admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-10-30T19:00:20.325771+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-10-30 19:03:22 +00:00
parent eb2565b3f8
commit ff07c8e554
126 changed files with 6747 additions and 663 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
CVE-2018/CVE-2018-251xx/CVE-2018-25105.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2018-25105",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-16T07:15:05.467",
"lastModified": "2024-10-16T16:38:14.557",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-30T18:23:57.830",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,38 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=1942390%40wp-file-manager&new=1942390%40wp-file-manager&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
"nodes": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a56d5a2f-ae13-4523-bc4a-17bb2fb4c6f0?source=cve",
"source": "security@wordfence.com"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:filemanagerpro:file_manager:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.0",
"matchCriteriaId": "3C1C0E9F-2C3E-4AF5-A367-6941B5D92530"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=1942390%40wp-file-manager&new=1942390%40wp-file-manager&sfp_email=&sfph_mail=",
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a56d5a2f-ae13-4523-bc4a-17bb2fb4c6f0?source=cve",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

62
CVE-2019/CVE-2019-252xx/CVE-2019-25213.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2019-25213",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-16T07:15:05.790",
"lastModified": "2024-10-16T16:38:14.557",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-30T18:20:42.563",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -18,8 +18,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
@ -51,14 +71,38 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://plugins.trac.wordpress.org/changeset/2098838/advanced-access-manager/trunk/application/Core/Media.php?old=2151316&old_path=advanced-access-manager%2Ftrunk%2Fapplication%2FCore%2FMedia.php",
"source": "security@wordfence.com"
},
"nodes": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/55e0f0df-7be2-4e18-988c-2cc558768eff?source=cve",
"source": "security@wordfence.com"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vasyltech:advanced_access_manager:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "5.9.8.1",
"matchCriteriaId": "66170E0E-92A2-44E5-A6F0-83595E62C8C7"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/2098838/advanced-access-manager/trunk/application/Core/Media.php?old=2151316&old_path=advanced-access-manager%2Ftrunk%2Fapplication%2FCore%2FMedia.php",
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/55e0f0df-7be2-4e18-988c-2cc558768eff?source=cve",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

62
CVE-2020/CVE-2020-263xx/CVE-2020-26311.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-26311",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-10-26T21:15:14.400",
"lastModified": "2024-10-28T13:58:09.230",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-30T18:07:38.110",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -59,6 +59,28 @@
"baseSeverity": "HIGH"
}
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
@ -73,14 +95,38 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/3rd-Eden/useragent/issues/167",
"source": "security-advisories@github.com"
},
"nodes": [
{
"url": "https://securitylab.github.com/advisories/GHSL-2020-312-redos-useragent/",
"source": "security-advisories@github.com"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:useragent_project:useragent:*:*:*:*:*:node.js:*:*",
"matchCriteriaId": "BBA66A46-0609-4D7A-8CB6-B5EAA8E5BB0B"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/3rd-Eden/useragent/issues/167",
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://securitylab.github.com/advisories/GHSL-2020-312-redos-useragent/",
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

14
CVE-2021/CVE-2021-263xx/CVE-2021-26387.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-26387",
"sourceIdentifier": "psirt@amd.com",
"published": "2024-08-13T17:15:17.563",
"lastModified": "2024-08-14T02:07:05.410",
"lastModified": "2024-10-30T18:35:00.703",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"references": [
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html",

62
CVE-2021/CVE-2021-44xx/CVE-2021-4448.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4448",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-16T07:15:10.980",
"lastModified": "2024-10-16T16:38:14.557",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-30T18:18:58.743",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -18,8 +18,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
@ -51,14 +71,38 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://codecanyon.net/item/kaswara-modern-visual-composer-addons/19341477",
"source": "security@wordfence.com"
},
"nodes": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3bf76527-9a11-4755-992c-02fbc1a79bae?source=cve",
"source": "security@wordfence.com"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:kaswara_project:kaswara:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.0.1",
"matchCriteriaId": "8B9EF5A0-624E-4C09-8DB5-8DD87CFF3FFA"
}
]
}
]
}
],
"references": [
{
"url": "https://codecanyon.net/item/kaswara-modern-visual-composer-addons/19341477",
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3bf76527-9a11-4755-992c-02fbc1a79bae?source=cve",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

83
CVE-2021/CVE-2021-44xx/CVE-2021-4449.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4449",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-16T07:15:11.243",
"lastModified": "2024-10-16T16:38:14.557",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-30T18:06:45.840",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,30 +51,67 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://codecanyon.net/item/zoomsounds-wordpress-wave-audio-player-with-playlist/6181433",
"source": "security@wordfence.com"
},
"nodes": [
{
"url": "https://github.com/0xAgun/Arbitrary-File-Upload-ZoomSounds",
"source": "security@wordfence.com"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://ithemes.com/blog/wordpress-vulnerability-report-june-2021-part-5/#ib-toc-anchor-2",
"source": "security@wordfence.com"
},
{
"url": "https://sploitus.com/exploit?id=WPEX-ID:07259A61-8BA9-4DD0-8D52-CC1DF389C0AD",
"source": "security@wordfence.com"
},
{
"url": "https://wpscan.com/vulnerability/07259a61-8ba9-4dd0-8d52-cc1df389c0ad",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/262e3bb3-bc83-4d0b-8056-9f94ec141b8f?source=cve",
"source": "security@wordfence.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:digitalzoomstudio:zoomsounds:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "5.96",
"matchCriteriaId": "18F540A6-EDA6-432F-9F80-9CEFA635C98C"
}
]
}
]
}
],
"references": [
{
"url": "https://codecanyon.net/item/zoomsounds-wordpress-wave-audio-player-with-playlist/6181433",
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://github.com/0xAgun/Arbitrary-File-Upload-ZoomSounds",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://ithemes.com/blog/wordpress-vulnerability-report-june-2021-part-5/#ib-toc-anchor-2",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://sploitus.com/exploit?id=WPEX-ID:07259A61-8BA9-4DD0-8D52-CC1DF389C0AD",
"source": "security@wordfence.com",
"tags": [
"Exploit"
]
},
{
"url": "https://wpscan.com/vulnerability/07259a61-8ba9-4dd0-8d52-cc1df389c0ad",
"source": "security@wordfence.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/262e3bb3-bc83-4d0b-8056-9f94ec141b8f?source=cve",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

40
CVE-2021/CVE-2021-44xx/CVE-2021-4450.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4450",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-16T07:15:11.527",
"lastModified": "2024-10-16T16:38:14.557",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-30T17:47:05.390",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,38 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://plugins.trac.wordpress.org/changeset/2644269",
"source": "security@wordfence.com"
},
"nodes": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a321b112-ce37-4a0e-800f-f3feef6ac799?source=cve",
"source": "security@wordfence.com"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pickplugins:post_grid:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.1.12",
"matchCriteriaId": "75DBB5BA-4674-490D-BE00-C490CE152EB6"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/2644269",
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a321b112-ce37-4a0e-800f-f3feef6ac799?source=cve",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

72
CVE-2021/CVE-2021-44xx/CVE-2021-4451.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4451",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-16T07:15:11.770",
"lastModified": "2024-10-16T16:38:14.557",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-30T17:44:27.477",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -18,8 +18,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -51,14 +81,38 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://blog.nintechnet.com/security-issue-fixed-in-ninjafirewall-wp-edition/",
"source": "security@wordfence.com"
},
"nodes": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1a1fc6c9-50cd-40fd-a777-9eed98aab797?source=cve",
"source": "security@wordfence.com"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nintechnet:ninjafirewall:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "4.3.3",
"matchCriteriaId": "B40285DA-CA5C-4957-8463-763DE6476032"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/security-issue-fixed-in-ninjafirewall-wp-edition/",
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1a1fc6c9-50cd-40fd-a777-9eed98aab797?source=cve",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

127
CVE-2022/CVE-2022-490xx/CVE-2022-49001.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49001",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T20:15:11.773",
"lastModified": "2024-10-23T15:13:25.583",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-30T18:58:53.863",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,19 +15,124 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: riscv: arregla la ejecuci\u00f3n cuando se desborda la pila de vmap Actualmente, al detectar un desbordamiento de la pila de vmap, riscv primero cambia a la llamada pila de sombra, luego usa esta pila de sombra para llamar a get_overflow_stack() para obtener la pila de desbordamiento. Sin embargo, aqu\u00ed hay una ejecuci\u00f3n si dos o m\u00e1s harts usan la misma pila de sombra al mismo tiempo. Para resolver esta ejecuci\u00f3n, introducimos la variable at\u00f3mica spin_shadow_stack, que se intercambiar\u00e1 entre su propia direcci\u00f3n y 0 de forma at\u00f3mica, cuando la variable est\u00e1 configurada, significa que se est\u00e1 usando shadow_stack; cuando la variable se borra, significa que no se est\u00e1 usando shadow_stack. [Palmer: Agrega AQ al intercambio y tambi\u00e9n algunos comentarios]."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/7e1864332fbc1b993659eab7974da9fe8bf8c128",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/879fabc5a95401d9bce357e4b1d24ae4a360a81f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.0,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/ac00301adb19df54f2eae1efc4bad7447c0156ce",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-362"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.14",
"versionEndExcluding": "5.15.82",
"matchCriteriaId": "6B49AE96-FD69-40D4-A29C-DC4DB7DE3CDB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.0.12",
"matchCriteriaId": "D6D56E90-F3EE-413D-B3E2-B518932F0C7D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E7E331DA-1FB0-4DEC-91AC-7DA69D461C11"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "17F0B248-42CF-4AE6-A469-BB1BAE7F4705"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E2422816-0C14-4B5E-A1E6-A9D776E5C49B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*",
"matchCriteriaId": "1C6E00FE-5FB9-4D20-A1A1-5A32128F9B76"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*",
"matchCriteriaId": "35B26BE4-43A6-4A36-A7F6-5B3F572D9186"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*",
"matchCriteriaId": "3FFFB0B3-930D-408A-91E2-BAE0C2715D80"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc7:*:*:*:*:*:*",
"matchCriteriaId": "8535320E-A0DB-4277-800E-D0CE5BBA59E8"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/7e1864332fbc1b993659eab7974da9fe8bf8c128",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/879fabc5a95401d9bce357e4b1d24ae4a360a81f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ac00301adb19df54f2eae1efc4bad7447c0156ce",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

14
CVE-2023/CVE-2023-383xx/CVE-2023-38379.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-38379",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-16T17:15:09.337",
"lastModified": "2023-07-26T03:28:37.867",
"vulnStatus": "Analyzed",
"lastModified": "2024-10-30T18:35:01.937",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -45,6 +45,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
}
],
"configurations": [

