9fd984d848d5a7274992,2023-08-09T18:02:22.460000
CVE-2023-3650,0,0,4c3e05f71cddca63c838368622e75942cc1de49f42ea97125ae87373ccb86203,2023-11-07T04:19:15.303000 CVE-2023-3650,0,0,4c3e05f71cddca63c838368622e75942cc1de49f42ea97125ae87373ccb86203,2023-11-07T04:19:15.303000
@ -229294,7 +229294,7 @@ CVE-2023-38562,0,0,127d1a2b630856d5538c1ca38a31578c3089871c39c5f3a8684c910dd7a42
CVE-2023-38563,0,0,cd5653006ddb237fe74acb1487f8018dcc309b748db7c43e87d0e1655d65393a,2023-09-11T13:39:23.730000 CVE-2023-38563,0,0,cd5653006ddb237fe74acb1487f8018dcc309b748db7c43e87d0e1655d65393a,2023-09-11T13:39:23.730000
CVE-2023-38564,0,0,b6614995561f59800bbe304c9a4bb6f0df0678257f2d10dccc98201621f1d3d9,2023-08-03T16:48:13.720000 CVE-2023-38564,0,0,b6614995561f59800bbe304c9a4bb6f0df0678257f2d10dccc98201621f1d3d9,2023-08-03T16:48:13.720000
CVE-2023-38565,0,0,149d8b68307130cd8b5fad99ef6f47e115e292c7805ed5f155c2ac1a686f799e,2023-08-03T16:42:43.680000 CVE-2023-38565,0,0,149d8b68307130cd8b5fad99ef6f47e115e292c7805ed5f155c2ac1a686f799e,2023-08-03T16:42:43.680000
CVE-2023-38566,0,0,d243a35b00b9d1bef57b6bf93d2b1b67ff4274f75de81451f62627e4ec097196,2024-02-14T15:01:46.050000 CVE-2023-38566,0,1,b9e80dde1f400d3627e1e34a307490af49781464f00fb20fe903b4baaf1e192f,2024-10-24T19:14:10.307000
CVE-2023-38568,0,0,fe3006418b3150234fc6bb5ea0ab250bf9ebe277e16313987e9ddcf20bb4bb1b,2023-09-11T13:39:55.610000 CVE-2023-38568,0,0,fe3006418b3150234fc6bb5ea0ab250bf9ebe277e16313987e9ddcf20bb4bb1b,2023-09-11T13:39:55.610000
CVE-2023-38569,0,0,e2c03e6bc874a9668ba615ef460a626240bf2f5be648e4d4af24f747a77bb59d,2023-09-08T16:47:59.860000 CVE-2023-38569,0,0,e2c03e6bc874a9668ba615ef460a626240bf2f5be648e4d4af24f747a77bb59d,2023-09-08T16:47:59.860000
CVE-2023-3857,0,0,f764245d305ac578d0764cadf8c08c7c2c58efa3cea28d80654e277802d84d75,2024-05-17T02:27:54.180000 CVE-2023-3857,0,0,f764245d305ac578d0764cadf8c08c7c2c58efa3cea28d80654e277802d84d75,2024-05-17T02:27:54.180000
@ -229977,7 +229977,7 @@ CVE-2023-39427,0,0,bc7e52ed8676d0287ba324301b50627a151b43fb5cd244be9fa42525dbdfd
CVE-2023-39429,0,0,e45d5f249dbba37b2a0f500dde0eaa26a84ef98250d6082bd2805021c83d4156,2023-10-04T17:08:58.890000 CVE-2023-39429,0,0,e45d5f249dbba37b2a0f500dde0eaa26a84ef98250d6082bd2805021c83d4156,2023-10-04T17:08:58.890000
CVE-2023-3943,0,0,3bfea338ff2ecfcf77a5fa067300607a2b70e9f53e16468b7b1451e54df83026,2024-05-21T16:54:26.047000 CVE-2023-3943,0,0,3bfea338ff2ecfcf77a5fa067300607a2b70e9f53e16468b7b1451e54df83026,2024-05-21T16:54:26.047000
CVE-2023-39431,0,0,26cadede41c2c3cb84c880d51209fee4b6934336388976525c85faa63e994ed0,2023-10-25T13:50:25.650000 CVE-2023-39431,0,0,26cadede41c2c3cb84c880d51209fee4b6934336388976525c85faa63e994ed0,2023-10-25T13:50:25.650000
CVE-2023-39432,0,0,c2c5e4411d42152860b85e65fde776a03bb884049f8dd2a1bf7f1c7dfe4b0697,2024-02-14T15:01:46.050000 CVE-2023-39432,0,1,041ac297269e9be2639d7ad5add979739e1837b348d5cab6c1b9d11b46590240,2024-10-24T19:13:32.777000
CVE-2023-39433,0,0,f891132ba414524367ca6e5b3376c4fd3194df781c7ccd69c825a121a915823e,2024-05-17T18:36:05.263000 CVE-2023-39433,0,0,f891132ba414524367ca6e5b3376c4fd3194df781c7ccd69c825a121a915823e,2024-05-17T18:36:05.263000
CVE-2023-39434,0,0,bc693e7754388058b19485a72219b0597d4d79b71ecc558e086fe03a669881fc,2024-01-31T15:15:09.663000 CVE-2023-39434,0,0,bc693e7754388058b19485a72219b0597d4d79b71ecc558e086fe03a669881fc,2024-01-31T15:15:09.663000
CVE-2023-39435,0,0,2cde1591acdec05b9dded1c5b5ca1d20ab1200f3c8779b480c0f389d969c7be2,2024-08-02T18:16:11.260000 CVE-2023-39435,0,0,2cde1591acdec05b9dded1c5b5ca1d20ab1200f3c8779b480c0f389d969c7be2,2024-08-02T18:16:11.260000
@ -230288,14 +230288,14 @@ CVE-2023-39928,0,0,91282e780c029bca5230571e26da05cea4f7f8bbaeff21c9d74ff4f370d1c
CVE-2023-39929,0,0,9ee055206e5132be81815049aebeff6d468d3e81abaeb697797813c03df4adb1,2024-05-17T18:36:05.263000 CVE-2023-39929,0,0,9ee055206e5132be81815049aebeff6d468d3e81abaeb697797813c03df4adb1,2024-05-17T18:36:05.263000
CVE-2023-3993,0,0,6a4502fc730b10244b2a5f12fef2d075a1d38a2dac53ba48d1dcf3cdcda08ad9,2024-10-03T07:15:17.247000 CVE-2023-3993,0,0,6a4502fc730b10244b2a5f12fef2d075a1d38a2dac53ba48d1dcf3cdcda08ad9,2024-10-03T07:15:17.247000
CVE-2023-39930,0,0,d750d5de68ec1cde9c7f725fc00c339d92094ec5ff393b14c4e64987eda9f87a,2023-10-31T18:10:51.270000 CVE-2023-39930,0,0,d750d5de68ec1cde9c7f725fc00c339d92094ec5ff393b14c4e64987eda9f87a,2023-10-31T18:10:51.270000
CVE-2023-39932,0,0,f4f11611795b17832449a0b82a5fd05f5ca7c5901c9d3db156b0dc18ba43acdb,2024-02-14T15:01:46.050000 CVE-2023-39932,0,1,12634c5c9ef0cff268f86e10b0c67410af36a28d1b513a74ce59753107a369e3,2024-10-24T19:04:48.510000
CVE-2023-39933,0,0,1a0ab502e85598b40e7e961fd8e000415def9edc0b9351c41ae3d4f4e819b315,2024-03-18T01:53:02.353000 CVE-2023-39933,0,0,1a0ab502e85598b40e7e961fd8e000415def9edc0b9351c41ae3d4f4e819b315,2024-03-18T01:53:02.353000
CVE-2023-39935,0,0,e7273cf6b42db016c2234872a9e6b2af9325c39c0fbeec800f945c24cae29ab6,2023-09-11T13:41:11.193000 CVE-2023-39935,0,0,e7273cf6b42db016c2234872a9e6b2af9325c39c0fbeec800f945c24cae29ab6,2023-09-11T13:41:11.193000
CVE-2023-39936,0,0,c91849e55c7a55e36d3d0035f9880ed7b3b78132a705018d93999265c90b8b67,2023-11-06T18:13:06.433000 CVE-2023-39936,0,0,c91849e55c7a55e36d3d0035f9880ed7b3b78132a705018d93999265c90b8b67,2023-11-06T18:13:06.433000
CVE-2023-39938,0,0,b7f60caca70de06cad432a98ecc140601aca695ee4a3c25c4662905e139bf0e3,2023-09-08T18:45:56.717000 CVE-2023-39938,0,0,b7f60caca70de06cad432a98ecc140601aca695ee4a3c25c4662905e139bf0e3,2023-09-08T18:45:56.717000
CVE-2023-39939,0,0,4965016f7617cd5b3490ccc0805310c4ec2bb5245820676f8b5e01f5a194480e,2023-08-25T16:08:34.140000 CVE-2023-39939,0,0,4965016f7617cd5b3490ccc0805310c4ec2bb5245820676f8b5e01f5a194480e,2023-08-25T16:08:34.140000
CVE-2023-3994,0,0,1b2340bec7f9a348a26613e1fc8a292c8b2aaa50d40e47a84eecd8c9324f6268,2024-10-03T07:15:17.590000 CVE-2023-3994,0,0,1b2340bec7f9a348a26613e1fc8a292c8b2aaa50d40e47a84eecd8c9324f6268,2024-10-03T07:15:17.590000
CVE-2023-39941,0,0,a2c256cad773ddd2086da646754ba42f98766f5059ae534236c8aeb3b706f1f1,2024-02-14T15:01:46.050000 CVE-2023-39941,0,1,7a7b0ebde101066406c8606dcd2e5bcb0d5dda26a40ce4a09946a3c0510ba6d6,2024-10-24T19:28:18.327000
CVE-2023-39944,0,0,1470e34a741cc4686e482386839a0af88bb3580a2d1e2f77be44953e184809f9,2023-08-23T16:47:51.790000 CVE-2023-39944,0,0,1470e34a741cc4686e482386839a0af88bb3580a2d1e2f77be44953e184809f9,2023-08-23T16:47:51.790000
CVE-2023-39945,0,0,27452af8682e7fc1dc0d0187e72741ecfe96e38d136e3ba6496d4fb2131d56a6,2023-08-22T16:12:14.807000 CVE-2023-39945,0,0,27452af8682e7fc1dc0d0187e72741ecfe96e38d136e3ba6496d4fb2131d56a6,2023-08-22T16:12:14.807000
CVE-2023-39946,0,0,ab0dbf5664c8a595401a21854502bec62dd8f35d5d1f6dfd019f4649b8c57813,2023-08-22T14:21:30.250000 CVE-2023-39946,0,0,ab0dbf5664c8a595401a21854502bec62dd8f35d5d1f6dfd019f4649b8c57813,2023-08-22T14:21:30.250000
@ -231255,7 +231255,7 @@ CVE-2023-41088,0,0,49329b5d67d4cd3940fce7a9adab0d791c43fb70872ff5ce3deb4e26e23e1
CVE-2023-41089,0,0,330c83575a9976e5107ccd3bae1c646ffa2e4fef50c0897f1ccd9bee7e5907f8,2023-10-25T13:38:19.127000 CVE-2023-41089,0,0,330c83575a9976e5107ccd3bae1c646ffa2e4fef50c0897f1ccd9bee7e5907f8,2023-10-25T13:38:19.127000
CVE-2023-4109,0,0,8baa8250e57f9070f1588ee57a6aaa5e217a410144b639ec04878717d28bc67a,2023-11-07T04:22:05.817000 CVE-2023-4109,0,0,8baa8250e57f9070f1588ee57a6aaa5e217a410144b639ec04878717d28bc67a,2023-11-07T04:22:05.817000
CVE-2023-41090,0,0,854b0d414b7b6c0e11cc9e6219a438b183a76dbd03346da869904dfb3e0d1bf5,2024-10-23T15:36:17.703000 CVE-2023-41090,0,0,854b0d414b7b6c0e11cc9e6219a438b183a76dbd03346da869904dfb3e0d1bf5,2024-10-23T15:36:17.703000
CVE-2023-41091,0,0,ca1acbfbb48698a0030abb208f0760a15256e3fda004078e03e1a216b077f0fa,2024-02-14T15:01:46.050000 CVE-2023-41091,0,1,ad7652e2d3c1b7f6e6e675f34f7c1c34cd6f691deb9d5ce07924a50cf1e09c08,2024-10-24T19:14:34.080000
CVE-2023-41092,0,0,4e8e931d3ededed79b2045da3cc968b68e4b0145dbe88e1d7c336f100fc82182,2024-05-17T18:36:05.263000 CVE-2023-41092,0,0,4e8e931d3ededed79b2045da3cc968b68e4b0145dbe88e1d7c336f100fc82182,2024-05-17T18:36:05.263000
CVE-2023-41093,0,0,e2ec8ffe14945965701d15ef17979727c54dc987034806d91272b18047967a11,2024-09-10T16:19:41.973000 CVE-2023-41093,0,0,e2ec8ffe14945965701d15ef17979727c54dc987034806d91272b18047967a11,2024-09-10T16:19:41.973000
CVE-2023-41094,0,0,f19259e18ee5ecc21aebc175659559c20ae9ee22625a898f985fcca4d69d87b5,2024-09-26T22:15:03.453000 CVE-2023-41094,0,0,f19259e18ee5ecc21aebc175659559c20ae9ee22625a898f985fcca4d69d87b5,2024-09-26T22:15:03.453000
@ -232112,7 +232112,7 @@ CVE-2023-4214,0,0,819da04ab354ee39aabca649e2dd617af7bc8556f065736471274ad51ec006
CVE-2023-42143,0,0,6c09d38ca58ec27b89dd2edb91a7d385bfff81e0d5504c4d608be4afbef841ea,2024-01-31T16:57:18.603000 CVE-2023-42143,0,0,6c09d38ca58ec27b89dd2edb91a7d385bfff81e0d5504c4d608be4afbef841ea,2024-01-31T16:57:18.603000
CVE-2023-42144,0,0,05d1f6860bc9129d40c6f6b51d3012e2d227c874f92f7cbbedecb433e6c54a74,2024-01-31T16:48:30.507000 CVE-2023-42144,0,0,05d1f6860bc9129d40c6f6b51d3012e2d227c874f92f7cbbedecb433e6c54a74,2024-01-31T16:48:30.507000
CVE-2023-42147,0,0,ed79c09f023413f92737fad990e22af03ae417021071a3f613022a302690f0ad,2023-09-22T02:10:05.603000 CVE-2023-42147,0,0,ed79c09f023413f92737fad990e22af03ae417021071a3f613022a302690f0ad,2023-09-22T02:10:05.603000
CVE-2023-4215,0,1,6a8df4cd312197ca49c8569c9880e77022aa9babf66697ff2a1d3371a98aad67,2024-10-24T17:15:14.653000 CVE-2023-4215,0,0,6a8df4cd312197ca49c8569c9880e77022aa9babf66697ff2a1d3371a98aad67,2024-10-24T17:15:14.653000
CVE-2023-4216,0,0,fa67e8585eaed2878bd9ccbbaedce55d17c9e8fb9c491da89461bfde7702f57f,2023-11-07T04:22:20.767000 CVE-2023-4216,0,0,fa67e8585eaed2878bd9ccbbaedce55d17c9e8fb9c491da89461bfde7702f57f,2023-11-07T04:22:20.767000
CVE-2023-4217,0,0,3b66e4c2db95e463abc0913bf8cff4560b7a5e48b1cf7e8e52cd797b0c5d83d9,2023-11-09T19:47:38.290000 CVE-2023-4217,0,0,3b66e4c2db95e463abc0913bf8cff4560b7a5e48b1cf7e8e52cd797b0c5d83d9,2023-11-09T19:47:38.290000
CVE-2023-42178,0,0,344a598e076c834e23b6be3cc32b4131760070e66f3b068a6c5956c5e566d8d5,2023-09-19T02:11:38.890000 CVE-2023-42178,0,0,344a598e076c834e23b6be3cc32b4131760070e66f3b068a6c5956c5e566d8d5,2023-09-19T02:11:38.890000
@ -236105,7 +236105,7 @@ CVE-2023-48188,0,0,e25a0a9426de91c2097231c68f9a1c0e2db42b370754a400dac508d2f5877
CVE-2023-4819,0,0,2ad6f927c78343f2e16fc822f7a5b92dab83a61bfd87f35e8c8dce495558816a,2023-11-07T04:23:00.223000 CVE-2023-4819,0,0,2ad6f927c78343f2e16fc822f7a5b92dab83a61bfd87f35e8c8dce495558816a,2023-11-07T04:23:00.223000
CVE-2023-48192,0,0,5359a2542f7e7d23640bf862f7875ef2bd7b86d2f2452622e10713c4dc3be1cf,2023-11-29T18:00:50.257000 CVE-2023-48192,0,0,5359a2542f7e7d23640bf862f7875ef2bd7b86d2f2452622e10713c4dc3be1cf,2023-11-29T18:00:50.257000
CVE-2023-48193,0,0,ec5c02890cd9e1fffae359e8523a6a385c1312695a72f38433ff889cec94469e,2024-08-02T22:15:29.943000 CVE-2023-48193,0,0,ec5c02890cd9e1fffae359e8523a6a385c1312695a72f38433ff889cec94469e,2024-08-02T22:15:29.943000
CVE-2023-48194,0,0,45048222a1a48ef59b15d37d160e9eb1ea562f77db507f563133324a3419da17,2024-07-12T17:13:57.027000 CVE-2023-48194,0,1,b3a7c1f9bd761e4291d34b5439919381f06d227ddaf4fe52f85e67b9a35945d7,2024-10-24T18:15:05.247000
CVE-2023-48197,0,0,bd09279ecf36494f3533f0148ecc550e2b331b062d976962b46e6c7441a8b350,2024-01-24T22:15:14.793000 CVE-2023-48197,0,0,bd09279ecf36494f3533f0148ecc550e2b331b062d976962b46e6c7441a8b350,2024-01-24T22:15:14.793000
CVE-2023-48198,0,0,118e4bd5449c9efc19936d81813ba9bd553d9241e436b3c8887cd622b8a518bc,2023-11-28T21:15:08.420000 CVE-2023-48198,0,0,118e4bd5449c9efc19936d81813ba9bd553d9241e436b3c8887cd622b8a518bc,2023-11-28T21:15:08.420000
CVE-2023-48199,0,0,e5a552a9394f09277a2430652250b1515245f28b6cc3f5e1fb31928938b223d2,2023-11-28T21:15:08.477000 CVE-2023-48199,0,0,e5a552a9394f09277a2430652250b1515245f28b6cc3f5e1fb31928938b223d2,2023-11-28T21:15:08.477000
@ -237310,7 +237310,7 @@ CVE-2023-49713,0,0,218889c5a402fd5705daec9bcc09cdcb42c79715e3b51ab95f4e57b982c02
CVE-2023-49715,0,0,05eee3a31f81c1ab13f06badefca659babe45dfca37735123d0debff2a0cdbaa,2024-01-17T15:14:14.103000 CVE-2023-49715,0,0,05eee3a31f81c1ab13f06badefca659babe45dfca37735123d0debff2a0cdbaa,2024-01-17T15:14:14.103000
CVE-2023-49716,0,0,91f9eae7c6492f1531464836ff92def7160c03d006a7d49e44f58f1a59f39c3c,2024-02-15T07:23:22.473000 CVE-2023-49716,0,0,91f9eae7c6492f1531464836ff92def7160c03d006a7d49e44f58f1a59f39c3c,2024-02-15T07:23:22.473000
CVE-2023-4972,0,0,4c33073c60f93786216813d50164c432312414299697d686027cd100a4d3be96,2024-09-26T12:15:03.037000 CVE-2023-4972,0,0,4c33073c60f93786216813d50164c432312414299697d686027cd100a4d3be96,2024-09-26T12:15:03.037000
CVE-2023-49721,0,1,b629fca668b70da2b7c08d3764cd4fdad26f8d984d9a71e399727a3c35bf16e7,2024-10-24T17:35:05.697000 CVE-2023-49721,0,0,b629fca668b70da2b7c08d3764cd4fdad26f8d984d9a71e399727a3c35bf16e7,2024-10-24T17:35:05.697000
CVE-2023-49722,0,0,cc93a8e1b743ebb3417178e838271aa2c7e4b14c431011adace9ae11b2d481ca,2024-01-16T15:52:19.920000 CVE-2023-49722,0,0,cc93a8e1b743ebb3417178e838271aa2c7e4b14c431011adace9ae11b2d481ca,2024-01-16T15:52:19.920000
CVE-2023-4973,0,0,844d49bebf097ca104bc06ed891f452adaeb77a44d08b8b6a5701280c7506817,2024-06-04T19:17:55.467000 CVE-2023-4973,0,0,844d49bebf097ca104bc06ed891f452adaeb77a44d08b8b6a5701280c7506817,2024-06-04T19:17:55.467000
CVE-2023-49733,0,0,4a7e13370d63a3c14fea115fb77d90ff079d909929e45b563e67922f4b36f4c9,2023-12-05T19:19:44.623000 CVE-2023-49733,0,0,4a7e13370d63a3c14fea115fb77d90ff079d909929e45b563e67922f4b36f4c9,2023-12-05T19:19:44.623000
@ -240128,7 +240128,7 @@ CVE-2023-5820,0,0,84dc0c1c53fde44ab4c05c82ab5a2520c185f28133977ced9ce8f2cd09ee60
CVE-2023-5821,0,0,e28393f5c28b9240685235d5df02d1a7ae14f1e20637f91ebbc54582eac12c8a,2023-11-07T04:24:27.417000 CVE-2023-5821,0,0,e28393f5c28b9240685235d5df02d1a7ae14f1e20637f91ebbc54582eac12c8a,2023-11-07T04:24:27.417000
CVE-2023-5822,0,0,a51a65f577998995d417ed51f86cef9948919caf09e4a292400acbf0bd22020b,2023-11-29T19:15:14.147000 CVE-2023-5822,0,0,a51a65f577998995d417ed51f86cef9948919caf09e4a292400acbf0bd22020b,2023-11-29T19:15:14.147000
CVE-2023-5823,0,0,28470bb07246c70804364affe86bdccda42a47cc222585e7bb729e6b070dc476,2023-11-14T16:18:57.250000 CVE-2023-5823,0,0,28470bb07246c70804364affe86bdccda42a47cc222585e7bb729e6b070dc476,2023-11-14T16:18:57.250000
CVE-2023-5824,0,0,267f39751e76543f95f4a7243ad7bc26c656d8cc0b7fd6ab7cfb1e865b812aaa,2024-09-16T16:15:09.590000 CVE-2023-5824,0,1,1998a360c26373b26fdef6f25fafcfb4347ac685ad7c26343981286e8cfed19a,2024-10-24T18:15:05.393000
CVE-2023-5825,0,0,23edd36c9ccca6999373400a33456815056795d3867dea57d3ee2ac949146a8c,2024-10-08T19:01:27.957000 CVE-2023-5825,0,0,23edd36c9ccca6999373400a33456815056795d3867dea57d3ee2ac949146a8c,2024-10-08T19:01:27.957000
CVE-2023-5826,0,0,77f5256c0b3e05297e344b8d4e57780d4479e864cd2195e9176c3e5c17241118,2024-05-17T02:33:20.243000 CVE-2023-5826,0,0,77f5256c0b3e05297e344b8d4e57780d4479e864cd2195e9176c3e5c17241118,2024-05-17T02:33:20.243000
CVE-2023-5827,0,0,4c86fad4c27658fb1ce8352df5d774bb9cb4abc80afb1b424ce85b5e8b692d54,2024-05-17T02:33:20.353000 CVE-2023-5827,0,0,4c86fad4c27658fb1ce8352df5d774bb9cb4abc80afb1b424ce85b5e8b692d54,2024-05-17T02:33:20.353000
@ -241823,7 +241823,7 @@ CVE-2024-0468,0,0,94a6cdffffb8dc5c95562f753cae6786b758e7a7092ab67db1e61de693fd90
CVE-2024-0469,0,0,fb3dc65b84c7b113ee549cb6bffd1f853eb48be27bfe30d6234739c4d8823ce4,2024-05-17T02:34:38.937000 CVE-2024-0469,0,0,fb3dc65b84c7b113ee549cb6bffd1f853eb48be27bfe30d6234739c4d8823ce4,2024-05-17T02:34:38.937000
CVE-2024-0470,0,0,5d9092a1ed691281018d575e5fb54f00a8acdfbf2616a0d18425400b8c67a679,2024-05-17T02:34:39.043000 CVE-2024-0470,0,0,5d9092a1ed691281018d575e5fb54f00a8acdfbf2616a0d18425400b8c67a679,2024-05-17T02:34:39.043000
CVE-2024-0471,0,0,d31788404fe9e4ef50cd1115476b4cbca089d174f763b21aa96505780ad64a86,2024-05-17T02:34:39.150000 CVE-2024-0471,0,0,d31788404fe9e4ef50cd1115476b4cbca089d174f763b21aa96505780ad64a86,2024-05-17T02:34:39.150000
CVE-2024-0472,0,1,50dbc40a0d1568da17b15cbfb4ce669917c87fef959b9f287553db896e5a36c4,2024-10-24T16:35:04.250000 CVE-2024-0472,0,0,50dbc40a0d1568da17b15cbfb4ce669917c87fef959b9f287553db896e5a36c4,2024-10-24T16:35:04.250000
CVE-2024-0473,0,0,dfe5935c4e27badbe57e2c9d7b936253e91ff93b2547838fb351ba9170f3e90b,2024-05-17T02:34:39.377000 CVE-2024-0473,0,0,dfe5935c4e27badbe57e2c9d7b936253e91ff93b2547838fb351ba9170f3e90b,2024-05-17T02:34:39.377000
CVE-2024-0474,0,0,8d8a205e4a24ebf0f6a1a14e57a3751bfddede822d567436d3aabb46ddb7af6c,2024-05-17T02:34:39.480000 CVE-2024-0474,0,0,8d8a205e4a24ebf0f6a1a14e57a3751bfddede822d567436d3aabb46ddb7af6c,2024-05-17T02:34:39.480000
CVE-2024-0475,0,0,f353c8801b8d6ebd2b304eed643bfc65156eb025d4c49ac6bfd8e0f70eec25ea,2024-05-17T02:34:39.583000 CVE-2024-0475,0,0,f353c8801b8d6ebd2b304eed643bfc65156eb025d4c49ac6bfd8e0f70eec25ea,2024-05-17T02:34:39.583000
@ -242455,6 +242455,7 @@ CVE-2024-10290,0,0,d3e172c9c7b7b0403c392ffa2d79ecaff1aea477f009179997ba8147d4bbe
CVE-2024-10291,0,0,4221f9dc258e6d84993fa0f34bdeaf5dfcbfbf20fdb69558d099a0b3635f00b4,2024-10-23T16:15:04.597000 CVE-2024-10291,0,0,4221f9dc258e6d84993fa0f34bdeaf5dfcbfbf20fdb69558d099a0b3635f00b4,2024-10-23T16:15:04.597000
CVE-2024-10292,0,0,8f4c4ab580d9e369d7e7dd331e4604716d13ad341c8b824d3d76d119c02d65de,2024-10-23T16:15:04.943000 CVE-2024-10292,0,0,8f4c4ab580d9e369d7e7dd331e4604716d13ad341c8b824d3d76d119c02d65de,2024-10-23T16:15:04.943000
CVE-2024-10293,0,0,a923f6e085338d69ea2111da01f3e4f9e0b9ff921e35106d46ce0e7cea63eda3,2024-10-23T16:15:05.207000 CVE-2024-10293,0,0,a923f6e085338d69ea2111da01f3e4f9e0b9ff921e35106d46ce0e7cea63eda3,2024-10-23T16:15:05.207000
CVE-2024-10295,1,1,a13dd697d69319dadd65bd708ebbbc7dff277fa249c7141ba4bca06236d03bd2,2024-10-24T19:35:03.070000
CVE-2024-10296,0,0,6780536acb419474ab08f42f0ff74d0f3d24a7a6b50377aafc4dcdaecc7d294f,2024-10-23T17:15:13.690000 CVE-2024-10296,0,0,6780536acb419474ab08f42f0ff74d0f3d24a7a6b50377aafc4dcdaecc7d294f,2024-10-23T17:15:13.690000
CVE-2024-10297,0,0,21e16b153ab50c5e76cb5a479cf3c5f080b3f490cdf8b294a5380f2a80d7bd42,2024-10-23T18:15:05.137000 CVE-2024-10297,0,0,21e16b153ab50c5e76cb5a479cf3c5f080b3f490cdf8b294a5380f2a80d7bd42,2024-10-23T18:15:05.137000
CVE-2024-10298,0,0,62d5e88eb741969e4d70e673f71e4b81aab32ca793b396e4ddc4938c3dc3242a,2024-10-23T19:15:14.920000 CVE-2024-10298,0,0,62d5e88eb741969e4d70e673f71e4b81aab32ca793b396e4ddc4938c3dc3242a,2024-10-23T19:15:14.920000
@ -242463,12 +242464,15 @@ CVE-2024-1030,0,0,34264c5a1a4e97f6ee4441192a69e3a5aa9d9614a8467bdc88cd76d1a9884f
CVE-2024-10300,0,0,d1168f9c1ffba532571d74378610bb66b2289577686fbcbcb64095e338234da5,2024-10-23T20:15:05.060000 CVE-2024-10300,0,0,d1168f9c1ffba532571d74378610bb66b2289577686fbcbcb64095e338234da5,2024-10-23T20:15:05.060000
CVE-2024-10301,0,0,29f96455927e9f4a2ae674b61ef5b8d39692dd5959eef8ab3ccd238c47977136,2024-10-23T20:15:05.310000 CVE-2024-10301,0,0,29f96455927e9f4a2ae674b61ef5b8d39692dd5959eef8ab3ccd238c47977136,2024-10-23T20:15:05.310000
CVE-2024-1031,0,0,6576162a78ac686f55e5931a6b8f02ff6c7312ac04792581e6d78da8a91700d4,2024-05-17T02:35:11.843000 CVE-2024-1031,0,0,6576162a78ac686f55e5931a6b8f02ff6c7312ac04792581e6d78da8a91700d4,2024-05-17T02:35:11.843000
CVE-2024-10313,1,1,04194b1dbc8be595a4e5096cd0c21e48e5ea37adc11df72735299fd02aaeac0a,2024-10-24T18:15:05.920000
CVE-2024-1032,0,0,06925fc416f8ceea7fb895efc2e3f765d4f064c5150968a9409448741aa1fb78,2024-05-17T02:35:11.947000 CVE-2024-1032,0,0,06925fc416f8ceea7fb895efc2e3f765d4f064c5150968a9409448741aa1fb78,2024-05-17T02:35:11.947000
CVE-2024-1033,0,0,6041b3ccd70df4052a8c26438331689f702c93b37a47aeb2d707df9d77ed7f49,2024-05-17T02:35:12.047000 CVE-2024-1033,0,0,6041b3ccd70df4052a8c26438331689f702c93b37a47aeb2d707df9d77ed7f49,2024-05-17T02:35:12.047000
CVE-2024-10331,0,0,0ea4704cb0b6d504547be8cbdae887d3647db162f6beaaee72d4b7584e44cc6c,2024-10-24T11:15:14.327000 CVE-2024-10331,0,0,0ea4704cb0b6d504547be8cbdae887d3647db162f6beaaee72d4b7584e44cc6c,2024-10-24T11:15:14.327000
CVE-2024-10332,0,0,85cf635cfe3f26ffd48ff5c222b99c1eb587859c46939f8e6364d970eb422157,2024-10-24T13:15:11.830000 CVE-2024-10332,0,0,85cf635cfe3f26ffd48ff5c222b99c1eb587859c46939f8e6364d970eb422157,2024-10-24T13:15:11.830000
CVE-2024-10335,1,1,d1262d29e5dc663657a331eba3883b5a351e7279597dd05852a56269f6e891d2,2024-10-24T17:15:14.823000 CVE-2024-10335,0,0,d1262d29e5dc663657a331eba3883b5a351e7279597dd05852a56269f6e891d2,2024-10-24T17:15:14.823000
CVE-2024-10336,1,1,33e82271c1bad361b028f2e98191e887a62f8fe553b83c9e8d440090c3c1fb29,2024-10-24T17:15:15.143000 CVE-2024-10336,0,0,33e82271c1bad361b028f2e98191e887a62f8fe553b83c9e8d440090c3c1fb29,2024-10-24T17:15:15.143000
CVE-2024-10337,1,1,a69476b83db6c1f12d365a088fb8bc4d825727f073e5a237b1dd6d1ef8718249,2024-10-24T18:15:06.170000
CVE-2024-10338,1,1,834519410f43f4f4c77b02126281b19245f19896884e0511305f98f5f48cd646,2024-10-24T18:15:06.437000
CVE-2024-1034,0,0,454f09f0f5fc636699352f4449a6882a204ccb564a121fe5e40109839ef595a1,2024-05-17T02:35:12.150000 CVE-2024-1034,0,0,454f09f0f5fc636699352f4449a6882a204ccb564a121fe5e40109839ef595a1,2024-05-17T02:35:12.150000
CVE-2024-1035,0,0,792864ab2b0f8151b262ffe209c5f075ae9ac530a32ee5bddc4609b3d7d6306a,2024-05-17T02:35:12.253000 CVE-2024-1035,0,0,792864ab2b0f8151b262ffe209c5f075ae9ac530a32ee5bddc4609b3d7d6306a,2024-05-17T02:35:12.253000
CVE-2024-1036,0,0,aa65a53beadc56e4dda3efe9acb5802f242935c19973e66e0ff7f62d01b276fd,2024-05-17T02:35:12.357000 CVE-2024-1036,0,0,aa65a53beadc56e4dda3efe9acb5802f242935c19973e66e0ff7f62d01b276fd,2024-05-17T02:35:12.357000
@ -243689,7 +243693,7 @@ CVE-2024-20433,0,0,5e566651815d3cb842d80bb54328b0e8280ee578655d8a254f288aa4418bc
CVE-2024-20434,0,0,904368830c218856dc09e88c749c79a929855ae5c25f03306a83a7691e310e6c,2024-10-08T16:20:30.933000 CVE-2024-20434,0,0,904368830c218856dc09e88c749c79a929855ae5c25f03306a83a7691e310e6c,2024-10-08T16:20:30.933000
CVE-2024-20435,0,0,bea0a896db86de220514ce1618de53b05523503910f680b3361f4c8bb8734dd9,2024-07-18T12:28:43.707000 CVE-2024-20435,0,0,bea0a896db86de220514ce1618de53b05523503910f680b3361f4c8bb8734dd9,2024-07-18T12:28:43.707000
CVE-2024-20436,0,0,5d5cf7d2b852964575995c0ffa88e22ef644ab7daf1e554efb7370d28d6f8d68,2024-10-08T21:00:00.670000 CVE-2024-20436,0,0,5d5cf7d2b852964575995c0ffa88e22ef644ab7daf1e554efb7370d28d6f8d68,2024-10-08T21:00:00.670000
CVE-2024-20437,0,0,3588a74a4857b2b89502e176f099e98223e6ee3f1fc87f57deb9e52b3c2e63bf,2024-09-26T13:32:02.803000 CVE-2024-20437,0,1,f5342e83073163f5076b37217bd88c609cebc8e5fd125a4eaf2dc842fb175051,2024-10-24T19:45:01.540000
CVE-2024-20438,0,0,a9dc208e682d6b275639ddea51e6d0791542b6ddcec3dc7b8e7fc31fc89eece9,2024-10-08T13:54:46.450000 CVE-2024-20438,0,0,a9dc208e682d6b275639ddea51e6d0791542b6ddcec3dc7b8e7fc31fc89eece9,2024-10-08T13:54:46.450000
CVE-2024-20439,0,0,d6b5bcbae917ca310708f2b3bf5f6e48a7ee01ce537e933ecbd837bca81ceec5,2024-09-13T19:35:32.477000 CVE-2024-20439,0,0,d6b5bcbae917ca310708f2b3bf5f6e48a7ee01ce537e933ecbd837bca81ceec5,2024-09-13T19:35:32.477000
CVE-2024-2044,0,0,20580816ecbcb2d456bf5030911ad2dbba893322604e54631bb30d65d5e1ff74,2024-08-01T13:49:39.293000 CVE-2024-2044,0,0,20580816ecbcb2d456bf5030911ad2dbba893322604e54631bb30d65d5e1ff74,2024-08-01T13:49:39.293000
@ -243705,7 +243709,7 @@ CVE-2024-2045,0,0,711ac9453656184dc732c4f4633f4f7bda646ec847d7f0c1c60c568976f58a
CVE-2024-20450,0,0,a40597aa01c7c808e6329a0cff711d7709db0a15729885e98911c863c6fe701c,2024-08-23T18:14:43.787000 CVE-2024-20450,0,0,a40597aa01c7c808e6329a0cff711d7709db0a15729885e98911c863c6fe701c,2024-08-23T18:14:43.787000
CVE-2024-20451,0,0,616ab4cb2b50cee49c462941d4d3e48792a6a3c09b725bd97a134b2f4a53bec9,2024-08-23T18:14:11.137000 CVE-2024-20451,0,0,616ab4cb2b50cee49c462941d4d3e48792a6a3c09b725bd97a134b2f4a53bec9,2024-08-23T18:14:11.137000
CVE-2024-20454,0,0,b7df5fe3c7f3ad82ec42e5ba189942703f651e8bba204ff78589b452573f75e5,2024-08-23T18:13:47.510000 CVE-2024-20454,0,0,b7df5fe3c7f3ad82ec42e5ba189942703f651e8bba204ff78589b452573f75e5,2024-08-23T18:13:47.510000