101
CVE-2024/CVE-2024-05xx/CVE-2024-0568.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0568",
"sourceIdentifier": "cybersecurity@se.com",
"published": "2024-02-14T17:15:11.440",
"lastModified": "2024-02-14T18:04:50.373",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-30T18:52:38.517",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "cybersecurity@se.com",
"type": "Secondary",
@ -41,8 +61,18 @@
},
"weaknesses": [
{
"source": "cybersecurity@se.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "cybersecurity@se.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -51,10 +81,69 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-044-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-044-02.pdf",
"source": "cybersecurity@se.com"
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:se:rmnf22tb30_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8AD0EE30-4C33-49FC-ACAF-0954B6146663"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:se:rmnf22tb30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E183566E-1734-4530-8919-066259D6FBF5"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:se:renf22r2mmw_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ABF12535-94D8-4D4A-81F9-55C37C59052D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:se:renf22r2mmw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7855741A-4D18-408A-A7EB-C37C1388ADA3"
}
]
}
]
}
],
"references": [
{
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-044-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-044-02.pdf",
"source": "cybersecurity@se.com",
"tags": [
"Vendor Advisory"
]
}
]
}

94
CVE-2024/CVE-2024-100xx/CVE-2024-10033.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-10033",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-10-16T17:15:13.267",
"lastModified": "2024-10-30T03:15:03.337",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-10-30T18:50:04.137",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -18,8 +18,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "secalert@redhat.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
@ -51,18 +71,72 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://access.redhat.com/errata/RHSA-2024:8534",
"source": "secalert@redhat.com"
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:ansible_automation_platform:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BE3FEC89-D26D-4144-8298-4276390AE424"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2024-10033",
"source": "secalert@redhat.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:ansible_developer:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EF19DE86-0524-4785-B606-F8E384FD23F1"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2319162",
"source": "secalert@redhat.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:ansible_inside:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B2C9238C-11E7-42A2-A87B-3B82F1F6DA5B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
}
]
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/errata/RHSA-2024:8534",
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/security/cve/CVE-2024-10033",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2319162",
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
}
]
}

64
CVE-2024/CVE-2024-102xx/CVE-2024-10234.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-10234",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-10-22T14:15:14.573",
"lastModified": "2024-10-23T15:12:34.673",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-30T18:50:59.883",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -18,8 +18,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "secalert@redhat.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.2
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N",
@ -51,14 +71,42 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://access.redhat.com/security/cve/CVE-2024-10234",
"source": "secalert@redhat.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:build_of_keycloak:-:*:*:*:*:*:*:*",
"matchCriteriaId": "824BB506-D01A-4C88-AD4A-3C94A2409CD2"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2320848",
"source": "secalert@redhat.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "01FBC63E-BB92-49FF-AA00-BF0FCC17732A"
}
]
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2024-10234",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2320848",
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking"
]
}
]
}

94
CVE-2024/CVE-2024-103xx/CVE-2024-10355.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-10355",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-25T01:15:13.497",
"lastModified": "2024-10-25T12:56:07.750",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-30T17:13:02.417",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -120,26 +140,62 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/K1nako0/tmp_vuln4/blob/main/README.md",
"source": "cna@vuldb.com"
},
"nodes": [
{
"url": "https://vuldb.com/?ctiid.281702",
"source": "cna@vuldb.com"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://vuldb.com/?id.281702",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.430077",
"source": "cna@vuldb.com"
},
{
"url": "https://www.sourcecodester.com/",
"source": "cna@vuldb.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:mayurik:petrol_pump_management:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A334E610-B489-4A7C-B31A-1132B26FFF0B"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/K1nako0/tmp_vuln4/blob/main/README.md",
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.281702",
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.281702",
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.430077",
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://www.sourcecodester.com/",
"source": "cna@vuldb.com",
"tags": [
"Product"
]
}
]
}

95
CVE-2024/CVE-2024-103xx/CVE-2024-10379.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10379",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-25T12:15:02.890",
"lastModified": "2024-10-25T12:56:07.750",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-30T18:54:15.323",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic was found in ESAFENET CDG 5. Affected by this vulnerability is the function actionViewDecyptFile of the file /com/esafenet/servlet/client/DecryptApplicationService.java. The manipulation of the argument decryptFileId with the input ../../../Windows/System32/drivers/etc/hosts leads to path traversal: '../filedir'. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The affected function has a typo and is missing an R. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad clasificada como problem\u00e1tica en ESAFENET CDG 5. La funci\u00f3n actionViewDecyptFile del archivo /com/esafenet/servlet/client/DecryptApplicationService.java est\u00e1 afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento decryptFileId con la entrada ../../../Windows/System32/drivers/etc/hosts conduce a un path traversal: '../filedir'. El ataque se puede lanzar de forma remota. El exploit se ha divulgado al p\u00fablico y puede utilizarse. La funci\u00f3n afectada tiene un error tipogr\u00e1fico y le falta una R. Se contact\u00f3 al proveedor con anticipaci\u00f3n sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera."
}
],
"metrics": {
@ -57,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -106,8 +130,18 @@
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -116,22 +150,51 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://flowus.cn/share/0b03c61a-76a5-4f45-9ee7-a88e0f21d539?code=G8A6P3",
"source": "cna@vuldb.com"
},
"nodes": [
{
"url": "https://vuldb.com/?ctiid.281809",
"source": "cna@vuldb.com"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://vuldb.com/?id.281809",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.426087",
"source": "cna@vuldb.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:esafenet:cdg:5:*:*:*:*:*:*:*",
"matchCriteriaId": "94F213FF-17EB-4B99-9621-80792AD14A74"
}
]
}
]
}
],
"references": [
{
"url": "https://flowus.cn/share/0b03c61a-76a5-4f45-9ee7-a88e0f21d539?code=G8A6P3",
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.281809",
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?id.281809",
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?submit.426087",
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

83
CVE-2024/CVE-2024-104xx/CVE-2024-10426.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-10426",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-27T20:15:02.447",
"lastModified": "2024-10-28T13:58:09.230",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-10-30T18:16:03.617",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -120,22 +140,55 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/ppp-src/CVE/issues/21",
"source": "cna@vuldb.com"
},
"nodes": [
{
"url": "https://vuldb.com/?ctiid.281967",
"source": "cna@vuldb.com"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://vuldb.com/?id.281967",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.432132",
"source": "cna@vuldb.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:codezips:pet_shop_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E41915B8-0D4A-49AF-90F2-6DBCAE78A889"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/ppp-src/CVE/issues/21",
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.281967",
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.281967",
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.432132",
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

82
CVE-2024/CVE-2024-104xx/CVE-2024-10427.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-10427",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-27T20:15:02.743",
"lastModified": "2024-10-28T13:58:09.230",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-10-30T18:21:48.327",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -120,22 +140,54 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/ppp-src/CVE/issues/22",
"source": "cna@vuldb.com"
},
"nodes": [
{
"url": "https://vuldb.com/?ctiid.281968",
"source": "cna@vuldb.com"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://vuldb.com/?id.281968",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.432134",
"source": "cna@vuldb.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:codezips:pet_shop_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E41915B8-0D4A-49AF-90F2-6DBCAE78A889"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/ppp-src/CVE/issues/22",
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.281968",
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.281968",
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.432134",
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

83
CVE-2024/CVE-2024-104xx/CVE-2024-10430.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-10430",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-27T23:15:02.487",
"lastModified": "2024-10-28T13:58:09.230",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-30T18:48:43.473",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -120,22 +140,55 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/ppp-src/CVE/issues/23",
"source": "cna@vuldb.com"
},
"nodes": [
{
"url": "https://vuldb.com/?ctiid.281981",
"source": "cna@vuldb.com"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://vuldb.com/?id.281981",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.432149",
"source": "cna@vuldb.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:codezips:pet_shop_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E41915B8-0D4A-49AF-90F2-6DBCAE78A889"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/ppp-src/CVE/issues/23",
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.281981",
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.281981",
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.432149",
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

82
CVE-2024/CVE-2024-104xx/CVE-2024-10431.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-10431",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-27T23:15:02.747",
"lastModified": "2024-10-28T13:58:09.230",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-30T18:10:49.883",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -120,22 +140,54 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/ppp-src/CVE/issues/24",
"source": "cna@vuldb.com"
},
"nodes": [
{
"url": "https://vuldb.com/?ctiid.281982",
"source": "cna@vuldb.com"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://vuldb.com/?id.281982",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.432150",
"source": "cna@vuldb.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:codezips:pet_shop_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E41915B8-0D4A-49AF-90F2-6DBCAE78A889"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/ppp-src/CVE/issues/24",
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.281982",
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.281982",
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?submit.432150",
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

83
CVE-2024/CVE-2024-104xx/CVE-2024-10432.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-10432",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-28T00:15:03.103",
"lastModified": "2024-10-28T13:58:09.230",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-30T18:45:59.990",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -120,22 +140,55 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/jadu101/CVE/blob/main/project_worlds_simple_web_based_chat_app_index_sqli.md",
"source": "cna@vuldb.com"
},
"nodes": [
{
"url": "https://vuldb.com/?ctiid.281983",
"source": "cna@vuldb.com"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://vuldb.com/?id.281983",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.432234",
"source": "cna@vuldb.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:projectworlds:simple_web-based_chat_application:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FDF20687-0AD7-4A55-95AA-EC9E8B8BEBFA"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/jadu101/CVE/blob/main/project_worlds_simple_web_based_chat_app_index_sqli.md",
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.281983",
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.281983",
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.432234",
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

83
CVE-2024/CVE-2024-104xx/CVE-2024-10433.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-10433",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-28T00:15:03.370",
"lastModified": "2024-10-28T13:58:09.230",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-30T18:31:49.533",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -120,22 +140,55 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/jadu101/CVE/blob/main/project_worlds_simple_web_based_chat_app_index_xss.md",
"source": "cna@vuldb.com"
},
"nodes": [
{
"url": "https://vuldb.com/?ctiid.281984",
"source": "cna@vuldb.com"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://vuldb.com/?id.281984",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.432236",
"source": "cna@vuldb.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:projectworlds:simple_web-based_chat_application:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FDF20687-0AD7-4A55-95AA-EC9E8B8BEBFA"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/jadu101/CVE/blob/main/project_worlds_simple_web_based_chat_app_index_xss.md",
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.281984",
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.281984",
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.432236",
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

100
CVE-2024/CVE-2024-104xx/CVE-2024-10456.json Normal file
View File

@ -0,0 +1,100 @@
{
"id": "CVE-2024-10456",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2024-10-30T18:15:05.123",
"lastModified": "2024-10-30T18:15:05.123",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Delta Electronics InfraSuite Device Master versions prior to 1.0.12 are affected by a deserialization vulnerability that targets the Device-Gateway, which could allow deserialization of arbitrary .NET objects prior to authentication."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "HIGH",
"vulnerableSystemIntegrity": "HIGH",
"vulnerableSystemAvailability": "HIGH",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 9.3,
"baseSeverity": "CRITICAL"
}
}
],
"cvssMetricV31": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-303-03",
"source": "ics-cert@hq.dhs.gov"
}
]
}

27
CVE-2024/CVE-2024-217xx/CVE-2024-21722.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-21722",
"sourceIdentifier": "security@joomla.org",
"published": "2024-02-29T01:44:03.627",
"lastModified": "2024-02-29T13:49:29.390",
"lastModified": "2024-10-30T18:35:02.897",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "Las funciones de administraci\u00f3n de MFA no finalizaban correctamente las sesiones de usuario existentes cuando se modificaban los m\u00e9todos de MFA de un usuario."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "security@joomla.org",

14
CVE-2024/CVE-2024-221xx/CVE-2024-22105.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22105",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-02T16:15:03.877",
"lastModified": "2024-07-05T17:03:50.940",
"vulnStatus": "Analyzed",
"lastModified": "2024-10-30T18:35:03.223",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -49,6 +49,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-404"
}
]
}
],
"configurations": [

27
CVE-2024/CVE-2024-22xx/CVE-2024-2241.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-2241",
"sourceIdentifier": "security@devolutions.net",
"published": "2024-03-07T13:15:07.533",
"lastModified": "2024-03-07T13:52:27.110",
"lastModified": "2024-10-30T18:35:06.970",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "El control de acceso inadecuado en la interfaz de usuario en Devolutions Workspace 2024.1.0 y versiones anteriores permite que un usuario autenticado realice acciones no deseadas a trav\u00e9s de permisos espec\u00edficos"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
]
},
"references": [
{
"url": "https://devolutions.net/security/advisories/DEVO-2024-0003",

69
CVE-2024/CVE-2024-278xx/CVE-2024-27849.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-27849",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-10-28T21:15:04.093",
"lastModified": "2024-10-29T14:34:50.257",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-30T17:07:30.317",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,11 +15,68 @@
"value": "Se solucion\u00f3 un problema de privacidad mejorando la redacci\u00f3n de datos privados en las entradas de registro. Este problema se solucion\u00f3 en macOS Sequoia 15. Es posible que una aplicaci\u00f3n pueda leer informaci\u00f3n confidencial sobre la ubicaci\u00f3n."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://support.apple.com/en-us/121238",
"source": "product-security@apple.com"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-532"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.0",
"matchCriteriaId": "E8017C16-A17E-4AE7-9A0B-1295200A3A45"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/121238",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

14
CVE-2024/CVE-2024-278xx/CVE-2024-27853.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-27853",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-07-29T23:15:10.297",
"lastModified": "2024-08-12T15:13:14.897",
"vulnStatus": "Analyzed",
"lastModified": "2024-10-30T18:35:04.113",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -49,6 +49,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-290"
}
]
}
],
"configurations": [

14
CVE-2024/CVE-2024-301xx/CVE-2024-30112.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-30112",
"sourceIdentifier": "psirt@hcl.com",
"published": "2024-06-25T22:15:30.117",
"lastModified": "2024-06-26T12:44:29.693",
"lastModified": "2024-10-30T18:35:07.780",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0114148",

14
CVE-2024/CVE-2024-301xx/CVE-2024-30126.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-30126",
"sourceIdentifier": "psirt@hcl.com",
"published": "2024-07-18T20:15:03.967",
"lastModified": "2024-07-19T13:01:44.567",
"lastModified": "2024-10-30T17:35:02.160",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0113886",

39
CVE-2024/CVE-2024-308xx/CVE-2024-30807.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-30807",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-02T18:15:12.460",
"lastModified": "2024-04-02T20:31:58.463",
"lastModified": "2024-10-30T18:35:08.630",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Se descubri\u00f3 un problema en Bento4 v1.6.0-641-2-g1529b83. Hay un heap-use-after-free en AP4_UnknownAtom::~AP4_UnknownAtom en Ap4Atom.cpp, lo que provoca una denegaci\u00f3n de servicio (DoS), como lo demuestra mp42ts."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"references": [
{
"url": "https://github.com/axiomatic-systems/Bento4/issues/937",

39
CVE-2024/CVE-2024-308xx/CVE-2024-30885.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-30885",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-11T05:15:47.730",
"lastModified": "2024-04-11T12:47:44.137",
"lastModified": "2024-10-30T18:35:09.460",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Vulnerabilidad de cross-site scripting (XSS) reflejado en HadSky v7.6.3, permite a atacantes remotos ejecutar c\u00f3digo arbitrario y obtener informaci\u00f3n confidencial a trav\u00e9s del componente chklogin.php."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/Hebing123/cve/issues/29",

39
CVE-2024/CVE-2024-310xx/CVE-2024-31064.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-31064",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-28T19:15:49.057",
"lastModified": "2024-03-28T20:53:20.813",
"lastModified": "2024-10-30T17:35:03.070",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Vulnerabilidad de cross-site scripting en Insurance Mangement System v.1.0.0 y anteriores permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s del campo de entrada Nombre."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "http://insurance.com",

27
CVE-2024/CVE-2024-313xx/CVE-2024-31392.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-31392",
"sourceIdentifier": "security@mozilla.org",
"published": "2024-04-03T16:15:07.230",
"lastModified": "2024-04-03T17:24:18.150",
"lastModified": "2024-10-30T17:35:03.930",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "Si se agregaba un elemento inseguro a una p\u00e1gina despu\u00e9s de un retraso, Firefox no reemplazar\u00eda el \u00edcono seguro con un estado de seguridad de contenido mixto. Esta vulnerabilidad afecta a Firefox para iOS < 124."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1875925",

39
CVE-2024/CVE-2024-315xx/CVE-2024-31574.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-31574",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-25T17:15:49.853",
"lastModified": "2024-04-25T17:24:59.967",
"lastModified": "2024-10-30T17:35:04.123",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "La vulnerabilidad de Cross-Site Scripting en TWCMS v.2.6 permite a un atacante local ejecutar c\u00f3digo arbitrario a trav\u00e9s de un script manipulado."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/ysl1415926/cve/blob/main/CVE-2024-31574.md",

39
CVE-2024/CVE-2024-316xx/CVE-2024-31634.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-31634",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-16T04:15:08.463",
"lastModified": "2024-04-16T13:24:07.103",
"lastModified": "2024-10-30T17:35:04.907",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Vulnerabilidad de Cross Site Scripting (XSS) en Xunruicms versiones 4.6.3 y anteriores, permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s del archivo Security.php en el cat\u00e1logo \\XunRuiCMS\\dayrui\\Fcms\\Library."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/buchilajiao1/CVE/blob/main/xunruicms/xunruicms.md",

39
CVE-2024/CVE-2024-316xx/CVE-2024-31652.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-31652",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-15T21:15:07.637",
"lastModified": "2024-04-16T13:24:07.103",
"lastModified": "2024-10-30T17:35:05.700",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Cross-site scripting (XSS) en Cosmetics and Beauty Product Online Store v1.0 permite a los atacantes ejecutar scripts web o HTML arbitrario a trav\u00e9s de un payload manipulado inyectado en el par\u00e1metro de b\u00fasqueda."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/Mohitkumar0786/CVE/blob/main/CVE-2024-31652.md",

39
CVE-2024/CVE-2024-319xx/CVE-2024-31946.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-31946",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-15T19:15:02.503",
"lastModified": "2024-07-16T13:43:58.773",
"lastModified": "2024-10-30T17:35:06.460",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Se descubri\u00f3 un problema en Stormshield Network Security (SNS) 3.7.0 a 3.7.41, 3.10.0 a 3.11.29, 4.0 a 4.3.24 y 4.4.0 a 4.7.4. Un usuario que tiene acceso al SNS con acceso de escritura en la p\u00e1gina de alertas por correo electr\u00f3nico tiene la capacidad de crear correos electr\u00f3nicos de alerta que contienen JavaScript malicioso, ejecutado mediante la vista previa de la plantilla. Las siguientes versiones solucionan este problema: 3.7.42, 3.11.30, 4.3.25 y 4.7.5."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.6,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://advisories.stormshield.eu/2024-007",

14
CVE-2024/CVE-2024-319xx/CVE-2024-31955.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-31955",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-15T21:15:10.690",
"lastModified": "2024-10-16T16:38:14.557",
"lastModified": "2024-10-30T17:35:07.267",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-295"
}
]
}
],
"references": [
{
"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/",

21
CVE-2024/CVE-2024-319xx/CVE-2024-31972.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-31972",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-30T18:15:06.760",
"lastModified": "2024-10-30T18:15:06.760",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "EnGenius ESR580 A8J-EMR5000 devices allow a remote attacker to conduct stored XSS attacks that could lead to arbitrary JavaScript code execution (under the context of the user's session) via the Wi-Fi SSID input fields. Web scripts embedded into the vulnerable fields this way are executed immediately when a user logs into the admin page. This affects /admin/wifi/wlan1 and /admin/wifi/wlan_guest."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/actuator/cve/blob/main/Engenius/CVE-2024-31972",
"source": "cve@mitre.org"
}
]
}

21
CVE-2024/CVE-2024-319xx/CVE-2024-31973.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-31973",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-30T18:15:06.893",
"lastModified": "2024-10-30T18:15:06.893",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Hitron CODA-4582 2AHKM-CODA4589 7.2.4.5.1b8 devices allow a remote attacker within Wi-Fi proximity to conduct stored XSS attacks via the 'Network Name (SSID)' input fields to the /index.html#wireless_basic page."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/actuator/cve/blob/main/Hitron/CVE-2024-31973",
"source": "cve@mitre.org"
}
]
}

21
CVE-2024/CVE-2024-319xx/CVE-2024-31975.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-31975",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-30T18:15:06.967",
"lastModified": "2024-10-30T18:15:06.967",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "EnGenius ESR580 devices through 1.1.30 allow a remote attacker to conduct stored XSS attacks via the Wi-Fi SSID parameters. JavaScript embedded into a vulnerable field is executed when the user clicks the SSID field's corresponding EDIT button."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/actuator/cve/blob/main/Engenius/CVE-2024-31975",
"source": "cve@mitre.org"
}
]
}

21
CVE-2024/CVE-2024-360xx/CVE-2024-36060.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-36060",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-30T18:15:07.037",
"lastModified": "2024-10-30T18:15:07.037",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "EnGenius EnStation5-AC A8J-ENS500AC 1.0.0 devices allow blind OS command injection via shell metacharacters in the Ping and Speed Test parameters."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/actuator/cve/blob/main/Engenius/CVE-2024-36060",
"source": "cve@mitre.org"
}
]
}

21
CVE-2024/CVE-2024-375xx/CVE-2024-37573.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-37573",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-30T18:15:07.107",
"lastModified": "2024-10-30T18:15:07.107",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Talkatone com.talkatone.android application 8.4.6 for Android enables any installed application (with no permissions) to place phone calls without user interaction by sending a crafted intent via the com.talkatone.vedroid.ui.launcher.OutgoingCallInterceptor component."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/actuator/com.talkatone.android/blob/main/CVE-2024-37573",
"source": "cve@mitre.org"
}
]
}