CVE-2024-20455,0,0,582e47a347a8706fc3b45fb517686d3b16168e4f0adf4813dc071f3e17470c8f,2024-09-26T13:32:02.803000 CVE-2024-20455,0,1,0eab0e0d21dc4342feafbdcb7840d45bd73b5886ce73a3d40c40f5d3f5d5114a,2024-10-24T19:47:49.750000
CVE-2024-20456,0,0,bf56f0f0f8d3ed0f6616c43fc8ca6a47b6257ec17aaac25185ba7a05790b5cc9,2024-07-11T13:05:54.930000 CVE-2024-20456,0,0,bf56f0f0f8d3ed0f6616c43fc8ca6a47b6257ec17aaac25185ba7a05790b5cc9,2024-07-11T13:05:54.930000
CVE-2024-20458,0,0,7fb1e55e612ee6c8cc09ba5c55e99526661fa33e17c363c55add3406c5a053f4,2024-10-22T18:03:09.777000 CVE-2024-20458,0,0,7fb1e55e612ee6c8cc09ba5c55e99526661fa33e17c363c55add3406c5a053f4,2024-10-22T18:03:09.777000
CVE-2024-20459,0,0,5cd54a48218e6b57b046cb69743cb297e897ffabcfc93cde2b5b5db91e60d9df,2024-10-22T18:06:48.333000 CVE-2024-20459,0,0,5cd54a48218e6b57b046cb69743cb297e897ffabcfc93cde2b5b5db91e60d9df,2024-10-22T18:06:48.333000
@ -243713,8 +243717,8 @@ CVE-2024-20460,0,0,358defc63ad86f792960aac125709e2fb3ed671fce4437f964487072e33fe
CVE-2024-20461,0,0,c15342729fb0990fca2c54c1ab369938cf9683949c2cefcc250f30164551b25e,2024-10-22T18:26:01.890000 CVE-2024-20461,0,0,c15342729fb0990fca2c54c1ab369938cf9683949c2cefcc250f30164551b25e,2024-10-22T18:26:01.890000
CVE-2024-20462,0,0,b4e4c93a961318330887a3ec7cd87acb06e21170fac85cb813ac45cad8cb70ab,2024-10-22T18:33:31.410000 CVE-2024-20462,0,0,b4e4c93a961318330887a3ec7cd87acb06e21170fac85cb813ac45cad8cb70ab,2024-10-22T18:33:31.410000
CVE-2024-20463,0,0,2fbbbaedfda9bb304c7dda8b513af588802004e5e8905e7372610fd9adcd741c,2024-10-22T18:36:35.487000 CVE-2024-20463,0,0,2fbbbaedfda9bb304c7dda8b513af588802004e5e8905e7372610fd9adcd741c,2024-10-22T18:36:35.487000
CVE-2024-20464,0,0,885e4b5fbbba0f9d8b2f4ff463c0a3d55ff5aae6f976428aa05f22d0fa4e2121,2024-09-26T13:32:02.803000 CVE-2024-20464,0,1,f24579468ebdb84e5fe9b1671318293b6d5b473cae484edf3392abda0d117c91,2024-10-24T19:47:29.740000
CVE-2024-20465,0,0,e6053a052da134a2b60854b5aefb33da7ab8ec9453353220c196e9e5fe323c38,2024-09-26T13:32:02.803000 CVE-2024-20465,0,1,58c61302cfd8374a2de79b49d5aac585902b54820b0fbcf82d9f704341c07483,2024-10-24T19:46:15.007000
CVE-2024-20466,0,0,1f67211864766033ae7df34d7b817672b03d47284d690437051f747cfe419304,2024-09-11T16:15:05.683000 CVE-2024-20466,0,0,1f67211864766033ae7df34d7b817672b03d47284d690437051f747cfe419304,2024-09-11T16:15:05.683000
CVE-2024-20467,0,0,c1af58980ccad99499fcb95639264b5a0614f69936f5a7ffc5edb35f8fbf6c29,2024-10-03T20:09:50.970000 CVE-2024-20467,0,0,c1af58980ccad99499fcb95639264b5a0614f69936f5a7ffc5edb35f8fbf6c29,2024-10-03T20:09:50.970000
CVE-2024-20469,0,0,394110c2afcd5812c9d147805c76bc56d743563b5c07576e0d27ad32427aafe0,2024-09-20T16:58:14.327000 CVE-2024-20469,0,0,394110c2afcd5812c9d147805c76bc56d743563b5c07576e0d27ad32427aafe0,2024-09-20T16:58:14.327000
@ -244769,7 +244773,7 @@ CVE-2024-21650,0,0,5cbeb953c2bc16b06c4d2eb10c2aaf5c195e8b616cb153bf798b555c5db33
CVE-2024-21651,0,0,f5554efc88e50c9872fea5f6619114799b4a2a9adc9f1e1ca5f5f27a89262295,2024-01-12T17:15:18.467000 CVE-2024-21651,0,0,f5554efc88e50c9872fea5f6619114799b4a2a9adc9f1e1ca5f5f27a89262295,2024-01-12T17:15:18.467000
CVE-2024-21652,0,0,e0d7be5546ef01efa9704280134988508a565f3e7e562069f235bc79c8e45f2d,2024-03-18T19:40:00.173000 CVE-2024-21652,0,0,e0d7be5546ef01efa9704280134988508a565f3e7e562069f235bc79c8e45f2d,2024-03-18T19:40:00.173000
CVE-2024-21653,0,0,ce4af85c3427e8e239faa818c1af79d7b1adc1dc1f140ac9db4d80e88fa5042a,2024-02-08T17:33:27.273000 CVE-2024-21653,0,0,ce4af85c3427e8e239faa818c1af79d7b1adc1dc1f140ac9db4d80e88fa5042a,2024-02-08T17:33:27.273000
CVE-2024-21654,0,1,76ea102708f959894dab4a17a8cf6964377262213f8ed18cdb996b203b4a5b1f,2024-10-24T16:35:05.720000 CVE-2024-21654,0,0,76ea102708f959894dab4a17a8cf6964377262213f8ed18cdb996b203b4a5b1f,2024-10-24T16:35:05.720000
CVE-2024-21655,0,0,e05ae57984fd3423a83e9c7cb5d50a52bb4d06f33337e122d8d866553309143d,2024-01-25T15:36:21.337000 CVE-2024-21655,0,0,e05ae57984fd3423a83e9c7cb5d50a52bb4d06f33337e122d8d866553309143d,2024-01-25T15:36:21.337000
CVE-2024-21658,0,0,22e5e8cc10afa93809b8c28027ffdea5956dc4bcf07294bc4314615b494c0e4d,2024-09-05T14:39:07.033000 CVE-2024-21658,0,0,22e5e8cc10afa93809b8c28027ffdea5956dc4bcf07294bc4314615b494c0e4d,2024-09-05T14:39:07.033000
CVE-2024-2166,0,0,56b4755f03205365cb4650b778f24bbf9e5f1db18f9397e5eccfc994ba003c89,2024-09-12T17:19:43.607000 CVE-2024-2166,0,0,56b4755f03205365cb4650b778f24bbf9e5f1db18f9397e5eccfc994ba003c89,2024-09-12T17:19:43.607000
@ -251903,7 +251907,7 @@ CVE-2024-31493,0,0,23786918c0e6bb606f80dfbf3cc1cf7aa62322ef3147c75ab2836cfafd79a
CVE-2024-31495,0,0,cc64a104bd02c0ad2ecb59ee5b7d31fe176ceb300f836393c6f4ac68db9adc74,2024-06-13T18:36:45.417000 CVE-2024-31495,0,0,cc64a104bd02c0ad2ecb59ee5b7d31fe176ceb300f836393c6f4ac68db9adc74,2024-06-13T18:36:45.417000
CVE-2024-31497,0,0,8d8d7f6d342d19eead9a597122971bd1c38180baf81620a11231640a58ff9af9,2024-06-20T19:15:49.960000 CVE-2024-31497,0,0,8d8d7f6d342d19eead9a597122971bd1c38180baf81620a11231640a58ff9af9,2024-06-20T19:15:49.960000
CVE-2024-31498,0,0,64e912cb7273640f524a86a4c4b92bedddd325f11af3ca69081c43f6ca10cd7a,2024-08-27T19:35:26.363000 CVE-2024-31498,0,0,64e912cb7273640f524a86a4c4b92bedddd325f11af3ca69081c43f6ca10cd7a,2024-08-27T19:35:26.363000
CVE-2024-3150,0,0,b97a8815b56839d2226aebb6cd7913d84c716ac8c4d2225d62974de2a6c38871,2024-06-07T14:56:05.647000 CVE-2024-3150,0,1,c04bcaa026ade77c6b3f2254ca025e593677eeaae597c362ec21f5c24ac7a445,2024-10-24T19:35:19.290000
CVE-2024-31502,0,0,48eff8d0e1056f4d498c02b25fa6f36fe79ddc405bd5236ddde6ae6266b87571,2024-07-03T01:55:04.920000 CVE-2024-31502,0,0,48eff8d0e1056f4d498c02b25fa6f36fe79ddc405bd5236ddde6ae6266b87571,2024-07-03T01:55:04.920000
CVE-2024-31503,0,0,63f26c08bc84d4a6878a828315f5d6a190e4224cc41f797a0adf367284c5896d,2024-08-19T21:35:06.150000 CVE-2024-31503,0,0,63f26c08bc84d4a6878a828315f5d6a190e4224cc41f797a0adf367284c5896d,2024-08-19T21:35:06.150000
CVE-2024-31504,0,0,ff5e6de58bbe8f153bd36ad8b71b66ea5d63fceb3d05f083e0fcf1527f2e563c,2024-07-11T16:23:42.943000 CVE-2024-31504,0,0,ff5e6de58bbe8f153bd36ad8b71b66ea5d63fceb3d05f083e0fcf1527f2e563c,2024-07-11T16:23:42.943000
@ -254431,7 +254435,7 @@ CVE-2024-35173,0,0,49a434371ec4a6229edf5da12202cfa5598a4af286c41c326bfe7f54ebc1c
CVE-2024-35174,0,0,b1c7ded9fc748474b589a3a5bf1c3406f1a807641e59436d3b061c2f7ba5cdeb,2024-05-17T18:35:35.070000 CVE-2024-35174,0,0,b1c7ded9fc748474b589a3a5bf1c3406f1a807641e59436d3b061c2f7ba5cdeb,2024-05-17T18:35:35.070000
CVE-2024-35175,0,0,c8c86729e26a3f8e4e543bcb56b2884e73c6c8c90917029f391628b680dfad69,2024-05-15T16:40:19.330000 CVE-2024-35175,0,0,c8c86729e26a3f8e4e543bcb56b2884e73c6c8c90917029f391628b680dfad69,2024-05-15T16:40:19.330000
CVE-2024-35176,0,0,6ca7e7edb5c74cc4529c2f1d06dd954facb0383c2589dae58213add18d8e2594,2024-05-17T18:36:31.297000 CVE-2024-35176,0,0,6ca7e7edb5c74cc4529c2f1d06dd954facb0383c2589dae58213add18d8e2594,2024-05-17T18:36:31.297000
CVE-2024-35178,0,0,0a2bb0c97b8e9160deedcd44db2c0b732a28e6fbad7b00036bf3272c18691974,2024-06-07T14:56:05.647000 CVE-2024-35178,0,1,966d194fde3b588d2e33c6baaec163a3ac04113c9251192e56ae69f02639f080,2024-10-24T19:22:04.123000
CVE-2024-35179,0,0,60884268b480220b0ed8e7d049c3aba7d13418af0d36f7c5bd91c29c2d5e7e96,2024-05-15T16:40:19.330000 CVE-2024-35179,0,0,60884268b480220b0ed8e7d049c3aba7d13418af0d36f7c5bd91c29c2d5e7e96,2024-05-15T16:40:19.330000
CVE-2024-3518,0,0,7a83fec6c9edcb89d532948688bb01695519330d58da21735682b3ae91dffe67,2024-05-22T12:46:53.887000 CVE-2024-3518,0,0,7a83fec6c9edcb89d532948688bb01695519330d58da21735682b3ae91dffe67,2024-05-22T12:46:53.887000
CVE-2024-35180,0,0,190aa281c362464f8b05fe476a49394f7d0058a0dab615a9223a47f1581d0fb3,2024-05-21T16:54:35.880000 CVE-2024-35180,0,0,190aa281c362464f8b05fe476a49394f7d0058a0dab615a9223a47f1581d0fb3,2024-05-21T16:54:35.880000
@ -255964,7 +255968,7 @@ CVE-2024-37265,0,0,15f68b41e4db6ae6ccda7f80b0a70abe19004015dbcf0d1246d37335388c5
CVE-2024-37266,0,0,44943b1bec747c3c4ecddbc943aaff365210584d2dac21ff41065ed54e40dcb1,2024-08-29T18:59:40.057000 CVE-2024-37266,0,0,44943b1bec747c3c4ecddbc943aaff365210584d2dac21ff41065ed54e40dcb1,2024-08-29T18:59:40.057000
CVE-2024-37267,0,0,0d692f1d5fdd2443078b17f2b54167a732ba33e5479382e14b7e2bd4b6ec49a8,2024-07-25T13:47:43.833000 CVE-2024-37267,0,0,0d692f1d5fdd2443078b17f2b54167a732ba33e5479382e14b7e2bd4b6ec49a8,2024-07-25T13:47:43.833000
CVE-2024-37268,0,0,32108042cd6042edb5d9a980c4bc9e7e171800cf8a42366d53d95c0b76a50314,2024-08-29T18:56:01.267000 CVE-2024-37268,0,0,32108042cd6042edb5d9a980c4bc9e7e171800cf8a42366d53d95c0b76a50314,2024-08-29T18:56:01.267000
CVE-2024-3727,0,0,a1989485c0879930d152523598424caa8665be106b5388ff416dc979a00377e6,2024-10-17T01:15:13.357000 CVE-2024-3727,0,1,b0e2ad58d0d2a68040573151b20db183d58ae1205fb7aacdf4a0e26b9877e66f,2024-10-24T18:15:08.177000
CVE-2024-37270,0,0,09adf8729d6feae3191994dc6f2b286449a8e4d910f8c343a3a9496ea050a29f,2024-07-11T13:05:54.930000 CVE-2024-37270,0,0,09adf8729d6feae3191994dc6f2b286449a8e4d910f8c343a3a9496ea050a29f,2024-07-11T13:05:54.930000
CVE-2024-37271,0,0,82adde283ff9dacc0f77be200c055ea2f2c58a80387c070880c7d1f2c1068d32,2024-07-25T13:46:39.273000 CVE-2024-37271,0,0,82adde283ff9dacc0f77be200c055ea2f2c58a80387c070880c7d1f2c1068d32,2024-07-25T13:46:39.273000
CVE-2024-37273,0,0,2a85b1da0ca6e483bcfb6dea755537146c70a6967cba53f16b02bbb377a77813,2024-08-15T14:35:03.053000 CVE-2024-37273,0,0,2a85b1da0ca6e483bcfb6dea755537146c70a6967cba53f16b02bbb377a77813,2024-08-15T14:35:03.053000
@ -256735,6 +256739,7 @@ CVE-2024-38308,0,0,fe139b0ba6074f0e39f21bcc0d3b2863f88a6047b3a5a779d5f8bedf54884
CVE-2024-3831,0,0,50e818929dc56e84afc0dd8fe8fae7a8b323529f272034386ddae5543191124f,2024-05-14T16:11:39.510000 CVE-2024-3831,0,0,50e818929dc56e84afc0dd8fe8fae7a8b323529f272034386ddae5543191124f,2024-05-14T16:11:39.510000
CVE-2024-38312,0,0,1eb38797c2d82d591d8abe57f1d4573a3412cb86f39c7ea700474f2d0b5ea92a,2024-08-07T17:47:36.897000 CVE-2024-38312,0,0,1eb38797c2d82d591d8abe57f1d4573a3412cb86f39c7ea700474f2d0b5ea92a,2024-08-07T17:47:36.897000
CVE-2024-38313,0,0,6104dc2b29b4c8ac118d88c83436ea8db6780255231d99b7909daa998f4d9c3c,2024-09-12T17:48:33.947000 CVE-2024-38313,0,0,6104dc2b29b4c8ac118d88c83436ea8db6780255231d99b7909daa998f4d9c3c,2024-09-12T17:48:33.947000
CVE-2024-38314,1,1,f448bf43b0dcbd6f94057272eb0ce97542343e31622558d7a1a88ad6059e9f30,2024-10-24T18:15:07.957000
CVE-2024-38315,0,0,aeb4bea82071a33b9340679ee227ee40ee52d5ed9a6712f0f0c3d02c04ca6f7f,2024-09-20T14:09:24.733000 CVE-2024-38315,0,0,aeb4bea82071a33b9340679ee227ee40ee52d5ed9a6712f0f0c3d02c04ca6f7f,2024-09-20T14:09:24.733000
CVE-2024-38319,0,0,baca4c6dd463198ff6e83e4d1d026e029418f6c2a504c13c76e1be823b804509,2024-06-24T12:57:36.513000 CVE-2024-38319,0,0,baca4c6dd463198ff6e83e4d1d026e029418f6c2a504c13c76e1be823b804509,2024-06-24T12:57:36.513000
CVE-2024-3832,0,0,9a695728462575e75497ca13bb41d4307d467f786773e32ceb92b024954b50b9,2024-08-14T20:35:21.240000 CVE-2024-3832,0,0,9a695728462575e75497ca13bb41d4307d467f786773e32ceb92b024954b50b9,2024-08-14T20:35:21.240000
@ -257981,8 +257986,8 @@ CVE-2024-40422,0,0,d3469c3cd9d0a29c183d0e0059bb4038c9b4a37bd15891a6493843f933bd0
CVE-2024-40425,0,0,00190f9170b077ba334795fc09138437ec577bc0e167bbe92fc8ad126823e729,2024-08-01T13:57:26.300000 CVE-2024-40425,0,0,00190f9170b077ba334795fc09138437ec577bc0e167bbe92fc8ad126823e729,2024-08-01T13:57:26.300000
CVE-2024-4043,0,0,50e67cd87d2761034ee2e0514a61b1574f18a654fe271a8568be1eaa53e96b2e,2024-05-24T01:15:30.977000 CVE-2024-4043,0,0,50e67cd87d2761034ee2e0514a61b1574f18a654fe271a8568be1eaa53e96b2e,2024-05-24T01:15:30.977000
CVE-2024-40430,0,0,546dc110e07f45ee3ffd84e8af87c8ef8c5f6d93dcd27e587cb3a3c5233f7799,2024-09-13T21:15:10.357000 CVE-2024-40430,0,0,546dc110e07f45ee3ffd84e8af87c8ef8c5f6d93dcd27e587cb3a3c5233f7799,2024-09-13T21:15:10.357000
CVE-2024-40431,0,0,e9bee562080985179528d976194445036f0fd93a6d1dd5807a2a9cb030edab75,2024-10-23T22:15:02.340000 CVE-2024-40431,0,1,5fb9c8d8e8eca2c6ce117cc8be2e6523610d310535354e9e5f55716d61b6e614,2024-10-24T18:35:07.010000