70
CVE-2024/CVE-2024-408xx/CVE-2024-40853.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-40853",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-10-28T21:15:04.810",
"lastModified": "2024-10-29T20:35:25.610",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-10-30T17:08:42.157",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -39,10 +59,50 @@
}
]
},
"references": [
"weaknesses": [
{
"url": "https://support.apple.com/en-us/121250",
"source": "product-security@apple.com"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.0",
"matchCriteriaId": "ACD3B3B0-329C-413B-BDF7-6B1C6298846E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.0",
"matchCriteriaId": "2222A2EE-00FA-4019-8779-13B82A4F9DD0"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/121250",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

39
CVE-2024/CVE-2024-420xx/CVE-2024-42011.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-42011",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-28T21:15:05.043",
"lastModified": "2024-10-29T14:34:50.257",
"lastModified": "2024-10-30T18:35:10.283",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "La aplicaci\u00f3n Spotify 8.9.58 para iOS tiene un desbordamiento de b\u00fafer en el uso de strcat."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"references": [
{
"url": "https://community.spotify.com/t5/iOS-iPhone-iPad/Spotify-constantly-crashes-lags-and-heats-up-my-battery/td-p/6217537",

21
CVE-2024/CVE-2024-420xx/CVE-2024-42041.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-42041",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-30T18:15:07.223",
"lastModified": "2024-10-30T18:15:07.223",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The com.videodownload.browser.videodownloader (aka AppTool-Browser-Video All Video Downloader) application 20-30.05.24 for Android allows an attacker to execute arbitrary JavaScript code via the acr.browser.lightning.DefaultBrowserActivity component."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/actuator/com.videodownload.browser.videodownloader/blob/main/CVE-2024-42041",
"source": "cve@mitre.org"
}
]
}

72
CVE-2024/CVE-2024-441xx/CVE-2024-44175.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44175",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-10-28T21:15:05.737",
"lastModified": "2024-10-30T16:35:21.327",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-10-30T17:14:55.127",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-59"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -51,14 +81,40 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://support.apple.com/en-us/121238",
"source": "product-security@apple.com"
},
"nodes": [
{
"url": "https://support.apple.com/en-us/121570",
"source": "product-security@apple.com"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.7.1",
"matchCriteriaId": "20977171-B964-4F89-AF53-6136003EDDB2"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/121238",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121570",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

105
CVE-2024/CVE-2024-441xx/CVE-2024-44194.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44194",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-10-28T21:15:05.800",
"lastModified": "2024-10-29T14:34:50.257",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-30T17:16:24.380",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,19 +15,102 @@
"value": "Este problema se solucion\u00f3 con una redacci\u00f3n mejorada de informaci\u00f3n confidencial. Este problema se solucion\u00f3 en watchOS 11.1, visionOS 2.1, iOS 18.1 y iPadOS 18.1. Es posible que una aplicaci\u00f3n pueda acceder a datos confidenciales del usuario."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://support.apple.com/en-us/121563",
"source": "product-security@apple.com"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
{
"url": "https://support.apple.com/en-us/121565",
"source": "product-security@apple.com"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://support.apple.com/en-us/121566",
"source": "product-security@apple.com"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.1",
"matchCriteriaId": "1F64554D-9F90-4871-9A0B-FB28BD52F4B3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.1",
"matchCriteriaId": "B9A26654-0DDB-4D4D-BB1E-C65C3339148E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.1",
"matchCriteriaId": "15E4723D-CD2B-4486-A69C-27F843844A80"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.1",
"matchCriteriaId": "5DB9A303-7D3D-4167-9F28-64AA4B1EC0E1"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/121563",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121565",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121566",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

29
CVE-2024/CVE-2024-441xx/CVE-2024-44197.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44197",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-10-28T21:15:05.917",
"lastModified": "2024-10-29T14:34:50.257",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-30T18:35:11.603",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
@ -15,7 +15,30 @@
"value": "El problema se solucion\u00f3 mejorando el manejo de la memoria. Este problema se solucion\u00f3 en macOS Ventura 13.7.1 y macOS Sonoma 14.7.1. Una aplicaci\u00f3n malintencionada puede provocar una denegaci\u00f3n de servicio."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 2.7,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.2,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://support.apple.com/en-us/121568",

84
CVE-2024/CVE-2024-442xx/CVE-2024-44213.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44213",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-10-28T21:15:06.110",
"lastModified": "2024-10-29T14:34:50.257",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-30T17:19:38.887",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,15 +15,83 @@
"value": "Exist\u00eda un problema en el an\u00e1lisis de las URL. Este problema se solucion\u00f3 mejorando la validaci\u00f3n de entrada. Este problema se solucion\u00f3 en macOS Ventura 13.7.1 y macOS Sonoma 14.7.1. Un atacante en una posici\u00f3n privilegiada en la red podr\u00eda filtrar informaci\u00f3n confidencial del usuario."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://support.apple.com/en-us/121568",
"source": "product-security@apple.com"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://support.apple.com/en-us/121570",
"source": "product-security@apple.com"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.7.1",
"matchCriteriaId": "FA438ABE-99D4-49D3-A90A-959B8FDD4012"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.7.1",
"matchCriteriaId": "901D36FD-C5D9-428D-BE13-662AC380C9AE"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/121568",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121570",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

180
CVE-2024/CVE-2024-442xx/CVE-2024-44215.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44215",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-10-28T21:15:06.167",
"lastModified": "2024-10-29T14:34:50.257",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-30T17:22:44.883",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,35 +15,163 @@
"value": "Este problema se solucion\u00f3 con comprobaciones mejoradas. Este problema se solucion\u00f3 en tvOS 18.1, iOS 18.1 y iPadOS 18.1, iOS 17.7.1 y iPadOS 17.7.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1, watchOS 11.1 y visionOS 2.1. El procesamiento de una imagen puede provocar la divulgaci\u00f3n de la memoria del proceso."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://support.apple.com/en-us/121563",
"source": "product-security@apple.com"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
{
"url": "https://support.apple.com/en-us/121565",
"source": "product-security@apple.com"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://support.apple.com/en-us/121566",
"source": "product-security@apple.com"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://support.apple.com/en-us/121567",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/121568",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/121569",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/121570",
"source": "product-security@apple.com"
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.7.1",
"matchCriteriaId": "F42291CA-6AC4-4F11-AC23-B3FE25139483"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:18.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5B10D207-D2D8-465D-8A17-F77DC194BAA3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.7.1",
"matchCriteriaId": "468FFF6F-879C-4AF4-BC42-6A1AA30441C3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:18.0:*:*:*:*:*:*:*",
"matchCriteriaId": "53F54FA8-13B2-4E49-834B-F5465B074D76"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.7.1",
"matchCriteriaId": "FA438ABE-99D4-49D3-A90A-959B8FDD4012"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.7.1",
"matchCriteriaId": "901D36FD-C5D9-428D-BE13-662AC380C9AE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.1",
"matchCriteriaId": "5D57FCAE-9B33-4532-BC69-BC3D35719EDB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.1",
"matchCriteriaId": "15E4723D-CD2B-4486-A69C-27F843844A80"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.1",
"matchCriteriaId": "5DB9A303-7D3D-4167-9F28-64AA4B1EC0E1"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/121563",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121565",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121566",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121567",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121568",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121569",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121570",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

100
CVE-2024/CVE-2024-442xx/CVE-2024-44218.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44218",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-10-28T21:15:06.237",
"lastModified": "2024-10-29T20:35:27.533",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-10-30T17:24:01.703",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -51,18 +81,70 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://support.apple.com/en-us/121563",
"source": "product-security@apple.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.7.1",
"matchCriteriaId": "F42291CA-6AC4-4F11-AC23-B3FE25139483"
},
{
"url": "https://support.apple.com/en-us/121567",
"source": "product-security@apple.com"
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:18.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5B10D207-D2D8-465D-8A17-F77DC194BAA3"
},
{
"url": "https://support.apple.com/en-us/121570",
"source": "product-security@apple.com"
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.7.1",
"matchCriteriaId": "468FFF6F-879C-4AF4-BC42-6A1AA30441C3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:18.0:*:*:*:*:*:*:*",
"matchCriteriaId": "53F54FA8-13B2-4E49-834B-F5465B074D76"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.7.1",
"matchCriteriaId": "20977171-B964-4F89-AF53-6136003EDDB2"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/121563",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121567",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121570",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

77
CVE-2024/CVE-2024-442xx/CVE-2024-44222.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44222",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-10-28T21:15:06.297",
"lastModified": "2024-10-29T19:35:15.710",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-10-30T17:25:30.903",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-922"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -51,14 +81,47 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://support.apple.com/en-us/121568",
"source": "product-security@apple.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.7.1",
"matchCriteriaId": "FA438ABE-99D4-49D3-A90A-959B8FDD4012"
},
{
"url": "https://support.apple.com/en-us/121570",
"source": "product-security@apple.com"
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.7.1",
"matchCriteriaId": "901D36FD-C5D9-428D-BE13-662AC380C9AE"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/121568",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121570",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

77
CVE-2024/CVE-2024-442xx/CVE-2024-44236.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44236",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-10-28T21:15:06.520",
"lastModified": "2024-10-29T21:35:15.290",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-10-30T17:28:52.077",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -51,14 +81,47 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://support.apple.com/en-us/121568",
"source": "product-security@apple.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.7.1",
"matchCriteriaId": "FA438ABE-99D4-49D3-A90A-959B8FDD4012"
},
{
"url": "https://support.apple.com/en-us/121570",
"source": "product-security@apple.com"
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.7.1",
"matchCriteriaId": "901D36FD-C5D9-428D-BE13-662AC380C9AE"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/121568",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121570",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

180
CVE-2024/CVE-2024-442xx/CVE-2024-44239.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44239",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-10-28T21:15:06.580",
"lastModified": "2024-10-29T14:34:50.257",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-30T17:30:13.147",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,35 +15,163 @@
"value": "Se solucion\u00f3 un problema de divulgaci\u00f3n de informaci\u00f3n con una mejor redacci\u00f3n de datos privados para las entradas de registro. Este problema se solucion\u00f3 en tvOS 18.1, iOS 18.1 y iPadOS 18.1, iOS 17.7.1 y iPadOS 17.7.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1, watchOS 11.1 y visionOS 2.1. Es posible que una aplicaci\u00f3n filtre informaci\u00f3n confidencial del estado del kernel."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://support.apple.com/en-us/121563",
"source": "product-security@apple.com"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
{
"url": "https://support.apple.com/en-us/121565",
"source": "product-security@apple.com"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://support.apple.com/en-us/121566",
"source": "product-security@apple.com"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://support.apple.com/en-us/121567",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/121568",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/121569",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/121570",
"source": "product-security@apple.com"
"lang": "en",
"value": "CWE-532"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.7.1",
"matchCriteriaId": "F42291CA-6AC4-4F11-AC23-B3FE25139483"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:18.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5B10D207-D2D8-465D-8A17-F77DC194BAA3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.7.1",
"matchCriteriaId": "468FFF6F-879C-4AF4-BC42-6A1AA30441C3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:18.0:*:*:*:*:*:*:*",
"matchCriteriaId": "53F54FA8-13B2-4E49-834B-F5465B074D76"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.7.1",
"matchCriteriaId": "FA438ABE-99D4-49D3-A90A-959B8FDD4012"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.7.1",
"matchCriteriaId": "901D36FD-C5D9-428D-BE13-662AC380C9AE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.1",
"matchCriteriaId": "5D57FCAE-9B33-4532-BC69-BC3D35719EDB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.1",
"matchCriteriaId": "15E4723D-CD2B-4486-A69C-27F843844A80"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.1",
"matchCriteriaId": "5DB9A303-7D3D-4167-9F28-64AA4B1EC0E1"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/121563",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121565",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121566",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121567",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121568",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121569",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121570",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