CVE-2024-40432,0,1,c6bfa7d4fd77ce07d834ccbc132b9835555374c8e776fbf0436e00b0d426ea31,2024-10-24T16:35:06.560000 CVE-2024-40432,0,0,c6bfa7d4fd77ce07d834ccbc132b9835555374c8e776fbf0436e00b0d426ea31,2024-10-24T16:35:06.560000
CVE-2024-40433,0,0,e7a4ec9affcd5459ba2865b747a3c21f3af0ec6afc5f3d7573785ee38941782a,2024-08-01T13:57:28.500000 CVE-2024-40433,0,0,e7a4ec9affcd5459ba2865b747a3c21f3af0ec6afc5f3d7573785ee38941782a,2024-08-01T13:57:28.500000
CVE-2024-4044,0,0,e5bbe7519a57f32e10b3da751a3cb9112f45a7270ca309aa6997e34b1ffc6b95,2024-05-14T16:11:39.510000 CVE-2024-4044,0,0,e5bbe7519a57f32e10b3da751a3cb9112f45a7270ca309aa6997e34b1ffc6b95,2024-05-14T16:11:39.510000
CVE-2024-40441,0,0,c6514ede5c7f5ef8c83cfb03126d88402099d182d6578c9b7395512c5db252a8,2024-09-26T13:32:55.343000 CVE-2024-40441,0,0,c6514ede5c7f5ef8c83cfb03126d88402099d182d6578c9b7395512c5db252a8,2024-09-26T13:32:55.343000
@ -257991,7 +257996,7 @@ CVE-2024-4045,0,0,2ae0d8f233b2cc7f6d27d9d81b74b74fd6cc2876f88a425dbeb60d35e4802b
CVE-2024-40453,0,0,4483c5209dc00972ed35087fa7a57143bcc3f4e4c2aa05f9c16e6199d4acac45,2024-08-23T17:35:05.463000 CVE-2024-40453,0,0,4483c5209dc00972ed35087fa7a57143bcc3f4e4c2aa05f9c16e6199d4acac45,2024-08-23T17:35:05.463000
CVE-2024-40455,0,0,2b4af03841b1088e106e2c8470bdfc3454c77a8d4b576f687e8da463b4385ab7,2024-08-01T13:57:29.287000 CVE-2024-40455,0,0,2b4af03841b1088e106e2c8470bdfc3454c77a8d4b576f687e8da463b4385ab7,2024-08-01T13:57:29.287000
CVE-2024-40456,0,0,f1acaf3e46ce38cdd4b72320186132bab37cc38f6f4c796e31eaece0545a5e4c,2024-08-01T13:57:29.487000 CVE-2024-40456,0,0,f1acaf3e46ce38cdd4b72320186132bab37cc38f6f4c796e31eaece0545a5e4c,2024-08-01T13:57:29.487000
CVE-2024-40457,0,1,c48d41bd96fb4d23a817f2df64b770558b35704c52871238cdfde186fa28f2e5,2024-10-24T17:35:07.660000 CVE-2024-40457,0,0,c48d41bd96fb4d23a817f2df64b770558b35704c52871238cdfde186fa28f2e5,2024-10-24T17:35:07.660000
CVE-2024-4046,0,0,b162bb54ae31ac06a54238ce430265f513a39f78ee0aa36d5d6ff941168dcdb1,2024-05-14T16:11:39.510000 CVE-2024-4046,0,0,b162bb54ae31ac06a54238ce430265f513a39f78ee0aa36d5d6ff941168dcdb1,2024-05-14T16:11:39.510000
CVE-2024-40464,0,0,566a84364894c87cd293e303f1f3b91278da64a57babcc563f0c2d0eca7b55aa,2024-08-15T13:02:33 CVE-2024-40464,0,0,566a84364894c87cd293e303f1f3b91278da64a57babcc563f0c2d0eca7b55aa,2024-08-15T13:02:33
CVE-2024-40465,0,0,d1f805e9dd9512e63091b4cd71cf57cffa5f52934bb1bfd71a75623426707138,2024-08-15T13:11:07.570000 CVE-2024-40465,0,0,d1f805e9dd9512e63091b4cd71cf57cffa5f52934bb1bfd71a75623426707138,2024-08-15T13:11:07.570000
@ -258215,7 +258220,7 @@ CVE-2024-40806,0,0,de19bdc26ad947be78b25439a4c081cef03a9ac0cf8596ce40e06ed665906
CVE-2024-40807,0,0,a57ec3a3bb089ed252f2f8c175043165750e676422e4f67fbb537c1821f4ad1a,2024-08-15T16:35:50.210000 CVE-2024-40807,0,0,a57ec3a3bb089ed252f2f8c175043165750e676422e4f67fbb537c1821f4ad1a,2024-08-15T16:35:50.210000
CVE-2024-40809,0,0,9737181761f09811942af1648871be698e164a1e26e2d7cb09625587b1583d46,2024-08-15T16:26:51.523000 CVE-2024-40809,0,0,9737181761f09811942af1648871be698e164a1e26e2d7cb09625587b1583d46,2024-08-15T16:26:51.523000
CVE-2024-4081,0,0,2b1a13825488c3123a899d577616f27ebfa5f72481cbd0378e19b046630c7604,2024-09-12T16:43:42.490000 CVE-2024-4081,0,0,2b1a13825488c3123a899d577616f27ebfa5f72481cbd0378e19b046630c7604,2024-09-12T16:43:42.490000
CVE-2024-40810,1,1,5c1aaf2a972e606c4a7220b7bfe4a9c16fc99dd43370c41fa4d7c98a6cc62096,2024-10-24T17:15:16.263000 CVE-2024-40810,0,0,5c1aaf2a972e606c4a7220b7bfe4a9c16fc99dd43370c41fa4d7c98a6cc62096,2024-10-24T17:15:16.263000
CVE-2024-40811,0,0,58a2466a72dd67097326f2c18b9b99f24e15edfadd201715f3a11dc5fe430f0a,2024-08-01T13:58:09.693000 CVE-2024-40811,0,0,58a2466a72dd67097326f2c18b9b99f24e15edfadd201715f3a11dc5fe430f0a,2024-08-01T13:58:09.693000
CVE-2024-40812,0,0,c246dcffc924270886f6bb5d99cc189e11e554cbf0acf5a0b6d7c76bf5b7cabf,2024-08-15T16:26:53.560000 CVE-2024-40812,0,0,c246dcffc924270886f6bb5d99cc189e11e554cbf0acf5a0b6d7c76bf5b7cabf,2024-08-15T16:26:53.560000
CVE-2024-40813,0,0,eaec9d679620cbe04b5224752ba0981027a92f3e1bca89f18faeb08b9aaf1ce7,2024-08-15T16:15:52.613000 CVE-2024-40813,0,0,eaec9d679620cbe04b5224752ba0981027a92f3e1bca89f18faeb08b9aaf1ce7,2024-08-15T16:15:52.613000
@ -259527,7 +259532,7 @@ CVE-2024-42638,0,0,f05422802d125b3ce266da31a9abfdc3602d6bb3aba7eee20387c1a0cbe79
CVE-2024-42639,0,0,1a5c2259211b7b8d7a3c9ad7a85700d339edaffc744195b682680689ea5c39c4,2024-08-19T18:35:13.310000 CVE-2024-42639,0,0,1a5c2259211b7b8d7a3c9ad7a85700d339edaffc744195b682680689ea5c39c4,2024-08-19T18:35:13.310000
CVE-2024-4264,0,0,aceade487dcdf82d5a23a178a070b3c07d4cce69337175854977fa24341a320c,2024-05-20T13:00:34.807000 CVE-2024-4264,0,0,aceade487dcdf82d5a23a178a070b3c07d4cce69337175854977fa24341a320c,2024-05-20T13:00:34.807000
CVE-2024-42640,0,0,aa9fdc0f8db2e7e48ae8090075d403a2f9c88e4c7abd16509bc27a944cdc3dcd,2024-10-15T17:35:04.623000 CVE-2024-42640,0,0,aa9fdc0f8db2e7e48ae8090075d403a2f9c88e4c7abd16509bc27a944cdc3dcd,2024-10-15T17:35:04.623000
CVE-2024-42642,0,1,bdd31771afbe48c8219dbe1c18503e5c7e79c39889cb0364195342f8249e7d8e,2024-10-24T17:35:08.450000 CVE-2024-42642,0,0,bdd31771afbe48c8219dbe1c18503e5c7e79c39889cb0364195342f8249e7d8e,2024-10-24T17:35:08.450000
CVE-2024-42643,0,0,bc822a6b73ba664d99782bb83e8cc157e110a7a6a996980d55e1c973153f8531,2024-10-23T18:35:01.897000 CVE-2024-42643,0,0,bc822a6b73ba664d99782bb83e8cc157e110a7a6a996980d55e1c973153f8531,2024-10-23T18:35:01.897000
CVE-2024-4265,0,0,674cb78ce8c95e07c05495b52772b5d4a079c608362a6e67c2dfb567e6b8517a,2024-05-02T18:00:37.360000 CVE-2024-4265,0,0,674cb78ce8c95e07c05495b52772b5d4a079c608362a6e67c2dfb567e6b8517a,2024-05-02T18:00:37.360000
CVE-2024-42657,0,0,7a9e5456dd66d94be3a75e811d67a1de5788317e788930f1ba2e8b5887d23144,2024-08-20T16:13:12.413000 CVE-2024-42657,0,0,7a9e5456dd66d94be3a75e811d67a1de5788317e788930f1ba2e8b5887d23144,2024-08-20T16:13:12.413000
@ -260243,10 +260248,10 @@ CVE-2024-43845,0,0,d80433b94567f7553ba59d5578ff0ab177cc617e43797bbfe0b461c6dff68
CVE-2024-43846,0,0,336ca6ce5d381bc8197cb8ae52aec5d82cb25fe9302c78389787b6ba92216525,2024-08-19T12:59:59.177000 CVE-2024-43846,0,0,336ca6ce5d381bc8197cb8ae52aec5d82cb25fe9302c78389787b6ba92216525,2024-08-19T12:59:59.177000
CVE-2024-43847,0,0,835246f4f393ea975e0a8495b92ecf4d0f17d69854486c3d470ee96289075a6e,2024-08-19T12:59:59.177000 CVE-2024-43847,0,0,835246f4f393ea975e0a8495b92ecf4d0f17d69854486c3d470ee96289075a6e,2024-08-19T12:59:59.177000
CVE-2024-43848,0,0,f1a2b4dd4e81d797bfb09af1eb3c38201e05560605d293e2d1b82a973cb40d73,2024-08-19T12:59:59.177000 CVE-2024-43848,0,0,f1a2b4dd4e81d797bfb09af1eb3c38201e05560605d293e2d1b82a973cb40d73,2024-08-19T12:59:59.177000
CVE-2024-43849,0,1,c09809025deb42d3e16ffa77bdd804cd5a554e28cbe29839183c2ce44189d8b9,2024-10-24T16:02:21.587000 CVE-2024-43849,0,0,c09809025deb42d3e16ffa77bdd804cd5a554e28cbe29839183c2ce44189d8b9,2024-10-24T16:02:21.587000
CVE-2024-4385,0,0,218d1e7a4ca055c9cc2f26803db027cb337ddeafcf5f646e236db9e9e217180d,2024-05-16T13:03:05.353000 CVE-2024-4385,0,0,218d1e7a4ca055c9cc2f26803db027cb337ddeafcf5f646e236db9e9e217180d,2024-05-16T13:03:05.353000
CVE-2024-43850,0,0,7e6dd9c8f88731d422517e091653519aa83f51a04dd873998a3ab4d290941bf3,2024-09-30T13:57:33.400000 CVE-2024-43850,0,0,7e6dd9c8f88731d422517e091653519aa83f51a04dd873998a3ab4d290941bf3,2024-09-30T13:57:33.400000
CVE-2024-43851,0,1,8c606d6e2afd0bae1ae756d014855a04ab87d37df56754005daf4c184cc5d655,2024-10-24T16:07:41.687000 CVE-2024-43851,0,0,8c606d6e2afd0bae1ae756d014855a04ab87d37df56754005daf4c184cc5d655,2024-10-24T16:07:41.687000
CVE-2024-43852,0,0,e16a39e3485e6268d56a06e4f3ecc24b277dfc853c8871fb0e21f6f409c0a86d,2024-08-20T19:32:55.747000 CVE-2024-43852,0,0,e16a39e3485e6268d56a06e4f3ecc24b277dfc853c8871fb0e21f6f409c0a86d,2024-08-20T19:32:55.747000
CVE-2024-43853,0,0,3a6c96c14ae012eaed5b1ef682d62a9cbd9b79ece1f1039255ad0f2a7b3d5c29,2024-09-04T12:15:04.827000 CVE-2024-43853,0,0,3a6c96c14ae012eaed5b1ef682d62a9cbd9b79ece1f1039255ad0f2a7b3d5c29,2024-09-04T12:15:04.827000
CVE-2024-43854,0,0,943f3c79d7b420a0653deb8f71d3689984fa9a81ab761b689f2a54c06fa320af,2024-09-12T12:15:49.423000 CVE-2024-43854,0,0,943f3c79d7b420a0653deb8f71d3689984fa9a81ab761b689f2a54c06fa320af,2024-09-12T12:15:49.423000
@ -260494,7 +260499,7 @@ CVE-2024-44133,0,0,37c73fbc80b87f8103d86196f929aadb6f994b40eadcbf5f51a2a2f17f44f
CVE-2024-44134,0,0,6acd0998d9e90144e37860d44f416ff49a5729889dc934ad2ba9b80a8196fb3c,2024-09-24T18:26:26.963000 CVE-2024-44134,0,0,6acd0998d9e90144e37860d44f416ff49a5729889dc934ad2ba9b80a8196fb3c,2024-09-24T18:26:26.963000
CVE-2024-44135,0,0,2e30daeacd1c058db0b211917dd4f5e9ef4b14081fb1be4edc5057672e88cbd8,2024-09-25T13:28:09.067000 CVE-2024-44135,0,0,2e30daeacd1c058db0b211917dd4f5e9ef4b14081fb1be4edc5057672e88cbd8,2024-09-25T13:28:09.067000
CVE-2024-44139,0,0,1e5a55dd4e3bf6761362df168af8ec5360faa5b360c06fdbf37c0f9ce70d7baf,2024-09-24T18:30:34.863000 CVE-2024-44139,0,0,1e5a55dd4e3bf6761362df168af8ec5360faa5b360c06fdbf37c0f9ce70d7baf,2024-09-24T18:30:34.863000
CVE-2024-44141,1,1,3b7aa8cf41ae80f5dc1b08aad8a0bb4ddbab500749c41b7c6da35308b4ce9b04,2024-10-24T17:15:16.390000 CVE-2024-44141,0,1,2b676934bee762ca814654c97686c92039f139c445711b8df78a2b6d97ae559a,2024-10-24T18:35:07.340000
CVE-2024-44146,0,0,c66454fdf1b0d7a7564849f02f2f09da6c49b1097620ca2f5b88a9c465a751e4,2024-09-24T16:14:02.090000 CVE-2024-44146,0,0,c66454fdf1b0d7a7564849f02f2f09da6c49b1097620ca2f5b88a9c465a751e4,2024-09-24T16:14:02.090000
CVE-2024-44147,0,0,8d82d5566ea29b70940c9c9f21d951cc6eb5498675d184ba22b8d555bbcad202,2024-09-20T12:31:20.110000 CVE-2024-44147,0,0,8d82d5566ea29b70940c9c9f21d951cc6eb5498675d184ba22b8d555bbcad202,2024-09-20T12:31:20.110000
CVE-2024-44148,0,0,059ce4bebff22300cb485a8cc23c3238cb5bdcfaba9ac22cf4f5aea163483afa,2024-09-24T16:09:49.490000 CVE-2024-44148,0,0,059ce4bebff22300cb485a8cc23c3238cb5bdcfaba9ac22cf4f5aea163483afa,2024-09-24T16:09:49.490000
@ -260527,7 +260532,7 @@ CVE-2024-44181,0,0,6968e89bcc34da95b275f481a5e61eaf93b419f4e1f0ac49b3eaa4255a65d
CVE-2024-44182,0,0,c8405a3d9209d8acdecd393b8c354b0a78369af6884ff3ac8bf0fb4d77988b16,2024-09-24T16:52:49.767000 CVE-2024-44182,0,0,c8405a3d9209d8acdecd393b8c354b0a78369af6884ff3ac8bf0fb4d77988b16,2024-09-24T16:52:49.767000
CVE-2024-44183,0,0,57b9818651cb417289cf4085c7f242935e44b16eacbd02a55d723c9720089da4,2024-09-24T19:04:51.030000 CVE-2024-44183,0,0,57b9818651cb417289cf4085c7f242935e44b16eacbd02a55d723c9720089da4,2024-09-24T19:04:51.030000
CVE-2024-44184,0,0,2b4c62cacdeb539e2524aa34af1a6c1e7c1594f87082a2353399d1dc98f019f0,2024-09-24T19:03:08.110000 CVE-2024-44184,0,0,2b4c62cacdeb539e2524aa34af1a6c1e7c1594f87082a2353399d1dc98f019f0,2024-09-24T19:03:08.110000
CVE-2024-44185,1,1,c4da7a3ff4f7bddb75e8ce52c052ad0be5b5c65573879dfb1e5bddbaac1853a6,2024-10-24T17:15:16.470000 CVE-2024-44185,0,0,c4da7a3ff4f7bddb75e8ce52c052ad0be5b5c65573879dfb1e5bddbaac1853a6,2024-10-24T17:15:16.470000
CVE-2024-44186,0,0,0a6ed69346f4ae3547e173619f5fb32c164a57eccfeb66e3a57b038524695fd7,2024-09-24T18:03:45.513000 CVE-2024-44186,0,0,0a6ed69346f4ae3547e173619f5fb32c164a57eccfeb66e3a57b038524695fd7,2024-09-24T18:03:45.513000
CVE-2024-44187,0,0,d2d2c28ca4949100ff21bfe0c88cdee4654cdb1db67fcca21321bb7541d90ded,2024-09-25T13:25:52.043000 CVE-2024-44187,0,0,d2d2c28ca4949100ff21bfe0c88cdee4654cdb1db67fcca21321bb7541d90ded,2024-09-25T13:25:52.043000
CVE-2024-44188,0,0,d9b3eca877b183751dacb80ba82d47175b17c9197d2f1bc3c870ce12e136ffb2,2024-09-24T20:38:27.090000 CVE-2024-44188,0,0,d9b3eca877b183751dacb80ba82d47175b17c9197d2f1bc3c870ce12e136ffb2,2024-09-24T20:38:27.090000
@ -260540,8 +260545,8 @@ CVE-2024-44198,0,0,a791372ee4d27381da793bfaa9ff3602c34f52c134516fb46328053cb2cef
CVE-2024-4420,0,0,02a774e6911ba5e1ba33187a3301eb3f9ee3d8fd212c89cee791dd002410f381,2024-05-21T12:37:59.687000 CVE-2024-4420,0,0,02a774e6911ba5e1ba33187a3301eb3f9ee3d8fd212c89cee791dd002410f381,2024-05-21T12:37:59.687000
CVE-2024-44202,0,0,e17cdcd52ced4944b3cb8ebf1e0107ecaca0e3b137318260a8309f5868dfd271,2024-09-20T12:31:20.110000 CVE-2024-44202,0,0,e17cdcd52ced4944b3cb8ebf1e0107ecaca0e3b137318260a8309f5868dfd271,2024-09-20T12:31:20.110000