151
CVE-2024/CVE-2024-442xx/CVE-2024-44244.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44244",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-10-28T21:15:06.637",
"lastModified": "2024-10-29T23:15:03.547",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-10-30T17:31:35.970",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,31 +15,138 @@
"value": "Se solucion\u00f3 un problema de corrupci\u00f3n de memoria con una validaci\u00f3n de entrada mejorada. Este problema se solucion\u00f3 en iOS 18.1 y iPadOS 18.1, watchOS 11.1, visionOS 2.1 y tvOS 18.1. El procesamiento de contenido web manipulado con fines malintencionados puede provocar un bloqueo inesperado del proceso."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://support.apple.com/en-us/121563",
"source": "product-security@apple.com"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
{
"url": "https://support.apple.com/en-us/121564",
"source": "product-security@apple.com"
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"url": "https://support.apple.com/en-us/121565",
"source": "product-security@apple.com"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://support.apple.com/en-us/121566",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/121569",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/121571",
"source": "product-security@apple.com"
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.1",
"matchCriteriaId": "1F64554D-9F90-4871-9A0B-FB28BD52F4B3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.1",
"matchCriteriaId": "B9A26654-0DDB-4D4D-BB1E-C65C3339148E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.1",
"matchCriteriaId": "1D298E1D-DD23-4D35-9DE4-E3F5999F97AA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:safari:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.1",
"matchCriteriaId": "8B754D7C-3FF7-4275-9C5B-4DCECFACD491"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.1",
"matchCriteriaId": "5D57FCAE-9B33-4532-BC69-BC3D35719EDB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.1",
"matchCriteriaId": "15E4723D-CD2B-4486-A69C-27F843844A80"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.1",
"matchCriteriaId": "5DB9A303-7D3D-4167-9F28-64AA4B1EC0E1"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/121563",
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121564",
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121565",
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121566",
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121569",
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121571",
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
}
]
}

112
CVE-2024/CVE-2024-442xx/CVE-2024-44247.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44247",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-10-28T21:15:06.697",
"lastModified": "2024-10-29T14:34:04.427",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-30T17:49:05.693",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,15 +15,111 @@
"value": "El problema se solucion\u00f3 con comprobaciones mejoradas. Este problema se solucion\u00f3 en macOS Ventura 13.7.1 y macOS Sonoma 14.7.1. Una aplicaci\u00f3n malintencionada podr\u00eda modificar partes protegidas del sistema de archivos."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://support.apple.com/en-us/121568",
"source": "product-security@apple.com"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"url": "https://support.apple.com/en-us/121570",
"source": "product-security@apple.com"
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.7.1",
"matchCriteriaId": "FA438ABE-99D4-49D3-A90A-959B8FDD4012"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.7.1",
"matchCriteriaId": "901D36FD-C5D9-428D-BE13-662AC380C9AE"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/121568",
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121570",
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
}
]
}

94
CVE-2024/CVE-2024-442xx/CVE-2024-44251.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44251",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-10-28T21:15:06.757",
"lastModified": "2024-10-29T14:34:04.427",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-30T18:35:11.887",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -15,11 +15,93 @@
"value": "Este problema se solucion\u00f3 mediante una mejor gesti\u00f3n del estado. Este problema se solucion\u00f3 en iOS 18.1 y iPadOS 18.1. Un atacante podr\u00eda ver contenido restringido desde la pantalla de bloqueo."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://support.apple.com/en-us/121563",
"source": "product-security@apple.com"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.4,
"baseSeverity": "LOW"
},
"exploitabilityScore": 0.9,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.1",
"matchCriteriaId": "1F64554D-9F90-4871-9A0B-FB28BD52F4B3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.1",
"matchCriteriaId": "B9A26654-0DDB-4D4D-BB1E-C65C3339148E"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/121563",
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
}
]
}

129
CVE-2024/CVE-2024-442xx/CVE-2024-44252.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44252",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-10-28T21:15:06.813",
"lastModified": "2024-10-29T14:34:04.427",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-30T18:11:48.300",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,23 +15,124 @@
"value": "Se solucion\u00f3 un problema de l\u00f3gica mejorando el manejo de archivos. Este problema se solucion\u00f3 en iOS 18.1 y iPadOS 18.1, iOS 17.7.1 y iPadOS 17.7.1, visionOS 2.1 y tvOS 18.1. Restaurar un archivo de copia de seguridad manipulado con fines malintencionados puede provocar la modificaci\u00f3n de archivos de sistema protegidos."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://support.apple.com/en-us/121563",
"source": "product-security@apple.com"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
{
"url": "https://support.apple.com/en-us/121566",
"source": "product-security@apple.com"
"exploitabilityScore": 1.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"url": "https://support.apple.com/en-us/121567",
"source": "product-security@apple.com"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://support.apple.com/en-us/121569",
"source": "product-security@apple.com"
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.7.1",
"matchCriteriaId": "F42291CA-6AC4-4F11-AC23-B3FE25139483"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartIncluding": "18.0",
"versionEndExcluding": "18.1",
"matchCriteriaId": "C1AEAF56-49F9-4F1F-993C-97ECD7BDA012"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.7.1",
"matchCriteriaId": "468FFF6F-879C-4AF4-BC42-6A1AA30441C3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "18.0",
"versionEndExcluding": "18.1",
"matchCriteriaId": "748B3415-F0B7-4677-B6C7-3EC7CFA8CCA5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.1",
"matchCriteriaId": "5D57FCAE-9B33-4532-BC69-BC3D35719EDB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.1",
"matchCriteriaId": "15E4723D-CD2B-4486-A69C-27F843844A80"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/121563",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121566",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121567",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121569",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

84
CVE-2024/CVE-2024-442xx/CVE-2024-44253.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44253",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-10-28T21:15:06.870",
"lastModified": "2024-10-29T14:34:04.427",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-30T18:14:05.540",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,15 +15,83 @@
"value": "El problema se solucion\u00f3 con comprobaciones mejoradas. Este problema se solucion\u00f3 en macOS Ventura 13.7.1 y macOS Sonoma 14.7.1. Es posible que una aplicaci\u00f3n pueda modificar partes protegidas del sistema de archivos."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://support.apple.com/en-us/121568",
"source": "product-security@apple.com"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://support.apple.com/en-us/121570",
"source": "product-security@apple.com"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.7.1",
"matchCriteriaId": "FA438ABE-99D4-49D3-A90A-959B8FDD4012"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.7.1",
"matchCriteriaId": "901D36FD-C5D9-428D-BE13-662AC380C9AE"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/121568",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121570",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

122
CVE-2024/CVE-2024-442xx/CVE-2024-44254.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44254",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-10-28T21:15:06.933",
"lastModified": "2024-10-29T14:34:04.427",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-30T18:20:42.880",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,23 +15,117 @@
"value": "Este problema se solucion\u00f3 con una redacci\u00f3n mejorada de informaci\u00f3n confidencial. Este problema se solucion\u00f3 en watchOS 11.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1, iOS 18.1 y iPadOS 18.1. Es posible que una aplicaci\u00f3n pueda acceder a datos confidenciales del usuario."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://support.apple.com/en-us/121563",
"source": "product-security@apple.com"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
{
"url": "https://support.apple.com/en-us/121565",
"source": "product-security@apple.com"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://support.apple.com/en-us/121568",
"source": "product-security@apple.com"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://support.apple.com/en-us/121570",
"source": "product-security@apple.com"
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.1",
"matchCriteriaId": "1F64554D-9F90-4871-9A0B-FB28BD52F4B3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.1",
"matchCriteriaId": "B9A26654-0DDB-4D4D-BB1E-C65C3339148E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.7.1",
"matchCriteriaId": "FA438ABE-99D4-49D3-A90A-959B8FDD4012"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.7.1",
"matchCriteriaId": "901D36FD-C5D9-428D-BE13-662AC380C9AE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.1",
"matchCriteriaId": "5DB9A303-7D3D-4167-9F28-64AA4B1EC0E1"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/121563",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121565",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121568",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121570",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

133
CVE-2024/CVE-2024-442xx/CVE-2024-44255.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44255",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-10-28T21:15:07.003",
"lastModified": "2024-10-30T16:35:24.113",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-10-30T18:26:03.767",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -51,30 +81,103 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://support.apple.com/en-us/121563",
"source": "product-security@apple.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.1",
"matchCriteriaId": "1F64554D-9F90-4871-9A0B-FB28BD52F4B3"
},
{
"url": "https://support.apple.com/en-us/121565",
"source": "product-security@apple.com"
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.1",
"matchCriteriaId": "B9A26654-0DDB-4D4D-BB1E-C65C3339148E"
},
{
"url": "https://support.apple.com/en-us/121566",
"source": "product-security@apple.com"
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.7.1",
"matchCriteriaId": "FA438ABE-99D4-49D3-A90A-959B8FDD4012"
},
{
"url": "https://support.apple.com/en-us/121568",
"source": "product-security@apple.com"
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.7.1",
"matchCriteriaId": "901D36FD-C5D9-428D-BE13-662AC380C9AE"
},
{
"url": "https://support.apple.com/en-us/121569",
"source": "product-security@apple.com"
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.1",
"matchCriteriaId": "5D57FCAE-9B33-4532-BC69-BC3D35719EDB"
},
{
"url": "https://support.apple.com/en-us/121570",
"source": "product-security@apple.com"
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.1",
"matchCriteriaId": "15E4723D-CD2B-4486-A69C-27F843844A80"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.1",
"matchCriteriaId": "5DB9A303-7D3D-4167-9F28-64AA4B1EC0E1"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/121563",
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121565",
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121566",
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121568",
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121569",
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121570",
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
}
]
}