CVE-2024-44204,0,0,cce14eca29e64799e75cbb56577d73ec78ca9f1623008c609fe84631f2fc2cc3,2024-10-04T17:29:54.933000 CVE-2024-44204,0,0,cce14eca29e64799e75cbb56577d73ec78ca9f1623008c609fe84631f2fc2cc3,2024-10-04T17:29:54.933000
CVE-2024-44205,1,1,71454099c644a3b16ac2dfa95e34033237c6108da84cce4835dbf22f5ba7a074,2024-10-24T17:15:16.543000 CVE-2024-44205,0,0,71454099c644a3b16ac2dfa95e34033237c6108da84cce4835dbf22f5ba7a074,2024-10-24T17:15:16.543000
CVE-2024-44206,1,1,e55b0c55a13605a8c368cf38286323663f69436c09d26d154ab6d19fb80ac009,2024-10-24T17:15:16.620000 CVE-2024-44206,0,0,e55b0c55a13605a8c368cf38286323663f69436c09d26d154ab6d19fb80ac009,2024-10-24T17:15:16.620000
CVE-2024-44207,0,0,5abea1005e83abb1bfbb6f81a0f39beb744ed23d2413d7dffd0c9fbaec188a46,2024-10-04T17:31:41.970000 CVE-2024-44207,0,0,5abea1005e83abb1bfbb6f81a0f39beb744ed23d2413d7dffd0c9fbaec188a46,2024-10-04T17:31:41.970000
CVE-2024-4422,0,0,19c238465441950f6a856008185dbc8a7b4e94407f1040ce4816040c86860490,2024-05-30T13:15:41.297000 CVE-2024-4422,0,0,19c238465441950f6a856008185dbc8a7b4e94407f1040ce4816040c86860490,2024-05-30T13:15:41.297000
CVE-2024-4423,0,0,0715bc9caf3e0b170ca2968c721bdd1e236908d8891315bb75fdf772bdc9c875,2024-07-03T02:07:32.943000 CVE-2024-4423,0,0,0715bc9caf3e0b170ca2968c721bdd1e236908d8891315bb75fdf772bdc9c875,2024-07-03T02:07:32.943000
@ -261463,8 +261468,8 @@ CVE-2024-46239,0,0,725c4cefa2ca2647a32f2bf2b322ce53dedacf1976287dda499bc36c65d5a
CVE-2024-4624,0,0,8d5df292e17ba086eddadcbafacc529f2ebc3c5e49d7b6ea9488db217d327898,2024-05-14T19:17:55.627000 CVE-2024-4624,0,0,8d5df292e17ba086eddadcbafacc529f2ebc3c5e49d7b6ea9488db217d327898,2024-05-14T19:17:55.627000
CVE-2024-46240,0,0,e1fabb07f498fd1cd5336ee19dd4a0cded9959b31a2fc1d149406578714fa211,2024-10-23T15:12:34.673000 CVE-2024-46240,0,0,e1fabb07f498fd1cd5336ee19dd4a0cded9959b31a2fc1d149406578714fa211,2024-10-23T15:12:34.673000
CVE-2024-46241,0,0,e8f867d722224165a0936937fdbb3a70034985bd08f25a28d6b30ab6a32199ce,2024-09-26T13:32:55.343000 CVE-2024-46241,0,0,e8f867d722224165a0936937fdbb3a70034985bd08f25a28d6b30ab6a32199ce,2024-09-26T13:32:55.343000
CVE-2024-46256,0,1,8bf470a14240bc761051ec27ff055fa64e8fa7727cdd73b13c40b5c555057a54,2024-10-24T17:15:16.690000 CVE-2024-46256,0,0,8bf470a14240bc761051ec27ff055fa64e8fa7727cdd73b13c40b5c555057a54,2024-10-24T17:15:16.690000
CVE-2024-46257,0,0,9ea0ad0f2e6865da2b0362a090cb21ce2a440cd52edf95f9a53e87e2d7fb967d,2024-10-03T16:35:05.240000 CVE-2024-46257,0,1,77ff81579b9686846d30b6279f2f3ca51486f319de7ee8b1a0a61768d1f232f7,2024-10-24T18:15:08.617000
CVE-2024-46258,0,0,8b56e4a9f9fd1a589c584ad7ce0a4a87192f12ba82adb8f81ba743ebccc7f757,2024-10-04T16:41:08.497000 CVE-2024-46258,0,0,8b56e4a9f9fd1a589c584ad7ce0a4a87192f12ba82adb8f81ba743ebccc7f757,2024-10-04T16:41:08.497000
CVE-2024-46259,0,0,e52f3ae459d8b17def76efdc5501c5aee7ccdfd88a953171600235a977929f57,2024-10-04T16:40:29.857000 CVE-2024-46259,0,0,e52f3ae459d8b17def76efdc5501c5aee7ccdfd88a953171600235a977929f57,2024-10-04T16:40:29.857000
CVE-2024-4626,0,0,2c49c68b79a7a3d7626dfac7c1ab161b6d51a1a10b834d04b620fc9c15d7e475,2024-07-15T17:10:52.563000 CVE-2024-4626,0,0,2c49c68b79a7a3d7626dfac7c1ab161b6d51a1a10b834d04b620fc9c15d7e475,2024-07-15T17:10:52.563000
@ -261535,6 +261540,7 @@ CVE-2024-46470,0,0,4aeda2c990e579b9008226e62d5cbdc47a22a0fa6603152064e359fb3aa1b
CVE-2024-46471,0,0,470c933b4642dc2897ace8d3fcae6cce28009d5c4dc28b3858aee18cd52a08d7,2024-09-30T12:45:57.823000 CVE-2024-46471,0,0,470c933b4642dc2897ace8d3fcae6cce28009d5c4dc28b3858aee18cd52a08d7,2024-09-30T12:45:57.823000
CVE-2024-46472,0,0,905efea5ffd69a3fd22b9ebc43e76cd3335e2f2038a60c220dd9d439817a4610,2024-09-30T12:45:57.823000 CVE-2024-46472,0,0,905efea5ffd69a3fd22b9ebc43e76cd3335e2f2038a60c220dd9d439817a4610,2024-09-30T12:45:57.823000
CVE-2024-46475,0,0,6dd32d21b34d5ed62fc4d47e4e31b7806525d2f693fc3da0c33e5fca3fe88762,2024-10-04T13:51:25.567000 CVE-2024-46475,0,0,6dd32d21b34d5ed62fc4d47e4e31b7806525d2f693fc3da0c33e5fca3fe88762,2024-10-04T13:51:25.567000
CVE-2024-46478,1,1,95ee5e2c4e35afae36a9c0b6b6f68536735b14d9ae9e5853beb3b8db167d2831,2024-10-24T18:15:08.863000
CVE-2024-4648,0,0,911dfdcd448576dec5371ac5fe5f3ab9d434d7a73d2296063b028e9785e0deda,2024-06-04T19:20:44.580000 CVE-2024-4648,0,0,911dfdcd448576dec5371ac5fe5f3ab9d434d7a73d2296063b028e9785e0deda,2024-06-04T19:20:44.580000
CVE-2024-46482,0,0,0bd11529577a79bda1c61c449bff3d306490c152de71c2fae5d4eea05925babd,2024-10-23T18:35:03.670000 CVE-2024-46482,0,0,0bd11529577a79bda1c61c449bff3d306490c152de71c2fae5d4eea05925babd,2024-10-23T18:35:03.670000
CVE-2024-46483,0,0,efd1621b21138809f35625ddb77fc021e753097710878e96af20d908574d610c,2024-10-23T19:35:11.493000 CVE-2024-46483,0,0,efd1621b21138809f35625ddb77fc021e753097710878e96af20d908574d610c,2024-10-23T19:35:11.493000
@ -261868,10 +261874,10 @@ CVE-2024-4693,0,0,e3d9266511ed640ea0a2750bbbe8d9b8b25eda5f77b693324e75ee95f4a7a3
CVE-2024-46934,0,0,39cd5d62e62d306b30cc42f4b07a71f98f69814db0958da38caca7a2aa0c372d,2024-09-26T17:41:09.580000 CVE-2024-46934,0,0,39cd5d62e62d306b30cc42f4b07a71f98f69814db0958da38caca7a2aa0c372d,2024-09-26T17:41:09.580000
CVE-2024-46935,0,0,666c6a587a73311e054ad4d061f64579544880375cf82da7a9fb41d79c96b125,2024-09-26T17:39:33.123000 CVE-2024-46935,0,0,666c6a587a73311e054ad4d061f64579544880375cf82da7a9fb41d79c96b125,2024-09-26T17:39:33.123000
CVE-2024-46936,0,0,9556709d66661d3070e004b123b00dfabb7cceb4465975e71e6703311d5e642b,2024-09-26T13:32:02.803000 CVE-2024-46936,0,0,9556709d66661d3070e004b123b00dfabb7cceb4465975e71e6703311d5e642b,2024-09-26T13:32:02.803000
CVE-2024-46937,0,1,2d730b202e105a7bb808efc1c6027ea5796a20be12259b3735aebe8062888851,2024-10-24T17:35:09.287000 CVE-2024-46937,0,0,2d730b202e105a7bb808efc1c6027ea5796a20be12259b3735aebe8062888851,2024-10-24T17:35:09.287000
CVE-2024-46938,0,0,da0d3931773ce4c6b71560f14f7dad72bb0956018258aa969e0c816d6e411534,2024-09-20T18:15:10.590000 CVE-2024-46938,0,0,da0d3931773ce4c6b71560f14f7dad72bb0956018258aa969e0c816d6e411534,2024-09-20T18:15:10.590000
CVE-2024-46942,0,0,42b8c1905f4548ed93111e0e3968d1a6b8f40826bb27ddf0610e8ae6ccaee352,2024-09-25T18:08:58.483000 CVE-2024-46942,0,0,42b8c1905f4548ed93111e0e3968d1a6b8f40826bb27ddf0610e8ae6ccaee352,2024-09-25T18:08:58.483000
CVE-2024-46943,0,1,4e628ffdd0e99d1c8a029e386c0cf0435a2a0c962595b05e9b929698e4501314,2024-10-24T17:35:10.093000 CVE-2024-46943,0,0,4e628ffdd0e99d1c8a029e386c0cf0435a2a0c962595b05e9b929698e4501314,2024-10-24T17:35:10.093000
CVE-2024-46946,0,0,5adf6fed09d7522a85c453ac4c470cad5917d88736dbb3b605636f5befca45fa,2024-09-20T12:30:17.483000 CVE-2024-46946,0,0,5adf6fed09d7522a85c453ac4c470cad5917d88736dbb3b605636f5befca45fa,2024-09-20T12:30:17.483000
CVE-2024-4695,0,0,aa253f1bdce79ef626aa7622c4e367006f6b60359a6a2b0af989b23a6e81f980,2024-05-21T12:37:59.687000 CVE-2024-4695,0,0,aa253f1bdce79ef626aa7622c4e367006f6b60359a6a2b0af989b23a6e81f980,2024-05-21T12:37:59.687000
CVE-2024-46957,0,0,1a1f161c8d8bab3db62f1fa9272e11eb4217a378f1fb9334b95d7f852bd44900,2024-09-26T16:15:08.883000 CVE-2024-46957,0,0,1a1f161c8d8bab3db62f1fa9272e11eb4217a378f1fb9334b95d7f852bd44900,2024-09-26T16:15:08.883000
@ -261896,7 +261902,11 @@ CVE-2024-46988,0,0,e779744a9671f7163b46329d2305c8a1127f2655ca3ac90cf4c0a252af1bc
CVE-2024-46989,0,0,fa29cba3c1dce457e1dbba7936349383199f9bdd1c6535b099705e0bc06fa139,2024-09-20T12:30:17.483000 CVE-2024-46989,0,0,fa29cba3c1dce457e1dbba7936349383199f9bdd1c6535b099705e0bc06fa139,2024-09-20T12:30:17.483000
CVE-2024-4699,0,0,094a3293d1ad6c00b8f42deb1643b829befd633ab0dcef49a183da331debaad7,2024-08-06T19:15:57.580000 CVE-2024-4699,0,0,094a3293d1ad6c00b8f42deb1643b829befd633ab0dcef49a183da331debaad7,2024-08-06T19:15:57.580000
CVE-2024-46990,0,0,a651df2006ba8ce24b06699e6e89ccb4decc32abf73ae7975ae4d0581b357bf8,2024-09-20T12:30:17.483000 CVE-2024-46990,0,0,a651df2006ba8ce24b06699e6e89ccb4decc32abf73ae7975ae4d0581b357bf8,2024-09-20T12:30:17.483000
CVE-2024-46994,1,1,49d5bf09d2fe81f6bd806321a9bb9a1c9bda4f75f99522632bb8d04104b0636c,2024-10-24T19:15:13.843000
CVE-2024-46995,1,1,4797f99ee69a6adf04c3acfa4aa75af0727164e3bb515bf340c219f12ab03f85,2024-10-24T19:15:14.137000
CVE-2024-46996,1,1,4e16780a92fc50de10e47210cf065b6c0b45866ce1f17019fe60c069c55f53c8,2024-10-24T19:15:14.383000
CVE-2024-46997,0,0,1e9d71d3dbd956d3ef6cb30e686537e0e0a898601c4508e786607d0a3d9c0450,2024-10-07T17:20:10.427000 CVE-2024-46997,0,0,1e9d71d3dbd956d3ef6cb30e686537e0e0a898601c4508e786607d0a3d9c0450,2024-10-07T17:20:10.427000
CVE-2024-46998,1,1,288003db18ccc322862e7f067e931335e4ad4a239f6ed7ccc91c1d5a25b486d7,2024-10-24T19:15:14.600000
CVE-2024-46999,0,0,3f752cfc2057db8c9e88a86dc03848f68cfeb464ea96f96eaca0cf77bb84d96a,2024-09-24T20:20:39.253000 CVE-2024-46999,0,0,3f752cfc2057db8c9e88a86dc03848f68cfeb464ea96f96eaca0cf77bb84d96a,2024-09-24T20:20:39.253000
CVE-2024-4700,0,0,fa1a582bbd6e4a675ead2d89728236d2ca7c92c15fe998cffa14cb24a4febb9d,2024-05-21T12:37:59.687000 CVE-2024-4700,0,0,fa1a582bbd6e4a675ead2d89728236d2ca7c92c15fe998cffa14cb24a4febb9d,2024-05-21T12:37:59.687000
CVE-2024-47000,0,0,d44e65f26ff5211f3ae15f921442088284d2de145a1f7d23069c9caedddf80a6,2024-09-24T20:25:30.493000 CVE-2024-47000,0,0,d44e65f26ff5211f3ae15f921442088284d2de145a1f7d23069c9caedddf80a6,2024-09-24T20:25:30.493000
@ -261988,6 +261998,7 @@ CVE-2024-4717,0,0,7921e256cd1b57dcd690590999b44ca8d29db58a18405deda5f12fdfca691a
CVE-2024-47170,0,0,5b51e77bbaf0aa4d73aaed7035aaf98c0f3c0e8a355756474eeb1aa8a1be9c4f,2024-09-30T12:46:20.237000 CVE-2024-47170,0,0,5b51e77bbaf0aa4d73aaed7035aaf98c0f3c0e8a355756474eeb1aa8a1be9c4f,2024-09-30T12:46:20.237000
CVE-2024-47171,0,0,48e31c72c69d0bb6a9d666c7c99661a52d3c05dd11adcb85b19ee942d0085d2e,2024-09-30T12:46:20.237000 CVE-2024-47171,0,0,48e31c72c69d0bb6a9d666c7c99661a52d3c05dd11adcb85b19ee942d0085d2e,2024-09-30T12:46:20.237000
CVE-2024-47172,0,0,4b79f4b3803af95fc411c443fe5cc5794c9441cfc034adffdc054b0882caedf7,2024-10-04T13:51:25.567000 CVE-2024-47172,0,0,4b79f4b3803af95fc411c443fe5cc5794c9441cfc034adffdc054b0882caedf7,2024-10-04T13:51:25.567000
CVE-2024-47173,1,1,25b0312246555b80a6520c6df372eba8e49ba0734474a70ffb9ed2408cefaebf,2024-10-24T19:15:14.817000
CVE-2024-47174,0,0,45d61976806e6f261b6617173dfdd81cff9ff5aea1e4ed00e3593fe1fbbae7df,2024-09-30T12:46:20.237000 CVE-2024-47174,0,0,45d61976806e6f261b6617173dfdd81cff9ff5aea1e4ed00e3593fe1fbbae7df,2024-09-30T12:46:20.237000
CVE-2024-47175,0,0,98b0f302dda13c9ca08be74248115e033049a678f05ea7e4015fd75a9b0cd66d,2024-09-30T12:46:20.237000 CVE-2024-47175,0,0,98b0f302dda13c9ca08be74248115e033049a678f05ea7e4015fd75a9b0cd66d,2024-09-30T12:46:20.237000
CVE-2024-47176,0,0,1236859fb548f3604f95f88a62b235a85b1497f9815e39d76c2bb849d27602db,2024-10-02T20:15:11.520000 CVE-2024-47176,0,0,1236859fb548f3604f95f88a62b235a85b1497f9815e39d76c2bb849d27602db,2024-10-02T20:15:11.520000
@ -262218,7 +262229,7 @@ CVE-2024-47562,0,0,f948ab473eac72b74771d65275c3bce022b2870f6200aad718c4a235ef7a7
CVE-2024-47563,0,0,8e14a8aeeab89240dc7f71203e62b9d2c2b2c697ebcb095329938e996837371a,2024-10-11T20:05:05.143000 CVE-2024-47563,0,0,8e14a8aeeab89240dc7f71203e62b9d2c2b2c697ebcb095329938e996837371a,2024-10-11T20:05:05.143000
CVE-2024-47565,0,0,1f4de7ea43d4059fde3978664bf9271defcef7d2ededc73cf25a3c2fbdf29d8c,2024-10-11T20:05:59.237000 CVE-2024-47565,0,0,1f4de7ea43d4059fde3978664bf9271defcef7d2ededc73cf25a3c2fbdf29d8c,2024-10-11T20:05:59.237000
CVE-2024-4757,0,0,8697ca9e70d5ba37736a0a67620900f7a3da7cbcb97e29086de20de73cd3bfef,2024-07-03T02:08:02.463000 CVE-2024-4757,0,0,8697ca9e70d5ba37736a0a67620900f7a3da7cbcb97e29086de20de73cd3bfef,2024-07-03T02:08:02.463000
CVE-2024-47575,0,0,cd9012ad1ccaff741ce1ee8c5f1420acedb8bc0500c1a163dcd321c7638816e8,2024-10-24T14:20:16.333000 CVE-2024-47575,0,1,45fa428c1b4284f712341ec98e74ee7d5ba71df025a020ce212880fb54ef8dfe,2024-10-24T18:56:47.930000
CVE-2024-4758,0,0,725af37997323245576176c0490558b45926193602683436c3054da734872332,2024-07-03T02:08:02.707000 CVE-2024-4758,0,0,725af37997323245576176c0490558b45926193602683436c3054da734872332,2024-07-03T02:08:02.707000
CVE-2024-4759,0,0,88e594c7c898a4e82a1a8532a1f049d1a9fe25baf60278988c21dabe64f2896b,2024-07-03T02:08:02.923000 CVE-2024-4759,0,0,88e594c7c898a4e82a1a8532a1f049d1a9fe25baf60278988c21dabe64f2896b,2024-07-03T02:08:02.923000
CVE-2024-47594,0,0,1ae534f7a3c1c97ead2076790a49a30a6aebae2067756e88afe36b9237831ffa,2024-10-10T12:57:21.987000 CVE-2024-47594,0,0,1ae534f7a3c1c97ead2076790a49a30a6aebae2067756e88afe36b9237831ffa,2024-10-10T12:57:21.987000
@ -262339,13 +262350,13 @@ CVE-2024-47714,0,0,3420d207974f10da573ac2b39c26dfa7eb9eff1332b2c383e906412e3cb2a
CVE-2024-47715,0,0,64d6ef6c6d0ed5b8db8fbbeaf587a1d40a70cc6f887225075126b7a0251f59f6,2024-10-24T14:35:59.327000 CVE-2024-47715,0,0,64d6ef6c6d0ed5b8db8fbbeaf587a1d40a70cc6f887225075126b7a0251f59f6,2024-10-24T14:35:59.327000
CVE-2024-47716,0,0,7f90c3731e690eada425c700cd2a01b8b54c79669e7a532a03b033a5e0cb5b22,2024-10-24T14:34:17.863000 CVE-2024-47716,0,0,7f90c3731e690eada425c700cd2a01b8b54c79669e7a532a03b033a5e0cb5b22,2024-10-24T14:34:17.863000
CVE-2024-47717,0,0,44f02bbd6ee4d2f5802475a5ee7700159b1fba306e7a83d7aea28954ffd54fae,2024-10-24T14:32:20.817000 CVE-2024-47717,0,0,44f02bbd6ee4d2f5802475a5ee7700159b1fba306e7a83d7aea28954ffd54fae,2024-10-24T14:32:20.817000
CVE-2024-47718,0,1,e21581e56d9e82562015055761ff23f151158191b649c5b5e92891e3cb7d24cd,2024-10-24T16:31:01.107000 CVE-2024-47718,0,0,e21581e56d9e82562015055761ff23f151158191b649c5b5e92891e3cb7d24cd,2024-10-24T16:31:01.107000
CVE-2024-47719,0,1,8e2d10f10d51b8d1ffdd528a275c798c335f0002db329252bde2bec15f7da284,2024-10-24T16:21:50.937000 CVE-2024-47719,0,0,8e2d10f10d51b8d1ffdd528a275c798c335f0002db329252bde2bec15f7da284,2024-10-24T16:21:50.937000
CVE-2024-4772,0,0,49f0c7fc95339e6e98a7cbd8d8849904a773b2a05345b7622006e8647831f13b,2024-05-14T19:17:55.627000 CVE-2024-4772,0,0,49f0c7fc95339e6e98a7cbd8d8849904a773b2a05345b7622006e8647831f13b,2024-05-14T19:17:55.627000
CVE-2024-47720,0,0,5042c4947e2165e57f3040e4c9baad4564addab44bedf4897d2ef5a5f6157f9a,2024-10-23T20:53:54.150000 CVE-2024-47720,0,0,5042c4947e2165e57f3040e4c9baad4564addab44bedf4897d2ef5a5f6157f9a,2024-10-23T20:53:54.150000
CVE-2024-47721,0,0,b4c62ba19409dfd2e8a64e410001d91528bd89da7482b214ac6cc576b4cc2348,2024-10-23T20:57:04.897000 CVE-2024-47721,0,0,b4c62ba19409dfd2e8a64e410001d91528bd89da7482b214ac6cc576b4cc2348,2024-10-23T20:57:04.897000
CVE-2024-47722,0,0,68c8d2f090df61a9f49a1f01f75a7ac8cda9d407591cfa0dc0a92c1e0656c53f,2024-10-21T13:15:02.360000 CVE-2024-47722,0,0,68c8d2f090df61a9f49a1f01f75a7ac8cda9d407591cfa0dc0a92c1e0656c53f,2024-10-21T13:15:02.360000
CVE-2024-47723,0,1,33f87925288d86a8f68677605e3e6c94183ca5935f36c4ead3572ec897d1f6e3,2024-10-24T16:17:24.003000 CVE-2024-47723,0,0,33f87925288d86a8f68677605e3e6c94183ca5935f36c4ead3572ec897d1f6e3,2024-10-24T16:17:24.003000
CVE-2024-47724,0,0,b0b6218a8d1556c24347cd250db3aa8881cbc479b3592b0207e222b0cd9706a4,2024-10-23T21:41:13.390000 CVE-2024-47724,0,0,b0b6218a8d1556c24347cd250db3aa8881cbc479b3592b0207e222b0cd9706a4,2024-10-23T21:41:13.390000
CVE-2024-47725,0,0,8d79cfc5f420589203ee56c1d45c4e18a5d4c2e87a501b10347996e89a7f75b1,2024-10-23T06:15:05.200000 CVE-2024-47725,0,0,8d79cfc5f420589203ee56c1d45c4e18a5d4c2e87a501b10347996e89a7f75b1,2024-10-23T06:15:05.200000
CVE-2024-47726,0,0,6675b046d09b2de4371d637faa06c73c9d391480b9a61eba3311048396603de0,2024-10-24T14:24:15.993000 CVE-2024-47726,0,0,6675b046d09b2de4371d637faa06c73c9d391480b9a61eba3311048396603de0,2024-10-24T14:24:15.993000
@ -262547,7 +262558,14 @@ CVE-2024-48119,0,0,6022221da5fd10d70715948b01fe2f7f8a0f43256a22ac2ee84f2922fba50
CVE-2024-4812,0,0,96f0244e64d02e8b825789000f88a75dd5b3d67c4d6e5fa4b2230b6ad5599e15,2024-06-18T18:49:19.783000 CVE-2024-4812,0,0,96f0244e64d02e8b825789000f88a75dd5b3d67c4d6e5fa4b2230b6ad5599e15,2024-06-18T18:49:19.783000
CVE-2024-48120,0,0,9504bbf5097a8042aa622e4bcffcd74f79e5a7cbeebb7a1d1951fd43248d522c,2024-10-15T16:35:09.650000 CVE-2024-48120,0,0,9504bbf5097a8042aa622e4bcffcd74f79e5a7cbeebb7a1d1951fd43248d522c,2024-10-15T16:35:09.650000
CVE-2024-4813,0,0,ffced1bec51c6384e79d75317b856f32e05abf0a3cdd3adf718b586086ffad4a,2024-06-04T19:20:50.970000 CVE-2024-4813,0,0,ffced1bec51c6384e79d75317b856f32e05abf0a3cdd3adf718b586086ffad4a,2024-06-04T19:20:50.970000
CVE-2024-48139,1,1,d6ed07547f7603768865e253f9fa277c4c0effbd5fa0d391daf68b8f307d7eb9,2024-10-24T19:15:15.050000
CVE-2024-4814,0,0,6ed65b628d782e4c0035f27d12907232951228fb5dd63de02df922628089b508,2024-06-04T19:20:51.077000 CVE-2024-4814,0,0,6ed65b628d782e4c0035f27d12907232951228fb5dd63de02df922628089b508,2024-06-04T19:20:51.077000
CVE-2024-48140,1,1,dfeef73409fff7eba38e932c52f1a85532a96d7282df609347b4f4c1be1c9e21,2024-10-24T19:15:15.150000
CVE-2024-48141,1,1,eee86c527f910cf44eef17cb96788695084b540e91fdea5652cc9032c32ba2a0,2024-10-24T19:15:15.240000
CVE-2024-48142,1,1,5e09d80b70ae1c1370cf5625d40b9c9431b3acfa7452f829828119c0e1b16139,2024-10-24T19:15:15.333000
CVE-2024-48143,1,1,7d0f5bf4da43da110ac78a237a08e3a5ded43ba9ec77eb3c73f07d90f1591c4e,2024-10-24T19:15:15.427000
CVE-2024-48144,1,1,20ee409c728fbf50d2dd0717a0f9484a812232a1e6450931cf72a4a9d382fa50,2024-10-24T19:15:15.510000
CVE-2024-48145,1,1,f97aa6f2f2dc7108422f93720da6ac0ea9cb673f4750cd0be12c42fb4b0d0e9c,2024-10-24T19:15:15.607000
CVE-2024-4815,0,0,a12a3714528f7b768c4c9101b510e3e25b21fa14abf883b4fca5d245888d3088,2024-06-04T19:20:51.183000 CVE-2024-4815,0,0,a12a3714528f7b768c4c9101b510e3e25b21fa14abf883b4fca5d245888d3088,2024-06-04T19:20:51.183000
CVE-2024-48150,0,0,3a74ef17dd937b2ce7ec4baf65ca0a0269cc457ed04e16b8c883126dbac56b6f,2024-10-15T16:35:10.450000 CVE-2024-48150,0,0,3a74ef17dd937b2ce7ec4baf65ca0a0269cc457ed04e16b8c883126dbac56b6f,2024-10-15T16:35:10.450000
CVE-2024-48153,0,0,ed2a32bb2c14f00255ae97ac8d2c6b7371ced6a3b47f478082697408eb2eccac,2024-10-17T18:35:10.707000 CVE-2024-48153,0,0,ed2a32bb2c14f00255ae97ac8d2c6b7371ced6a3b47f478082697408eb2eccac,2024-10-17T18:35:10.707000
@ -262589,27 +262607,33 @@ CVE-2024-4841,0,0,65ebfdfe2681835a6b4ece6477d685d2c79df9dc285d61b3c6847a6703ab51
CVE-2024-48411,0,0,f02f5a173c68a1066ae1d0ad3ecb091448747ebc7ae5d98814db8ad4f2b7f72f,2024-10-16T19:35:11.290000 CVE-2024-48411,0,0,f02f5a173c68a1066ae1d0ad3ecb091448747ebc7ae5d98814db8ad4f2b7f72f,2024-10-16T19:35:11.290000
CVE-2024-48415,0,0,f0924ee00bd27af7c2e3b4df709006fd2e622c007a3785ddb6461472428a80bb,2024-10-23T16:35:09.317000 CVE-2024-48415,0,0,f0924ee00bd27af7c2e3b4df709006fd2e622c007a3785ddb6461472428a80bb,2024-10-23T16:35:09.317000
CVE-2024-4842,0,0,266948939b8663b41b45dca8cb12f3f3247c17eab2663a8a73d7a0fbf198d426,2024-05-30T20:15:09.703000 CVE-2024-4842,0,0,266948939b8663b41b45dca8cb12f3f3247c17eab2663a8a73d7a0fbf198d426,2024-05-30T20:15:09.703000
CVE-2024-48427,1,1,b915126bb99cfd938cf21385d6a03b7881d183c1661def008f3bd462961c90da,2024-10-24T19:15:15.703000
CVE-2024-4843,0,0,b365eeabe96e8dec3f961357ff342df21bbefef716d14e64f95fe3929d1e363a,2024-05-16T13:03:05.353000 CVE-2024-4843,0,0,b365eeabe96e8dec3f961357ff342df21bbefef716d14e64f95fe3929d1e363a,2024-05-16T13:03:05.353000
CVE-2024-4844,0,0,b1cdfd63abb8075cb2a12dc44eacca2f75c6048adf9c4ea8b8b7c6072669030d,2024-05-16T13:03:05.353000 CVE-2024-4844,0,0,b1cdfd63abb8075cb2a12dc44eacca2f75c6048adf9c4ea8b8b7c6072669030d,2024-05-16T13:03:05.353000
CVE-2024-48440,1,1,88afc6f58873a5bd37dc9229c56f010e9701063642a2a78c89c795057409a8c3,2024-10-24T18:15:09.190000
CVE-2024-48441,1,1,e3b28b135bd4d048d7af438b2ad84c0f8403bdae07b4248663c93a98599da599,2024-10-24T18:15:09.583000
CVE-2024-48442,1,1,cd4f2215d895367e53ea257b0a4be0990410ba42e316921212d9f6d26caed6f7,2024-10-24T18:15:09.890000
CVE-2024-4845,0,0,f8e5a569577a931ed62905431d3e7dc57f80df89344697bf8fc7f196d4c6a1d9,2024-07-23T17:23:41.597000 CVE-2024-4845,0,0,f8e5a569577a931ed62905431d3e7dc57f80df89344697bf8fc7f196d4c6a1d9,2024-07-23T17:23:41.597000
CVE-2024-48454,1,1,34e88a1ad53cbd83b0c86e1af450c0246ceedd95ac8dfdc33afc121ec5dc990b,2024-10-24T19:15:15.803000
CVE-2024-4846,0,0,354213cecebbad5d2830809199864dadc70a5508c38afeb47a24b8f17c4c0fe1,2024-06-25T18:50:42.040000 CVE-2024-4846,0,0,354213cecebbad5d2830809199864dadc70a5508c38afeb47a24b8f17c4c0fe1,2024-06-25T18:50:42.040000
CVE-2024-4847,0,0,3e175fcde7743d0dafc07697dcd3c0585505cba50a8840c440513434f4a1e2f1,2024-05-15T16:40:19.330000 CVE-2024-4847,0,0,3e175fcde7743d0dafc07697dcd3c0585505cba50a8840c440513434f4a1e2f1,2024-05-15T16:40:19.330000
CVE-2024-4848,0,0,e9a992014a82f7f25ea8b020a59a54821debcc21ba29ea30b909eb2d249ee224,2024-07-29T11:15:09.920000 CVE-2024-4848,0,0,e9a992014a82f7f25ea8b020a59a54821debcc21ba29ea30b909eb2d249ee224,2024-07-29T11:15:09.920000
CVE-2024-4849,0,0,ea1119b37dea5602dfce7972c7449fed4caaba21295f1145a8612489a3c2fd07,2024-05-20T13:00:34.807000 CVE-2024-4849,0,0,ea1119b37dea5602dfce7972c7449fed4caaba21295f1145a8612489a3c2fd07,2024-05-20T13:00:34.807000
CVE-2024-48509,0,0,c6a322b44f1b5c48c99b4ab0a24ca78577b459bf4c9409e8862d334d073306ba,2024-10-23T15:12:34.673000 CVE-2024-48509,0,0,c6a322b44f1b5c48c99b4ab0a24ca78577b459bf4c9409e8862d334d073306ba,2024-10-23T15:12:34.673000
CVE-2024-4851,0,0,444f4e959fbd50fab42bb9cd6f5b1019a6d50ea56a5371bcf4f4fa6566e3e360,2024-10-17T18:45:13.093000 CVE-2024-4851,0,0,444f4e959fbd50fab42bb9cd6f5b1019a6d50ea56a5371bcf4f4fa6566e3e360,2024-10-17T18:45:13.093000
CVE-2024-48514,1,1,09d714c67d2d2f09be073ea6d53cfb7a82d3597f530a76d50d0b7f262abf2baa,2024-10-24T18:15:10.227000
CVE-2024-4853,0,0,7e943be0a2434f6362f67f453fe22910f05fecde26076344b21d97f20b2d6efa,2024-08-29T15:15:31.687000 CVE-2024-4853,0,0,7e943be0a2434f6362f67f453fe22910f05fecde26076344b21d97f20b2d6efa,2024-08-29T15:15:31.687000
CVE-2024-48538,1,1,dadc6051db8759534fe89315aed37502c34e5b56c665246d832d6d18a18543de,2024-10-24T16:15:05.210000 CVE-2024-48538,0,0,dadc6051db8759534fe89315aed37502c34e5b56c665246d832d6d18a18543de,2024-10-24T16:15:05.210000
CVE-2024-48539,1,1,be4889126f141dfbdc6e2433d99c3daffa1a8da8d0c7c7fc879a44f6c2251d0c,2024-10-24T17:15:16.873000 CVE-2024-48539,0,0,be4889126f141dfbdc6e2433d99c3daffa1a8da8d0c7c7fc879a44f6c2251d0c,2024-10-24T17:15:16.873000
CVE-2024-4854,0,0,9d5d733c00183e47994464da1b76a252c7e4b8268459cd8a1634b1fda6297d73,2024-08-29T15:15:31.797000 CVE-2024-4854,0,0,9d5d733c00183e47994464da1b76a252c7e4b8268459cd8a1634b1fda6297d73,2024-08-29T15:15:31.797000
CVE-2024-48540,1,1,58c5ed3a4f6c16734d8df4a028a090a29237a126df7814573b2ad97904b8f426,2024-10-24T17:15:16.967000 CVE-2024-48540,0,0,58c5ed3a4f6c16734d8df4a028a090a29237a126df7814573b2ad97904b8f426,2024-10-24T17:15:16.967000
CVE-2024-48541,1,1,f6f8c19827c7caa4d29076f1482a220d8cf8ac923046820a2ebdb3b0a9d5df9f,2024-10-24T17:15:17.060000 CVE-2024-48541,0,1,2d1760725ee9fc68d63395107ba154f476370d3f43646be2a1e082989d14d579,2024-10-24T19:35:04.263000
CVE-2024-48542,1,1,4ef665f9b6f85df17bddb5dabcd0b405c59808813eee3279e866cc1be94e24dd,2024-10-24T17:15:17.163000 CVE-2024-48542,0,1,95d0562f9fbfeb9012b52632ad838b2b85fa093f22956c17a96e66e33b2baf4b,2024-10-24T19:35:05.013000
CVE-2024-48544,1,1,124659c28d5b6f5e5cdb2a9ad0e42300f914ae0aa4e9efb15dd6f767f0dbfa8a,2024-10-24T17:15:17.257000 CVE-2024-48544,0,0,124659c28d5b6f5e5cdb2a9ad0e42300f914ae0aa4e9efb15dd6f767f0dbfa8a,2024-10-24T17:15:17.257000
CVE-2024-48545,1,1,80e4748f1ea5b5830f619377115824fcf4e07575f2e09083165d81f99641ea9b,2024-10-24T17:15:17.353000 CVE-2024-48545,0,1,ef403d082c3d91800733fca609f0434128edabfbaae749785d13c103549498e3,2024-10-24T19:35:05.767000
CVE-2024-48546,1,1,1ecd2106e2aaa9b9b472ce983afe3cabddf3393e470d37dc77452da4c804314a,2024-10-24T17:15:17.447000 CVE-2024-48546,0,1,3d5f1fe8e93e0caca62917dfb71818c633551cf5ded134b2d4b4298fccd0322a,2024-10-24T19:35:06.563000
CVE-2024-48547,1,1,b3d8db7624bc6428a96214cdfbc79406e604462a0880efbe28dbc61dfffd48a4,2024-10-24T17:15:17.540000 CVE-2024-48547,0,1,2bbaa609896584d67644fbb09a4bfdbea61913d2d0753af7e9e6b82679e61355,2024-10-24T19:35:07.320000