129
CVE-2024/CVE-2024-442xx/CVE-2024-44258.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44258",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-10-28T21:15:07.083",
"lastModified": "2024-10-29T14:34:04.427",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-30T18:28:24.490",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,23 +15,124 @@
"value": "Este problema se solucion\u00f3 con un manejo mejorado de los enlaces simb\u00f3licos. Este problema se solucion\u00f3 en iOS 18.1 y iPadOS 18.1, iOS 17.7.1 y iPadOS 17.7.1, visionOS 2.1 y tvOS 18.1. Restaurar un archivo de copia de seguridad manipulado con fines malintencionados puede provocar la modificaci\u00f3n de archivos de sistema protegidos."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://support.apple.com/en-us/121563",
"source": "product-security@apple.com"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
{
"url": "https://support.apple.com/en-us/121566",
"source": "product-security@apple.com"
"exploitabilityScore": 1.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"url": "https://support.apple.com/en-us/121567",
"source": "product-security@apple.com"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://support.apple.com/en-us/121569",
"source": "product-security@apple.com"
"lang": "en",
"value": "CWE-59"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.7.1",
"matchCriteriaId": "F42291CA-6AC4-4F11-AC23-B3FE25139483"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartIncluding": "18.0",
"versionEndExcluding": "18.1",
"matchCriteriaId": "C1AEAF56-49F9-4F1F-993C-97ECD7BDA012"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.7.1",
"matchCriteriaId": "468FFF6F-879C-4AF4-BC42-6A1AA30441C3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "18.0",
"versionEndExcluding": "18.1",
"matchCriteriaId": "748B3415-F0B7-4677-B6C7-3EC7CFA8CCA5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.1",
"matchCriteriaId": "5D57FCAE-9B33-4532-BC69-BC3D35719EDB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.1",
"matchCriteriaId": "15E4723D-CD2B-4486-A69C-27F843844A80"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/121563",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121566",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121567",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121569",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

69
CVE-2024/CVE-2024-442xx/CVE-2024-44262.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44262",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-10-28T21:15:07.277",
"lastModified": "2024-10-29T14:34:04.427",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-30T18:34:09.203",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,11 +15,68 @@
"value": "Este problema se solucion\u00f3 mejorando la redacci\u00f3n de informaci\u00f3n confidencial. Este problema se solucion\u00f3 en visionOS 2.1. Un usuario puede ver informaci\u00f3n confidencial del usuario."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://support.apple.com/en-us/121566",
"source": "product-security@apple.com"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.1",
"matchCriteriaId": "15E4723D-CD2B-4486-A69C-27F843844A80"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/121566",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

112
CVE-2024/CVE-2024-442xx/CVE-2024-44264.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44264",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-10-28T21:15:07.393",
"lastModified": "2024-10-29T14:34:04.427",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-30T18:37:01.203",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,15 +15,111 @@
"value": "Este problema se solucion\u00f3 con una validaci\u00f3n mejorada de los enlaces simb\u00f3licos. Este problema se solucion\u00f3 en macOS Ventura 13.7.1 y macOS Sonoma 14.7.1. Una aplicaci\u00f3n malintencionada podr\u00eda crear enlaces simb\u00f3licos a regiones protegidas del disco."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://support.apple.com/en-us/121568",
"source": "product-security@apple.com"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"url": "https://support.apple.com/en-us/121570",
"source": "product-security@apple.com"
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-59"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-59"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.7.1",
"matchCriteriaId": "FA438ABE-99D4-49D3-A90A-959B8FDD4012"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.7.1",
"matchCriteriaId": "901D36FD-C5D9-428D-BE13-662AC380C9AE"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/121568",
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121570",
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
}
]
}

84
CVE-2024/CVE-2024-442xx/CVE-2024-44265.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44265",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-10-28T21:15:07.457",
"lastModified": "2024-10-29T14:34:04.427",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-30T18:38:43.420",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,15 +15,83 @@
"value": "El problema se solucion\u00f3 restringiendo las opciones ofrecidas en un dispositivo bloqueado. Este problema se solucion\u00f3 en macOS Ventura 13.7.1 y macOS Sonoma 14.7.1. Un atacante con acceso f\u00edsico puede introducir eventos del controlador de juego en aplicaciones que se ejecutan en un dispositivo bloqueado."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://support.apple.com/en-us/121568",
"source": "product-security@apple.com"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 2.4,
"baseSeverity": "LOW"
},
"exploitabilityScore": 0.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"url": "https://support.apple.com/en-us/121570",
"source": "product-security@apple.com"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.7.1",
"matchCriteriaId": "FA438ABE-99D4-49D3-A90A-959B8FDD4012"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.7.1",
"matchCriteriaId": "901D36FD-C5D9-428D-BE13-662AC380C9AE"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/121568",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121570",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

81
CVE-2024/CVE-2024-442xx/CVE-2024-44267.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44267",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-10-28T21:15:07.513",
"lastModified": "2024-10-30T16:35:26.040",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-10-30T18:39:55.167",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -39,14 +59,59 @@
}
]
},
"references": [
"weaknesses": [
{
"url": "https://support.apple.com/en-us/121568",
"source": "product-security@apple.com"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://support.apple.com/en-us/121570",
"source": "product-security@apple.com"
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.7.1",
"matchCriteriaId": "FA438ABE-99D4-49D3-A90A-959B8FDD4012"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.7.1",
"matchCriteriaId": "901D36FD-C5D9-428D-BE13-662AC380C9AE"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/121568",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121570",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

166
CVE-2024/CVE-2024-442xx/CVE-2024-44269.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44269",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-10-28T21:15:07.577",
"lastModified": "2024-10-29T14:34:04.427",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-30T18:41:01.060",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,31 +15,153 @@
"value": "Se solucion\u00f3 un problema de l\u00f3gica con comprobaciones mejoradas. Este problema se solucion\u00f3 en iOS 18.1 y iPadOS 18.1, iOS 17.7.1 y iPadOS 17.7.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1, watchOS 11.1 y visionOS 2.1. Una aplicaci\u00f3n maliciosa puede usar accesos directos para acceder a archivos restringidos."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://support.apple.com/en-us/121563",
"source": "product-security@apple.com"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
{
"url": "https://support.apple.com/en-us/121565",
"source": "product-security@apple.com"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://support.apple.com/en-us/121566",
"source": "product-security@apple.com"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://support.apple.com/en-us/121567",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/121568",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/121570",
"source": "product-security@apple.com"
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.7.1",
"matchCriteriaId": "F42291CA-6AC4-4F11-AC23-B3FE25139483"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartIncluding": "18.0",
"versionEndExcluding": "18.1",
"matchCriteriaId": "C1AEAF56-49F9-4F1F-993C-97ECD7BDA012"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.7.1",
"matchCriteriaId": "468FFF6F-879C-4AF4-BC42-6A1AA30441C3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "18.0",
"versionEndExcluding": "18.1",
"matchCriteriaId": "748B3415-F0B7-4677-B6C7-3EC7CFA8CCA5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.7.1",
"matchCriteriaId": "FA438ABE-99D4-49D3-A90A-959B8FDD4012"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.7.1",
"matchCriteriaId": "901D36FD-C5D9-428D-BE13-662AC380C9AE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.1",
"matchCriteriaId": "15E4723D-CD2B-4486-A69C-27F843844A80"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.1",
"matchCriteriaId": "5DB9A303-7D3D-4167-9F28-64AA4B1EC0E1"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/121563",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121565",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121566",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121567",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121568",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121570",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

77
CVE-2024/CVE-2024-442xx/CVE-2024-44270.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44270",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-10-28T21:15:07.667",
"lastModified": "2024-10-30T16:35:26.390",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-10-30T18:44:35.083",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -51,14 +81,47 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://support.apple.com/en-us/121568",
"source": "product-security@apple.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.7.1",
"matchCriteriaId": "FA438ABE-99D4-49D3-A90A-959B8FDD4012"
},
{
"url": "https://support.apple.com/en-us/121570",
"source": "product-security@apple.com"
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.7.1",
"matchCriteriaId": "901D36FD-C5D9-428D-BE13-662AC380C9AE"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/121568",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121570",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

134
CVE-2024/CVE-2024-442xx/CVE-2024-44273.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44273",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-10-28T21:15:07.737",
"lastModified": "2024-10-29T14:34:04.427",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-30T18:45:10.080",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,27 +15,125 @@
"value": "Este problema se solucion\u00f3 con un manejo mejorado de los enlaces simb\u00f3licos. Este problema se solucion\u00f3 en iOS 18.1 y iPadOS 18.1, visionOS 2.1, macOS Sonoma 14.7.1, watchOS 11.1 y tvOS 18.1. Una aplicaci\u00f3n maliciosa podr\u00eda tener acceso a informaci\u00f3n privada."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://support.apple.com/en-us/121563",
"source": "product-security@apple.com"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
{
"url": "https://support.apple.com/en-us/121565",
"source": "product-security@apple.com"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://support.apple.com/en-us/121566",
"source": "product-security@apple.com"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://support.apple.com/en-us/121569",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/121570",
"source": "product-security@apple.com"
"lang": "en",
"value": "CWE-59"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.1",
"matchCriteriaId": "1F64554D-9F90-4871-9A0B-FB28BD52F4B3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.1",
"matchCriteriaId": "B9A26654-0DDB-4D4D-BB1E-C65C3339148E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.7.1",
"matchCriteriaId": "20977171-B964-4F89-AF53-6136003EDDB2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.1",
"matchCriteriaId": "5D57FCAE-9B33-4532-BC69-BC3D35719EDB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.1",
"matchCriteriaId": "15E4723D-CD2B-4486-A69C-27F843844A80"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.1",
"matchCriteriaId": "5DB9A303-7D3D-4167-9F28-64AA4B1EC0E1"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/121563",
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121565",
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121566",
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121569",
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121570",
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
}
]
}

110
CVE-2024/CVE-2024-442xx/CVE-2024-44274.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44274",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-10-28T21:15:07.807",
"lastModified": "2024-10-29T14:34:04.427",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-30T18:46:02.053",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,19 +15,107 @@
"value": "El problema se solucion\u00f3 con una autenticaci\u00f3n mejorada. Este problema se solucion\u00f3 en iOS 17.7.1 y iPadOS 17.7.1, watchOS 11.1, iOS 18.1 y iPadOS 18.1. Un atacante con acceso f\u00edsico a un dispositivo bloqueado podr\u00eda ver informaci\u00f3n confidencial del usuario."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://support.apple.com/en-us/121563",
"source": "product-security@apple.com"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM"
},
{
"url": "https://support.apple.com/en-us/121565",
"source": "product-security@apple.com"
"exploitabilityScore": 0.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://support.apple.com/en-us/121567",
"source": "product-security@apple.com"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.7.1",
"matchCriteriaId": "F42291CA-6AC4-4F11-AC23-B3FE25139483"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartIncluding": "18.0",
"versionEndExcluding": "18.1",
"matchCriteriaId": "C1AEAF56-49F9-4F1F-993C-97ECD7BDA012"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.7.1",
"matchCriteriaId": "468FFF6F-879C-4AF4-BC42-6A1AA30441C3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "18.0",
"versionEndExcluding": "18.1",
"matchCriteriaId": "748B3415-F0B7-4677-B6C7-3EC7CFA8CCA5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.1",
"matchCriteriaId": "5DB9A303-7D3D-4167-9F28-64AA4B1EC0E1"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/121563",
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121565",
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121567",
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
}
]
}

84
CVE-2024/CVE-2024-442xx/CVE-2024-44281.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44281",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-10-28T21:15:08.263",
"lastModified": "2024-10-29T14:34:04.427",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-30T18:46:38.580",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,15 +15,83 @@
"value": "Se solucion\u00f3 un problema de lectura fuera de los l\u00edmites con una validaci\u00f3n de entrada mejorada. Este problema se solucion\u00f3 en macOS Ventura 13.7.1 y macOS Sonoma 14.7.1. El an\u00e1lisis de un archivo puede provocar la divulgaci\u00f3n de informaci\u00f3n del usuario."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://support.apple.com/en-us/121568",
"source": "product-security@apple.com"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://support.apple.com/en-us/121570",
"source": "product-security@apple.com"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.7.1",
"matchCriteriaId": "FA438ABE-99D4-49D3-A90A-959B8FDD4012"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.7.1",
"matchCriteriaId": "901D36FD-C5D9-428D-BE13-662AC380C9AE"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/121568",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121570",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

161
CVE-2024/CVE-2024-442xx/CVE-2024-44282.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44282",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-10-28T21:15:08.340",
"lastModified": "2024-10-29T21:35:17.953",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-10-30T18:47:21.447",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -51,34 +81,131 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://support.apple.com/en-us/121563",
"source": "product-security@apple.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.7.1",
"matchCriteriaId": "F42291CA-6AC4-4F11-AC23-B3FE25139483"
},
{
"url": "https://support.apple.com/en-us/121565",
"source": "product-security@apple.com"
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartIncluding": "18.0",
"versionEndExcluding": "18.1",
"matchCriteriaId": "C1AEAF56-49F9-4F1F-993C-97ECD7BDA012"
},
{
"url": "https://support.apple.com/en-us/121566",
"source": "product-security@apple.com"
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.7.1",
"matchCriteriaId": "468FFF6F-879C-4AF4-BC42-6A1AA30441C3"
},
{
"url": "https://support.apple.com/en-us/121567",
"source": "product-security@apple.com"
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "18.0",
"versionEndExcluding": "18.1",
"matchCriteriaId": "748B3415-F0B7-4677-B6C7-3EC7CFA8CCA5"
},
{
"url": "https://support.apple.com/en-us/121568",
"source": "product-security@apple.com"
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.7.1",
"matchCriteriaId": "FA438ABE-99D4-49D3-A90A-959B8FDD4012"
},
{
"url": "https://support.apple.com/en-us/121569",
"source": "product-security@apple.com"
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.7.1",
"matchCriteriaId": "901D36FD-C5D9-428D-BE13-662AC380C9AE"
},
{
"url": "https://support.apple.com/en-us/121570",
"source": "product-security@apple.com"
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.1",
"matchCriteriaId": "5D57FCAE-9B33-4532-BC69-BC3D35719EDB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.1",
"matchCriteriaId": "15E4723D-CD2B-4486-A69C-27F843844A80"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.1",
"matchCriteriaId": "5DB9A303-7D3D-4167-9F28-64AA4B1EC0E1"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/121563",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121565",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121566",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121567",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121568",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121569",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121570",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

77
CVE-2024/CVE-2024-442xx/CVE-2024-44284.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44284",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-10-28T21:15:08.450",
"lastModified": "2024-10-29T21:35:20.070",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-10-30T18:48:11.557",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -51,14 +81,47 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://support.apple.com/en-us/121568",
"source": "product-security@apple.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.7.1",
"matchCriteriaId": "FA438ABE-99D4-49D3-A90A-959B8FDD4012"
},
{
"url": "https://support.apple.com/en-us/121570",
"source": "product-security@apple.com"
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.7.1",
"matchCriteriaId": "901D36FD-C5D9-428D-BE13-662AC380C9AE"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/121568",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121570",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

112
CVE-2024/CVE-2024-442xx/CVE-2024-44285.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44285",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-10-28T21:15:08.520",
"lastModified": "2024-10-30T14:35:12.353",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-10-30T18:48:49.837",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -51,22 +81,82 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://support.apple.com/en-us/121563",
"source": "product-security@apple.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartIncluding": "18.0",
"versionEndExcluding": "18.1",
"matchCriteriaId": "C1AEAF56-49F9-4F1F-993C-97ECD7BDA012"
},
{
"url": "https://support.apple.com/en-us/121565",
"source": "product-security@apple.com"
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "18.0",
"versionEndExcluding": "18.1",
"matchCriteriaId": "748B3415-F0B7-4677-B6C7-3EC7CFA8CCA5"
},
{
"url": "https://support.apple.com/en-us/121566",
"source": "product-security@apple.com"
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.1",
"matchCriteriaId": "5D57FCAE-9B33-4532-BC69-BC3D35719EDB"
},
{
"url": "https://support.apple.com/en-us/121569",
"source": "product-security@apple.com"
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.1",
"matchCriteriaId": "15E4723D-CD2B-4486-A69C-27F843844A80"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.1",
"matchCriteriaId": "5DB9A303-7D3D-4167-9F28-64AA4B1EC0E1"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/121563",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121565",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121566",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121569",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

84
CVE-2024/CVE-2024-442xx/CVE-2024-44287.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44287",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-10-28T21:15:08.600",
"lastModified": "2024-10-29T14:34:04.427",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-30T18:49:43.793",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,15 +15,83 @@
"value": "El problema se solucion\u00f3 con comprobaciones mejoradas. Este problema se solucion\u00f3 en macOS Ventura 13.7.1 y macOS Sonoma 14.7.1. Una aplicaci\u00f3n malintencionada podr\u00eda modificar partes protegidas del sistema de archivos."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://support.apple.com/en-us/121568",
"source": "product-security@apple.com"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://support.apple.com/en-us/121570",
"source": "product-security@apple.com"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.7.1",
"matchCriteriaId": "FA438ABE-99D4-49D3-A90A-959B8FDD4012"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.7.1",
"matchCriteriaId": "901D36FD-C5D9-428D-BE13-662AC380C9AE"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/121568",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121570",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

180
CVE-2024/CVE-2024-443xx/CVE-2024-44302.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-44302",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-10-28T21:15:09.040",
"lastModified": "2024-10-29T14:34:04.427",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-30T17:49:53.193",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,35 +15,163 @@
"value": "El problema se solucion\u00f3 con comprobaciones mejoradas. Este problema se solucion\u00f3 en tvOS 18.1, iOS 18.1 y iPadOS 18.1, iOS 17.7.1 y iPadOS 17.7.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1, watchOS 11.1 y visionOS 2.1. El procesamiento de una fuente manipulada con fines malintencionados puede provocar la divulgaci\u00f3n de la memoria del proceso."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://support.apple.com/en-us/121563",
"source": "product-security@apple.com"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
{
"url": "https://support.apple.com/en-us/121565",
"source": "product-security@apple.com"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://support.apple.com/en-us/121566",
"source": "product-security@apple.com"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://support.apple.com/en-us/121567",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/121568",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/121569",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/121570",
"source": "product-security@apple.com"
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.7.1",
"matchCriteriaId": "F42291CA-6AC4-4F11-AC23-B3FE25139483"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:18.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5B10D207-D2D8-465D-8A17-F77DC194BAA3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.7.1",
"matchCriteriaId": "468FFF6F-879C-4AF4-BC42-6A1AA30441C3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:18.0:*:*:*:*:*:*:*",
"matchCriteriaId": "53F54FA8-13B2-4E49-834B-F5465B074D76"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.7.1",
"matchCriteriaId": "FA438ABE-99D4-49D3-A90A-959B8FDD4012"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.7.1",
"matchCriteriaId": "901D36FD-C5D9-428D-BE13-662AC380C9AE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.1",
"matchCriteriaId": "5D57FCAE-9B33-4532-BC69-BC3D35719EDB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.1",
"matchCriteriaId": "15E4723D-CD2B-4486-A69C-27F843844A80"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.1",
"matchCriteriaId": "5DB9A303-7D3D-4167-9F28-64AA4B1EC0E1"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/121563",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121565",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121566",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121567",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121568",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121569",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/121570",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

14
CVE-2024/CVE-2024-452xx/CVE-2024-45230.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-45230",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-08T16:15:11.903",
"lastModified": "2024-10-19T00:53:40.757",
"vulnStatus": "Analyzed",
"lastModified": "2024-10-30T17:35:09.360",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -49,6 +49,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [

14
CVE-2024/CVE-2024-452xx/CVE-2024-45231.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-45231",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-08T16:15:11.997",
"lastModified": "2024-10-19T00:56:42.883",
"vulnStatus": "Analyzed",
"lastModified": "2024-10-30T17:35:10.147",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -49,6 +49,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-203"
}
]
}
],
"configurations": [

63
CVE-2024/CVE-2024-470xx/CVE-2024-47063.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-47063",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-09-30T15:15:06.293",
"lastModified": "2024-10-04T13:51:25.567",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-30T18:24:21.000",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -59,6 +59,28 @@
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
@ -73,14 +95,39 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/cvat-ai/cvat/commit/75c3d573bc9468b718f53b442c2ef69ad1d5de12",
"source": "security-advisories@github.com"
},
"nodes": [
{
"url": "https://github.com/cvat-ai/cvat/security/advisories/GHSA-2c85-39cc-2px9",
"source": "security-advisories@github.com"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cvat:computer_vision_annotation_tool:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.4.7",
"versionEndExcluding": "2.19.0",
"matchCriteriaId": "E4E9C155-897E-4E2A-B68B-E5BABE11F235"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/cvat-ai/cvat/commit/75c3d573bc9468b718f53b442c2ef69ad1d5de12",
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/cvat-ai/cvat/security/advisories/GHSA-2c85-39cc-2px9",
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}
]
}

63
CVE-2024/CVE-2024-470xx/CVE-2024-47064.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-47064",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-09-30T15:15:06.413",
"lastModified": "2024-10-04T13:51:25.567",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-30T18:23:17.020",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -59,6 +59,28 @@
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
@ -77,14 +99,39 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/cvat-ai/cvat/commit/0bf45fd5de08a652dffbfb517318a64c2fdbc5cf",
"source": "security-advisories@github.com"
},
"nodes": [
{
"url": "https://github.com/cvat-ai/cvat/security/advisories/GHSA-hp6c-f34j-qjj7",
"source": "security-advisories@github.com"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cvat:computer_vision_annotation_tool:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.16.0",
"versionEndExcluding": "2.19.0",
"matchCriteriaId": "0F7CC823-C8C1-4D43-918A-C22129D0B862"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/cvat-ai/cvat/commit/0bf45fd5de08a652dffbfb517318a64c2fdbc5cf",
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/cvat-ai/cvat/security/advisories/GHSA-hp6c-f34j-qjj7",
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}
]
}