CVE-2024-48548,1,1,34778b0a1151822f708ea1f53b0b807b21b36fa281f672fd592e9a5093322129,2024-10-24T17:15:17.663000 CVE-2024-48548,0,0,34778b0a1151822f708ea1f53b0b807b21b36fa281f672fd592e9a5093322129,2024-10-24T17:15:17.663000
CVE-2024-4855,0,0,c93719b20367086f39a585784c8fe87b51678f3d6fabb283bc26fc5dedf0f872,2024-08-29T15:15:31.893000 CVE-2024-4855,0,0,c93719b20367086f39a585784c8fe87b51678f3d6fabb283bc26fc5dedf0f872,2024-08-29T15:15:31.893000
CVE-2024-4856,0,0,01234b09ea1a4585c989c1dc87d23ed182241e8a50536214983ade66b15e19f8,2024-06-04T16:57:41.053000 CVE-2024-4856,0,0,01234b09ea1a4585c989c1dc87d23ed182241e8a50536214983ade66b15e19f8,2024-06-04T16:57:41.053000
CVE-2024-4857,0,0,1a28f92c79b598b55521235359a1d50b478306861b37a5a0ef0abc4d3160ef4c,2024-06-04T16:57:41.053000 CVE-2024-4857,0,0,1a28f92c79b598b55521235359a1d50b478306861b37a5a0ef0abc4d3160ef4c,2024-06-04T16:57:41.053000
@ -262888,14 +262912,14 @@ CVE-2024-49320,0,0,f646a0aed9b94f9c2a4b6085270ae6d0667dce332670da7784078783e12bf
CVE-2024-49321,0,0,6ce68241db10c7838e4a51d2227fb9952bea2f4d972829a40692939256bd9db9,2024-10-21T17:09:45.417000 CVE-2024-49321,0,0,6ce68241db10c7838e4a51d2227fb9952bea2f4d972829a40692939256bd9db9,2024-10-21T17:09:45.417000
CVE-2024-49322,0,0,541e4efebd0d76588052862000e37b2e98e8b9ac15619c2b0422f26ed3288fd3,2024-10-18T12:52:33.507000 CVE-2024-49322,0,0,541e4efebd0d76588052862000e37b2e98e8b9ac15619c2b0422f26ed3288fd3,2024-10-18T12:52:33.507000
CVE-2024-49323,0,0,2f124cdc22e81391d598884667e36f6fa2d8c8661fccd4b5b6bdeb72951248d2,2024-10-23T16:05:49.617000 CVE-2024-49323,0,0,2f124cdc22e81391d598884667e36f6fa2d8c8661fccd4b5b6bdeb72951248d2,2024-10-23T16:05:49.617000
CVE-2024-49324,0,1,2794d0fa1220cbc25924e4f7f45b2c0f87b574911fff8706f118c7c8b3b48c92,2024-10-24T16:11:41.700000 CVE-2024-49324,0,0,2794d0fa1220cbc25924e4f7f45b2c0f87b574911fff8706f118c7c8b3b48c92,2024-10-24T16:11:41.700000
CVE-2024-49325,0,0,6361ff0a5fd3247f3dfc42142e1769d0dcf00cbc296a4736c789a8d3defd83f8,2024-10-22T18:33:59.793000 CVE-2024-49325,0,0,6361ff0a5fd3247f3dfc42142e1769d0dcf00cbc296a4736c789a8d3defd83f8,2024-10-22T18:33:59.793000
CVE-2024-49326,0,1,174f9d13e36611bd7fbf8b77ed56ce00d2aabca33d7ddf3bc2ff8edacd7e6db6,2024-10-24T16:13:46.743000 CVE-2024-49326,0,0,174f9d13e36611bd7fbf8b77ed56ce00d2aabca33d7ddf3bc2ff8edacd7e6db6,2024-10-24T16:13:46.743000
CVE-2024-49327,0,1,dc50d9d7d05aae2000148325f9db3f63583ecbe4a2131e44867e53cf2674b768,2024-10-24T16:07:26.440000 CVE-2024-49327,0,0,dc50d9d7d05aae2000148325f9db3f63583ecbe4a2131e44867e53cf2674b768,2024-10-24T16:07:26.440000
CVE-2024-49328,0,0,e330b5e89660f19abf213bec586eeaebe3d605cff140381953fa50ab8b0d1168,2024-10-23T17:08:31.910000 CVE-2024-49328,0,0,e330b5e89660f19abf213bec586eeaebe3d605cff140381953fa50ab8b0d1168,2024-10-23T17:08:31.910000
CVE-2024-49329,0,1,ba11fddacbaf070d77d4aae719ed695fb1183912573c02eecf9c91c492438a15,2024-10-24T16:05:50.380000 CVE-2024-49329,0,0,ba11fddacbaf070d77d4aae719ed695fb1183912573c02eecf9c91c492438a15,2024-10-24T16:05:50.380000
CVE-2024-4933,0,0,4d4c0ec531cab6a4561c767f5a9082d29f26ceefaadcc74bb08507bf05ca5d17,2024-06-04T19:20:54.643000 CVE-2024-4933,0,0,4d4c0ec531cab6a4561c767f5a9082d29f26ceefaadcc74bb08507bf05ca5d17,2024-06-04T19:20:54.643000
CVE-2024-49330,0,1,be06498cb0f24081266dd5a46b0e09440ef5dd9b6fb4b8f36b5f82509d04eba8,2024-10-24T16:01:09.733000 CVE-2024-49330,0,0,be06498cb0f24081266dd5a46b0e09440ef5dd9b6fb4b8f36b5f82509d04eba8,2024-10-24T16:01:09.733000
CVE-2024-49331,0,0,58095e3320c8c95b4f4c095403074548cf5fb1f2c5efc6bdcbabc7b9e91f7440,2024-10-24T15:54:07.190000 CVE-2024-49331,0,0,58095e3320c8c95b4f4c095403074548cf5fb1f2c5efc6bdcbabc7b9e91f7440,2024-10-24T15:54:07.190000
CVE-2024-49332,0,0,82f744895dec34ed02f49cc264b39d07684020d9a7773c6cc148766eea2c025c,2024-10-24T15:49:34.827000 CVE-2024-49332,0,0,82f744895dec34ed02f49cc264b39d07684020d9a7773c6cc148766eea2c025c,2024-10-24T15:49:34.827000
CVE-2024-49334,0,0,bcc2db18f40dffe6c4f8472b0ef26870ffad9612f58222d9017252998c6947e3,2024-10-23T16:08:01.277000 CVE-2024-49334,0,0,bcc2db18f40dffe6c4f8472b0ef26870ffad9612f58222d9017252998c6947e3,2024-10-23T16:08:01.277000
@ -263030,7 +263054,7 @@ CVE-2024-49859,0,0,d128ad3420c66b03d628db278329ad6a0d637911116441391f7baa845a99a
CVE-2024-49860,0,0,58465836429dbe2e6aaf835a73a59e39240a71d370ac212d7b09986db7503b3c,2024-10-23T16:44:58.473000 CVE-2024-49860,0,0,58465836429dbe2e6aaf835a73a59e39240a71d370ac212d7b09986db7503b3c,2024-10-23T16:44:58.473000
CVE-2024-49861,0,0,1653e7df85a45b515fcdc441f9cb9f122cb6f11d500f6cbca9f4d9d62723f07c,2024-10-23T16:48:47.573000 CVE-2024-49861,0,0,1653e7df85a45b515fcdc441f9cb9f122cb6f11d500f6cbca9f4d9d62723f07c,2024-10-23T16:48:47.573000
CVE-2024-49862,0,0,e0b25be7c75d96f390f553fe793605e2691bfb34c1e389879a3cd9200ce6c511,2024-10-23T16:53:51.050000 CVE-2024-49862,0,0,e0b25be7c75d96f390f553fe793605e2691bfb34c1e389879a3cd9200ce6c511,2024-10-23T16:53:51.050000
CVE-2024-49863,0,0,6b95c286ba526eda8fe740b407a6bfc7f237461b3b2da1ccf712f97bca3266df,2024-10-23T15:13:58.783000 CVE-2024-49863,0,1,41eb15cefa65add4e21060b9ff62fd64839f2e02cd81a7af8fe6b7da8453fc42,2024-10-24T19:43:56.103000
CVE-2024-49864,0,0,11ee8b000b9a62890a75dd63920e4a33890ab9d058f73a94a2fe3382caeb81d2,2024-10-23T15:13:58.783000 CVE-2024-49864,0,0,11ee8b000b9a62890a75dd63920e4a33890ab9d058f73a94a2fe3382caeb81d2,2024-10-23T15:13:58.783000
CVE-2024-49865,0,0,c4cae66eab62f15595d2364d0fa9447b0b6ab33d31dbe60340c7ef0ef852d1c8,2024-10-24T03:44:33.947000 CVE-2024-49865,0,0,c4cae66eab62f15595d2364d0fa9447b0b6ab33d31dbe60340c7ef0ef852d1c8,2024-10-24T03:44:33.947000
CVE-2024-49866,0,0,64fdfad45770d631f65ff417b8e0b441a9ced54aafec781f55abff0506219420,2024-10-23T15:13:58.783000 CVE-2024-49866,0,0,64fdfad45770d631f65ff417b8e0b441a9ced54aafec781f55abff0506219420,2024-10-23T15:13:58.783000
@ -263043,10 +263067,10 @@ CVE-2024-49872,0,0,f6cbcd97baebde3f8280c71cb6b25b64732424c878389d8a2470cbdc55168
CVE-2024-49873,0,0,c6b069511598e461d2e296ba6e220ac16e5f671f4d49f2f2af9d3aa6afc61d05,2024-10-23T15:13:58.783000 CVE-2024-49873,0,0,c6b069511598e461d2e296ba6e220ac16e5f671f4d49f2f2af9d3aa6afc61d05,2024-10-23T15:13:58.783000
CVE-2024-49874,0,0,4f4502a656a6919bb0fc2df63ac79790c27837d9594594fa2f35c7d172253253,2024-10-23T15:13:58.783000 CVE-2024-49874,0,0,4f4502a656a6919bb0fc2df63ac79790c27837d9594594fa2f35c7d172253253,2024-10-23T15:13:58.783000
CVE-2024-49875,0,0,82bafbcf170d072fa3aabc0828e31168f5d6064939d809bc95477f24f2a13491,2024-10-23T15:13:58.783000 CVE-2024-49875,0,0,82bafbcf170d072fa3aabc0828e31168f5d6064939d809bc95477f24f2a13491,2024-10-23T15:13:58.783000
CVE-2024-49876,0,0,8b0326ebf02fdb04378f224329264d3e4924f0d6c498aeb91040e23ce7c118f6,2024-10-23T15:13:58.783000 CVE-2024-49876,0,1,0c2ec3870c02d4651dcfea621e276acb9d0ae36a4e21afff13d7735e3b487729,2024-10-24T19:57:06.843000
CVE-2024-49877,0,0,4d2cf7b07452ecc1c5625b6711f0af4f5f0d37ad629f5ad2378b696713e57584,2024-10-23T15:13:58.783000 CVE-2024-49877,0,1,d6737343e2e6d35b24e2372e9def747b4bc65b280702cdab9fa882c14670143a,2024-10-24T19:58:55.383000
CVE-2024-49878,0,0,b8c9bc38c52857d113170f626183012a77e29f98422a41470a6d55d4836a25af,2024-10-23T15:13:58.783000 CVE-2024-49878,0,0,b8c9bc38c52857d113170f626183012a77e29f98422a41470a6d55d4836a25af,2024-10-23T15:13:58.783000
CVE-2024-49879,0,0,a056ace805473862267f59e7ccc7d6e891ba0cc947c4146e51cc5d6a49e971c1,2024-10-23T15:13:58.783000 CVE-2024-49879,0,1,4ba4f4e2755978e6b26e142493deaf8ac3f7043a28c24533d747809c633568d6,2024-10-24T19:59:12.897000
CVE-2024-4988,0,0,ff557f66f633c813e65ed42f6b56820b4233d3efc23d00548e6797ba166f3d35,2024-08-21T03:15:05.460000 CVE-2024-4988,0,0,ff557f66f633c813e65ed42f6b56820b4233d3efc23d00548e6797ba166f3d35,2024-08-21T03:15:05.460000
CVE-2024-49880,0,0,451749fefd67e74bbeb3c0f709643bae60f2a71eb71ec77d830a94e7a1231b73,2024-10-23T15:13:58.783000 CVE-2024-49880,0,0,451749fefd67e74bbeb3c0f709643bae60f2a71eb71ec77d830a94e7a1231b73,2024-10-23T15:13:58.783000
CVE-2024-49881,0,0,a457e708f151afe70f4353ab787a197eced712e7eb008a4ae460560f613817df,2024-10-23T15:13:58.783000 CVE-2024-49881,0,0,a457e708f151afe70f4353ab787a197eced712e7eb008a4ae460560f613817df,2024-10-23T15:13:58.783000
@ -263081,19 +263105,19 @@ CVE-2024-49909,0,0,0fa88ce84e11aab9b9302da4d5828d8654e9452cc864bc59bddb01e81c4e5
CVE-2024-4991,0,0,3aef226cc1578adb6c75565d63e7f13bcda4a2e79607b48e5e73e305c3d938d8,2024-05-16T13:03:05.353000 CVE-2024-4991,0,0,3aef226cc1578adb6c75565d63e7f13bcda4a2e79607b48e5e73e305c3d938d8,2024-05-16T13:03:05.353000
CVE-2024-49910,0,0,257fca6a8b06f3709d90f435be72ed32496f705a42a3c13437dc074f38459780,2024-10-24T02:58:00.223000 CVE-2024-49910,0,0,257fca6a8b06f3709d90f435be72ed32496f705a42a3c13437dc074f38459780,2024-10-24T02:58:00.223000
CVE-2024-49911,0,0,27c5fefd1538207cacd9a5b1b1cf479c485b86ae10295cced2c8832954720fb6,2024-10-24T03:19:10.477000 CVE-2024-49911,0,0,27c5fefd1538207cacd9a5b1b1cf479c485b86ae10295cced2c8832954720fb6,2024-10-24T03:19:10.477000
CVE-2024-49912,0,1,5141aadcf025bdd0c615a7c1b879aa0c948c211dbf97566ea18b5e1a8e3c296d,2024-10-24T17:10:24.853000 CVE-2024-49912,0,0,5141aadcf025bdd0c615a7c1b879aa0c948c211dbf97566ea18b5e1a8e3c296d,2024-10-24T17:10:24.853000
CVE-2024-49913,0,0,c98ec2386288e0f1e1f9efd048d9e8511ad9ac52e34c829aba546f72d8697aa1,2024-10-24T14:39:18.017000 CVE-2024-49913,0,0,c98ec2386288e0f1e1f9efd048d9e8511ad9ac52e34c829aba546f72d8697aa1,2024-10-24T14:39:18.017000
CVE-2024-49914,0,1,efcb4a1d3d4568753c5bd922d2ded38ffa2a4d44841a6721f397aeeac68295e3,2024-10-24T17:09:50.003000 CVE-2024-49914,0,0,efcb4a1d3d4568753c5bd922d2ded38ffa2a4d44841a6721f397aeeac68295e3,2024-10-24T17:09:50.003000
CVE-2024-49915,0,1,20ed63f989ef6a3325be01e3eba38436924669d497ab74a555eed1da2d1f8c1f,2024-10-24T17:08:04.020000 CVE-2024-49915,0,0,20ed63f989ef6a3325be01e3eba38436924669d497ab74a555eed1da2d1f8c1f,2024-10-24T17:08:04.020000
CVE-2024-49916,0,1,2edac145765d8fc598aad9ff910680f77ffbb99e6c11576aa209b5351f4c9fea,2024-10-24T17:03:19.457000 CVE-2024-49916,0,0,2edac145765d8fc598aad9ff910680f77ffbb99e6c11576aa209b5351f4c9fea,2024-10-24T17:03:19.457000
CVE-2024-49917,0,1,569d41b05afb4d90d6e33110de7bd2003835815a26ed05b7e280217516be7449,2024-10-24T16:54:05.930000 CVE-2024-49917,0,0,569d41b05afb4d90d6e33110de7bd2003835815a26ed05b7e280217516be7449,2024-10-24T16:54:05.930000
CVE-2024-49918,0,1,5eae7ff331f8de48785ff962f1f32a8b776d3cdb2b236155202d9dbd16926f4f,2024-10-24T16:49:57.453000 CVE-2024-49918,0,0,5eae7ff331f8de48785ff962f1f32a8b776d3cdb2b236155202d9dbd16926f4f,2024-10-24T16:49:57.453000
CVE-2024-49919,0,0,b8220512b2f54a750ee311dbfda4f6730f8465019395efefcd7cd5e904006c7e,2024-10-23T15:13:25.583000 CVE-2024-49919,0,0,b8220512b2f54a750ee311dbfda4f6730f8465019395efefcd7cd5e904006c7e,2024-10-23T15:13:25.583000
CVE-2024-4992,0,0,e061228a83f2d41e21e64f404fd50aefb3a354b638438e4cf4870e41885d01e3,2024-05-16T13:03:05.353000 CVE-2024-4992,0,0,e061228a83f2d41e21e64f404fd50aefb3a354b638438e4cf4870e41885d01e3,2024-05-16T13:03:05.353000
CVE-2024-49920,0,0,1be42ef77ee9fc1c65ad81ab0dcd66fba1641a6fdde817094ddeecfb3f06d5d0,2024-10-23T15:13:25.583000 CVE-2024-49920,0,0,1be42ef77ee9fc1c65ad81ab0dcd66fba1641a6fdde817094ddeecfb3f06d5d0,2024-10-23T15:13:25.583000
CVE-2024-49921,0,0,6967ef728c2f67d4bb212d10da40edb6fbaf0fe7acdb581bbe0d307f401b8b13,2024-10-23T15:13:25.583000 CVE-2024-49921,0,0,6967ef728c2f67d4bb212d10da40edb6fbaf0fe7acdb581bbe0d307f401b8b13,2024-10-23T15:13:25.583000
CVE-2024-49922,0,0,ca91ba7162cc32dc4e2cf14fb163208d854cd671aa75638cf4d3976a29621ea0,2024-10-23T15:13:25.583000 CVE-2024-49922,0,0,ca91ba7162cc32dc4e2cf14fb163208d854cd671aa75638cf4d3976a29621ea0,2024-10-23T15:13:25.583000
CVE-2024-49923,0,0,82332cfea17dbcccff91a9f356a4aa30d314d8e49cbe8e60b1cf1638309ed2f5,2024-10-23T15:13:25.583000 CVE-2024-49923,0,1,09ac36e1842b66b81133b68e0fa1454145946558f64c3262440b063666a332ca,2024-10-24T19:43:27.327000
CVE-2024-49924,0,0,e3e9d77dac8e6a933e59737e42ece4edc4793234e163acb67d340babaa85575b,2024-10-23T15:13:25.583000 CVE-2024-49924,0,0,e3e9d77dac8e6a933e59737e42ece4edc4793234e163acb67d340babaa85575b,2024-10-23T15:13:25.583000
CVE-2024-49925,0,0,6717452f4abf1a8f70ff5a0320447c3ada5e06f5537ce54743f004253e0476ee,2024-10-23T15:13:25.583000 CVE-2024-49925,0,0,6717452f4abf1a8f70ff5a0320447c3ada5e06f5537ce54743f004253e0476ee,2024-10-23T15:13:25.583000
CVE-2024-49926,0,0,c340907a54f3f82bc1267ccf326bdc9da10ebc5c7cb46a2ab73c0d413d3ff7bf,2024-10-23T15:13:25.583000 CVE-2024-49926,0,0,c340907a54f3f82bc1267ccf326bdc9da10ebc5c7cb46a2ab73c0d413d3ff7bf,2024-10-23T15:13:25.583000
@ -263211,29 +263235,29 @@ CVE-2024-5003,0,0,657f01af6ae4ffebd5508957e0a4ee664437c9c42d64fc0c4eaff54aefed65
CVE-2024-50030,0,0,0347086f25dca26915e1436dcfd2de7f4b8fab3635e9fbe7eb8d2175af5dab95,2024-10-23T15:12:34.673000 CVE-2024-50030,0,0,0347086f25dca26915e1436dcfd2de7f4b8fab3635e9fbe7eb8d2175af5dab95,2024-10-23T15:12:34.673000
CVE-2024-50031,0,0,cc20af791cbec3a7c1c3bd59071b20e2915a6a03702994dd9f9650b8797df511,2024-10-23T15:12:34.673000 CVE-2024-50031,0,0,cc20af791cbec3a7c1c3bd59071b20e2915a6a03702994dd9f9650b8797df511,2024-10-23T15:12:34.673000
CVE-2024-50032,0,0,9431344800434d7ee15e18d71c026f970a422c249ecc1b3c7c4159bc2d6ab597,2024-10-23T15:12:34.673000 CVE-2024-50032,0,0,9431344800434d7ee15e18d71c026f970a422c249ecc1b3c7c4159bc2d6ab597,2024-10-23T15:12:34.673000
CVE-2024-50033,0,0,c4783e4124030a679795d5a36f640033093e5797281cfae939df4742960d09ed,2024-10-23T15:12:34.673000 CVE-2024-50033,0,1,31b01ea83bcca81918c070b63b5485c88672f34d727199970bc597721f06bb09,2024-10-24T19:56:04.097000
CVE-2024-50034,0,0,36b290bc69fb0970f5239d91ff72d9a2ae2fe9bece8fba61d1e7bb3293756060,2024-10-23T15:12:34.673000 CVE-2024-50034,0,1,ef0ee6c054fa6d95d82a1cc5e3a063aef10790efa19e561bb55f1a0df403b297,2024-10-24T19:56:29.170000
CVE-2024-50035,0,0,627272532496610a9cf027bbba85665ddf6863f7df3ac770ae831e28bf6db798,2024-10-23T15:12:34.673000 CVE-2024-50035,0,1,9397571eb914efebc6686d6fee86d3765ca656654c3527a13621032f6dad372b,2024-10-24T19:54:01.987000
CVE-2024-50036,0,0,28901e0166f56dd1988eca00f958e5283f611146fde3cc7b000114e6ee533ed9,2024-10-23T15:12:34.673000 CVE-2024-50036,0,0,28901e0166f56dd1988eca00f958e5283f611146fde3cc7b000114e6ee533ed9,2024-10-23T15:12:34.673000
CVE-2024-50037,0,0,4ee031bfddc4e8f99ddb949f282f6ad1a356c779ae1c3537126fd37e56dbeca8,2024-10-23T15:12:34.673000 CVE-2024-50037,0,0,4ee031bfddc4e8f99ddb949f282f6ad1a356c779ae1c3537126fd37e56dbeca8,2024-10-23T15:12:34.673000
CVE-2024-50038,0,0,13f261ea139b7c77c532175eab38c9e4be7c3afe3db507ae1ed5105376d28292,2024-10-23T15:12:34.673000 CVE-2024-50038,0,0,13f261ea139b7c77c532175eab38c9e4be7c3afe3db507ae1ed5105376d28292,2024-10-23T15:12:34.673000
CVE-2024-50039,0,0,75801edb89c7be222bf7c69a5ad76563c04d4f50df342fe887cbc18b83b75ff9,2024-10-23T15:12:34.673000 CVE-2024-50039,0,0,75801edb89c7be222bf7c69a5ad76563c04d4f50df342fe887cbc18b83b75ff9,2024-10-23T15:12:34.673000
CVE-2024-5004,0,0,dbb46916d3eaa00ba190ac36848b4f73f0fcf9ebf3415c8f81f52119cf8e2d54,2024-08-01T13:59:37.913000 CVE-2024-5004,0,0,dbb46916d3eaa00ba190ac36848b4f73f0fcf9ebf3415c8f81f52119cf8e2d54,2024-08-01T13:59:37.913000
CVE-2024-50040,0,0,981131558689eff63e7408bc26260009c579c8ae379b09b9fc858d45385e4ec1,2024-10-23T15:12:34.673000 CVE-2024-50040,0,0,981131558689eff63e7408bc26260009c579c8ae379b09b9fc858d45385e4ec1,2024-10-23T15:12:34.673000
CVE-2024-50041,0,0,fef3c0699535cb60d05a11827c9c4db8904e57356336ade90447872a123f9f27,2024-10-23T15:12:34.673000 CVE-2024-50041,0,1,d48ad1d9e36b6ac3d6d954212f935345fcc28a78e693e8da5498dd1085259517,2024-10-24T19:31:39.373000
CVE-2024-50042,0,0,47d7a84ed9d469b00f4e210ab7562f73a18e6669a1c07a4576676ffef293e83f,2024-10-23T15:12:34.673000 CVE-2024-50042,0,0,47d7a84ed9d469b00f4e210ab7562f73a18e6669a1c07a4576676ffef293e83f,2024-10-23T15:12:34.673000
CVE-2024-50043,0,0,6fa8e9fd6b09a93abfe49cae2c2b3b9e1564d5e68284b44e286cd6f9b0d9f6f1,2024-10-23T15:12:34.673000 CVE-2024-50043,0,1,2972cb53a30dd078fc2eb8fda442a65781870d0dbaebb36d8be92565bfd7f051,2024-10-24T19:32:21.480000
CVE-2024-50044,0,0,99adc3b386d7b0b967167aa7a713bc7f801d66056d94b4526b6f57fba90cb805,2024-10-23T15:12:34.673000 CVE-2024-50044,0,1,41e0e7cf31c36df6f6442bbd80b53a07a7e614cf4d1cf42a43ab7eecafb0b9a9,2024-10-24T19:36:12.717000
CVE-2024-50045,0,0,fe55a30d3128e36327b37c82ba94a1ff0132cabb54f3adbbcc568b84d8fc966e,2024-10-23T15:12:34.673000 CVE-2024-50045,0,1,6b3c6f611baa60631c237de06e0c9f244d76e5c84ee48cc375c5fff0d7c11f86,2024-10-24T19:38:03.343000
CVE-2024-50046,0,0,4e255f676ca189e5e9e50101b26a65e95afe2fd8c7d6b981181f54054bdf130d,2024-10-23T15:12:34.673000 CVE-2024-50046,0,1,92dff903e2c1a515c4d71882720d0d8376f6d82cd5b825071a3b47f34c34752e,2024-10-24T18:59:55.950000
CVE-2024-50047,0,0,14e282f60ba539c523eed67f2ff3efdc4ac28f90eb922d10809f6bfe74f01181,2024-10-23T22:16:21.783000 CVE-2024-50047,0,0,14e282f60ba539c523eed67f2ff3efdc4ac28f90eb922d10809f6bfe74f01181,2024-10-23T22:16:21.783000
CVE-2024-50048,0,0,d005bc43ac7dffe85bb1b4c62a0be79335a5f23ef87660a48780d7c73272a7ca,2024-10-23T21:46:11.533000 CVE-2024-50048,0,0,d005bc43ac7dffe85bb1b4c62a0be79335a5f23ef87660a48780d7c73272a7ca,2024-10-23T21:46:11.533000
CVE-2024-50049,0,0,8a3f3791bfb77ef3d490e872a72df28d44a50dd01f038b8f63798b04c8c73740,2024-10-23T21:45:43.657000 CVE-2024-50049,0,0,8a3f3791bfb77ef3d490e872a72df28d44a50dd01f038b8f63798b04c8c73740,2024-10-23T21:45:43.657000
CVE-2024-5005,0,0,28bdb1683e492d24b33087981d0823dd42f49eeb8c271eabba28b1e925e506ca,2024-10-15T12:58:51.050000 CVE-2024-5005,0,0,28bdb1683e492d24b33087981d0823dd42f49eeb8c271eabba28b1e925e506ca,2024-10-15T12:58:51.050000
CVE-2024-50050,0,0,75d86e88f7994c1f3b20bb87cac7d396514a1e4ee924d9d29743f3bd699759ce,2024-10-23T15:12:34.673000 CVE-2024-50050,0,1,66652f02df241336011c1992f267ec2c5372a9547dcd28fcca3e67d65a218700,2024-10-24T19:35:08.107000
CVE-2024-50055,0,0,223ed98e7a7f4160f8634a62679e487b1296c8eb2d61be84de5731c91a2cb49b,2024-10-23T21:45:15.137000 CVE-2024-50055,0,0,223ed98e7a7f4160f8634a62679e487b1296c8eb2d61be84de5731c91a2cb49b,2024-10-23T21:45:15.137000
CVE-2024-50056,0,0,67d5758c0ace6615570a11511305d2b63ab44abb1709d3f0417dc90e404e22ad,2024-10-23T15:12:34.673000 CVE-2024-50056,0,0,67d5758c0ace6615570a11511305d2b63ab44abb1709d3f0417dc90e404e22ad,2024-10-23T15:12:34.673000
CVE-2024-50057,0,1,ba05620682b6a9a556450ee0eed48c115fc6212d5ab9174ae69859e3d6638159,2024-10-24T16:12:52.007000 CVE-2024-50057,0,0,ba05620682b6a9a556450ee0eed48c115fc6212d5ab9174ae69859e3d6638159,2024-10-24T16:12:52.007000
CVE-2024-50058,0,0,5c7e2a7b63fab028d5018f93b8a6b8a06cc5b9fb81e08f0403fa260f9293f6d6,2024-10-24T03:56:53.457000 CVE-2024-50058,0,0,5c7e2a7b63fab028d5018f93b8a6b8a06cc5b9fb81e08f0403fa260f9293f6d6,2024-10-24T03:56:53.457000
CVE-2024-50059,0,0,637e1b905e7f0ee0f85aae4a124e208305673f9d994e91a484199eea781de395,2024-10-24T03:55:55.617000 CVE-2024-50059,0,0,637e1b905e7f0ee0f85aae4a124e208305673f9d994e91a484199eea781de395,2024-10-24T03:55:55.617000
CVE-2024-5006,0,0,275a7db4a7750ed7acf4e95109b09b599d0f03c3ae61db2773b61bbc80a38eed,2024-06-11T17:36:24 CVE-2024-5006,0,0,275a7db4a7750ed7acf4e95109b09b599d0f03c3ae61db2773b61bbc80a38eed,2024-06-11T17:36:24
@ -263424,7 +263448,7 @@ CVE-2024-5202,0,0,506e1bf31418d031771b54eb5cec35a7698867910819f07cfbd45cd0a9a0bc
CVE-2024-5203,0,0,e867d44b31fa735ecaef1844aba382841138e742c9b7e957e6089969316cab00,2024-09-13T11:15:10.197000 CVE-2024-5203,0,0,e867d44b31fa735ecaef1844aba382841138e742c9b7e957e6089969316cab00,2024-09-13T11:15:10.197000
CVE-2024-5204,0,0,87eb5b753d379a1bd1ef79b260f2b73c84b7ff9a4b79082cf351323e04c98a6d,2024-05-29T13:02:09.280000 CVE-2024-5204,0,0,87eb5b753d379a1bd1ef79b260f2b73c84b7ff9a4b79082cf351323e04c98a6d,2024-05-29T13:02:09.280000
CVE-2024-5205,0,0,4921ed356d4f56252ffbf3c608cb3301846a77ee8cc9c08ec7f0a543467e385d,2024-05-24T13:03:11.993000 CVE-2024-5205,0,0,4921ed356d4f56252ffbf3c608cb3301846a77ee8cc9c08ec7f0a543467e385d,2024-05-24T13:03:11.993000
CVE-2024-5206,0,0,949f6fc71375d4626489d3f545bf3c5118f704b122802585ae58b6156da35470,2024-06-17T19:15:59.190000 CVE-2024-5206,0,1,b3f524211e1d68f8da056248f629dbe7f435bd9f6a2b4ba4133bd7fb2ec50998,2024-10-24T19:48:31.637000
CVE-2024-5207,0,0,181dd5a561a1ca6cee33a4a5369908472f122edb94b0d0fa7d6cd5b5e2958e5a,2024-05-30T13:15:41.297000 CVE-2024-5207,0,0,181dd5a561a1ca6cee33a4a5369908472f122edb94b0d0fa7d6cd5b5e2958e5a,2024-05-30T13:15:41.297000
CVE-2024-5208,0,0,1cccb0861be6781d1738a6540c67013b2ca290af7bc911f2a2acee7d44fa67ac,2024-06-20T12:44:01.637000 CVE-2024-5208,0,0,1cccb0861be6781d1738a6540c67013b2ca290af7bc911f2a2acee7d44fa67ac,2024-06-20T12:44:01.637000
CVE-2024-5209,0,0,7531866dc2069833de5cded2977d100fe13c1eac0700fc84557e1bd601c0dcd0,2024-08-19T13:00:23.117000 CVE-2024-5209,0,0,7531866dc2069833de5cded2977d100fe13c1eac0700fc84557e1bd601c0dcd0,2024-08-19T13:00:23.117000
@ -266619,7 +266643,7 @@ CVE-2024-9327,0,0,9bb62fae114b1c29588ad2672d640859a17a9f3af7375a799fc34e218e9d39
CVE-2024-9328,0,0,a5f7378f6f2f1cd502f7cde1b5f6090c2d79ebec3e3af2aa2eaafb1f04d0c325,2024-10-01T11:34:57.773000 CVE-2024-9328,0,0,a5f7378f6f2f1cd502f7cde1b5f6090c2d79ebec3e3af2aa2eaafb1f04d0c325,2024-10-01T11:34:57.773000
CVE-2024-9329,0,0,45383f73609cef2d97bbcc2a37f0da26902c147f00f71a92dd725b6696a1e709,2024-10-07T15:52:47.267000 CVE-2024-9329,0,0,45383f73609cef2d97bbcc2a37f0da26902c147f00f71a92dd725b6696a1e709,2024-10-07T15:52:47.267000
CVE-2024-9333,0,0,29d3d497691b594c7c49948d48e229bbe8c23108f2eef552b2f92cd89acf1f06,2024-10-04T13:50:43.727000 CVE-2024-9333,0,0,29d3d497691b594c7c49948d48e229bbe8c23108f2eef552b2f92cd89acf1f06,2024-10-04T13:50:43.727000
CVE-2024-9341,0,1,f8a94021657a84b0a8a7f02fa8cec5f16786f04bfc5a818ab209c4ad8270f994,2024-10-24T17:15:17.773000 CVE-2024-9341,0,0,f8a94021657a84b0a8a7f02fa8cec5f16786f04bfc5a818ab209c4ad8270f994,2024-10-24T17:15:17.773000
CVE-2024-9344,0,0,d870e129ed50c7683cdbbee07d60a73dcd8b852b9805e9d5932c8a41008c379e,2024-10-08T15:06:57.470000 CVE-2024-9344,0,0,d870e129ed50c7683cdbbee07d60a73dcd8b852b9805e9d5932c8a41008c379e,2024-10-08T15:06:57.470000
CVE-2024-9345,0,0,b08be38bdc65e7df784af6af5cf36510583fc49f8a0ab62bc24aed87f83f55d0,2024-10-08T16:10:17.567000 CVE-2024-9345,0,0,b08be38bdc65e7df784af6af5cf36510583fc49f8a0ab62bc24aed87f83f55d0,2024-10-08T16:10:17.567000
CVE-2024-9346,0,0,62d32d35d45fd426e51a0ed8886468a70178025d3407ee17aee209be78f55958,2024-10-15T12:58:51.050000 CVE-2024-9346,0,0,62d32d35d45fd426e51a0ed8886468a70178025d3407ee17aee209be78f55958,2024-10-15T12:58:51.050000
@ -266797,7 +266821,7 @@ CVE-2024-9680,0,0,db0e4e19e09673238ffe3dfbb8e95974e9346a75b4fd6d9319c03e5970bb64
CVE-2024-9683,0,0,a648737766df3deb74ddc86e7dcd00883598b7b3c943d9054e11451b5f185407,2024-10-18T12:52:33.507000 CVE-2024-9683,0,0,a648737766df3deb74ddc86e7dcd00883598b7b3c943d9054e11451b5f185407,2024-10-18T12:52:33.507000
CVE-2024-9685,0,0,a93c724a8b2ee6ce4a46c54a35028c939ad55b1fb441a5b479f473edc57de420,2024-10-15T14:30:00.483000 CVE-2024-9685,0,0,a93c724a8b2ee6ce4a46c54a35028c939ad55b1fb441a5b479f473edc57de420,2024-10-15T14:30:00.483000
CVE-2024-9687,0,0,ae8c4791dae243694c67044fa0088a221548cce6d43bc08144a537d590a79ff2,2024-10-17T21:11:14.197000 CVE-2024-9687,0,0,ae8c4791dae243694c67044fa0088a221548cce6d43bc08144a537d590a79ff2,2024-10-17T21:11:14.197000
CVE-2024-9692,1,1,6dd20137c684356cbe43f8c600b76e81e85475806edcfb51db7aa9641c4637e8,2024-10-24T17:15:17.953000 CVE-2024-9692,0,0,6dd20137c684356cbe43f8c600b76e81e85475806edcfb51db7aa9641c4637e8,2024-10-24T17:15:17.953000
CVE-2024-9696,0,0,78e7cb06b620e1544d9c6811ae0c44cf981cc195d0067b351c711666292c356e,2024-10-15T12:57:46.880000 CVE-2024-9696,0,0,78e7cb06b620e1544d9c6811ae0c44cf981cc195d0067b351c711666292c356e,2024-10-15T12:57:46.880000
CVE-2024-9703,0,0,dd5db55cccdddcc3b58f6b494a8ef777447f72688cd0a2c60dac8e42fee7b6a9,2024-10-22T15:25:27.887000 CVE-2024-9703,0,0,dd5db55cccdddcc3b58f6b494a8ef777447f72688cd0a2c60dac8e42fee7b6a9,2024-10-22T15:25:27.887000
CVE-2024-9704,0,0,44ebf677ae69495b92126e2eb8d9d17c07544c8235e40f4412f83b24b48e2f3a,2024-10-15T12:57:46.880000 CVE-2024-9704,0,0,44ebf677ae69495b92126e2eb8d9d17c07544c8235e40f4412f83b24b48e2f3a,2024-10-15T12:57:46.880000

Can't render this file because it is too large.