51
CVE-2024/CVE-2024-471xx/CVE-2024-47169.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-47169",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-09-26T18:15:10.157",
"lastModified": "2024-09-30T12:46:20.237",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-30T18:25:39.783",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -55,10 +75,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/agnaistic/agnai/security/advisories/GHSA-mpch-89gm-hm83",
"source": "security-advisories@github.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:agnai:agnai:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.0.330",
"matchCriteriaId": "018F1D62-64B1-4A69-BC8B-37565BF64656"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/agnaistic/agnai/security/advisories/GHSA-mpch-89gm-hm83",
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}
]
}

60
CVE-2024/CVE-2024-471xx/CVE-2024-47172.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-47172",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-09-30T15:15:06.523",
"lastModified": "2024-10-04T13:51:25.567",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-30T18:20:58.270",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -51,14 +71,38 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/cvat-ai/cvat/commit/59ce6ca784a0d426b2cfb8cf2850ba1d520c03f5",
"source": "security-advisories@github.com"
},
"nodes": [
{
"url": "https://github.com/cvat-ai/cvat/security/advisories/GHSA-gxhm-hg65-5gh2",
"source": "security-advisories@github.com"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cvat:computer_vision_annotation_tool:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.19.1",
"matchCriteriaId": "E5639409-21F0-4AD7-91A7-1845A44DAA08"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/cvat-ai/cvat/commit/59ce6ca784a0d426b2cfb8cf2850ba1d520c03f5",
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/cvat-ai/cvat/security/advisories/GHSA-gxhm-hg65-5gh2",
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}
]
}

61
CVE-2024/CVE-2024-478xx/CVE-2024-47878.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-47878",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-10-24T21:15:12.293",
"lastModified": "2024-10-25T12:56:07.750",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-30T18:01:44.277",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -51,14 +71,39 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/OpenRefine/OpenRefine/commit/10bf0874d67f1018a58b3732332d76b840192fea",
"source": "security-advisories@github.com"
},
"nodes": [
{
"url": "https://github.com/OpenRefine/OpenRefine/security/advisories/GHSA-pw3x-c5vp-mfc3",
"source": "security-advisories@github.com"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openrefine:openrefine:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.8.3",
"matchCriteriaId": "0B0F993E-8EB2-4CD2-8985-3DCD90F7EBBF"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/OpenRefine/OpenRefine/commit/10bf0874d67f1018a58b3732332d76b840192fea",
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/OpenRefine/OpenRefine/security/advisories/GHSA-pw3x-c5vp-mfc3",
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

73
CVE-2024/CVE-2024-478xx/CVE-2024-47880.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-47880",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-10-24T21:15:12.750",
"lastModified": "2024-10-25T12:56:07.750",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-10-30T17:42:42.737",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.6,
"impactScore": 4.7
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -41,8 +61,18 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -55,14 +85,39 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/OpenRefine/OpenRefine/commit/8060477fa53842ebabf43b63e039745932fa629d",
"source": "security-advisories@github.com"
},
"nodes": [
{
"url": "https://github.com/OpenRefine/OpenRefine/security/advisories/GHSA-79jv-5226-783f",
"source": "security-advisories@github.com"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openrefine:openrefine:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.8.3",
"matchCriteriaId": "0B0F993E-8EB2-4CD2-8985-3DCD90F7EBBF"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/OpenRefine/OpenRefine/commit/8060477fa53842ebabf43b63e039745932fa629d",
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/OpenRefine/OpenRefine/security/advisories/GHSA-79jv-5226-783f",
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

39
CVE-2024/CVE-2024-481xx/CVE-2024-48107.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-48107",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-28T21:15:09.453",
"lastModified": "2024-10-29T14:34:04.427",
"lastModified": "2024-10-30T17:35:10.860",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "SparkShop <=1.1.7 es vulnerable a server-side request forgery (SSRF). Esta vulnerabilidad permite realizar ataques para escanear puertos en la intranet o red local donde reside el servidor, atacar aplicaciones que se ejecutan en la intranet o red local o leer metadatos en el servidor en la nube."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"references": [
{
"url": "https://gist.github.com/RMAX2000/ebb654016e5b8a5b55aa6d8a7f2f321a#file-cve-2024-48107",

39
CVE-2024/CVE-2024-481xx/CVE-2024-48177.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-48177",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-28T21:15:09.523",
"lastModified": "2024-10-29T14:34:04.427",
"lastModified": "2024-10-30T17:35:11.637",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "MRCMS 3.1.2 contiene una vulnerabilidad de inyecci\u00f3n SQL a trav\u00e9s del par\u00e1metro RID en /admin/article/delete.do."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/dabaizhizhu/123/issues/9",

39
CVE-2024/CVE-2024-481xx/CVE-2024-48178.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-48178",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-28T20:15:05.843",
"lastModified": "2024-10-29T14:34:50.257",
"lastModified": "2024-10-30T18:35:13.637",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "newbee-mall v1.0.0 es vulnerable a Server-Side Request Forgery (SSRF) a trav\u00e9s del par\u00e1metro goodsCoverImg."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"references": [
{
"url": "https://github.com/dabaizhizhu/123/issues/10",

39
CVE-2024/CVE-2024-481xx/CVE-2024-48195.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-48195",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-28T20:15:05.903",
"lastModified": "2024-10-29T14:34:50.257",
"lastModified": "2024-10-30T18:35:14.433",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "La vulnerabilidad de Cross Site Scripting en eyouCMS v.1.6.7 permite a un atacante remoto obtener informaci\u00f3n confidencial a trav\u00e9s de una secuencia de comandos especialmente manipulada para el par\u00e1metro post."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/cyb3res3c/CVE-2024-48195/blob/main/CVE-2024-48195.md",

27
CVE-2024/CVE-2024-481xx/CVE-2024-48196.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-48196",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-28T20:15:05.960",
"lastModified": "2024-10-29T14:34:50.257",
"lastModified": "2024-10-30T18:35:15.220",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "Un problema en eyouCMS v.1.6.7 permite que un atacante remoto obtenga informaci\u00f3n confidencial a trav\u00e9s de un script manipulado espec\u00edficamente para el par\u00e1metro post."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://github.com/cyb3res3c/CVE-2024-49186/blob/main/CVE-2024-48196.md",

21
CVE-2024/CVE-2024-482xx/CVE-2024-48214.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-48214",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-30T18:15:07.420",
"lastModified": "2024-10-30T18:15:07.420",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "KERUI HD 3MP 1080P Tuya Camera 1.0.4 has a command injection vulnerability in the module that connects to the local network via a QR code. This vulnerability allows an attacker to create a custom, unauthenticated QR code and abuse one of the parameters, either SSID or PASSWORD, in the JSON data contained within the QR code. By that, the attacker can execute arbitrary code on the camera."
}
],
"metrics": {},
"references": [
{
"url": "https://medium.com/%40shenhavmor/exploiting-a-chinese-camera-for-fun-cve-2024-48214-2d56848870c2",
"source": "cve@mitre.org"
}
]
}

29
CVE-2024/CVE-2024-482xx/CVE-2024-48241.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-48241",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-30T18:15:07.490",
"lastModified": "2024-10-30T18:15:07.490",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue in radare2 v5.8.0 through v5.9.4 allows a local attacker to cause a denial of service via the __bf_div function."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/St-Andrews-Bug-Busters/Vuln_info/blob/main/radare2/CVE-2024-48241.md",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/radareorg/radare2/issues/23317",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/radareorg/radare2/pull/23318",
"source": "cve@mitre.org"
}
]
}

39
CVE-2024/CVE-2024-483xx/CVE-2024-48356.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-48356",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-28T21:15:09.627",
"lastModified": "2024-10-29T14:34:04.427",
"lastModified": "2024-10-30T17:35:12.420",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "LyLme Spage <=1.6.0 es vulnerable a la inyecci\u00f3n SQL a trav\u00e9s de /admin/group.php."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/Jingyi-u/LyLme_Spage/blob/main/README.md",

39
CVE-2024/CVE-2024-483xx/CVE-2024-48357.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-48357",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-28T20:15:06.050",
"lastModified": "2024-10-29T14:34:50.257",
"lastModified": "2024-10-30T17:35:13.203",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "LyLme Spage 1.2.0 a 1.6.0 es vulnerable a la inyecci\u00f3n SQL a trav\u00e9s de /admin/apply.php."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/Jingyi-u/LyLme_Spage_2/blob/main/README.md",

39
CVE-2024/CVE-2024-484xx/CVE-2024-48465.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-48465",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-28T20:15:06.120",
"lastModified": "2024-10-29T14:34:50.257",
"lastModified": "2024-10-30T18:35:15.410",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "La versi\u00f3n 1.5.0 de MRBS tiene una vulnerabilidad de inyecci\u00f3n SQL en el archivo edit_entry_handler.php, espec\u00edficamente en el par\u00e1metro rooms%5B%5D"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/4459gif/zo/blob/main/index.html",

21
CVE-2024/CVE-2024-485xx/CVE-2024-48569.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-48569",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-30T18:15:07.567",
"lastModified": "2024-10-30T18:15:07.567",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Proactive Risk Manager version 9.1.1.0 is affected by multiple Cross-Site Scripting (XSS) vulnerabilities in the add/edit form fields, at the urls starting with the subpaths: /ar/config/configuation/ and /ar/config/risk-strategy-control/"
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/MarioTesoro/CVE-2024-48569",
"source": "cve@mitre.org"
}
]
}

39
CVE-2024/CVE-2024-485xx/CVE-2024-48594.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-48594",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-28T21:15:09.690",
"lastModified": "2024-10-29T14:34:04.427",
"lastModified": "2024-10-30T17:35:14.010",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "La vulnerabilidad de carga de archivos en Prison Management System v.1.0 permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s del componente de carga de archivos."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://github.com/Aa1b/mycve/blob/main/Readme.md",

21
CVE-2024/CVE-2024-486xx/CVE-2024-48646.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-48646",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-30T18:15:07.640",
"lastModified": "2024-10-30T18:15:07.640",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An Unrestricted File Upload vulnerability exists in Sage 1000 v7.0.0, which allows authorized users to upload files without proper validation. An attacker could exploit this vulnerability by uploading malicious files, such as HTML, scripts, or other executable content, that may be executed on the server, leading to further system compromise."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/hx381/Sage-1000-v7.0.0-Exploit/blob/main/README.md",
"source": "cve@mitre.org"
}
]
}

21
CVE-2024/CVE-2024-486xx/CVE-2024-48647.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-48647",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-30T18:15:07.743",
"lastModified": "2024-10-30T18:15:07.743",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A file disclosure vulnerability exists in Sage 1000 v7.0.0. This vulnerability allows remote attackers to retrieve arbitrary files from the server's file system by manipulating the URL parameter in HTTP requests. The attacker can exploit this flaw to access sensitive information, including configuration files that may contain credentials and system settings, which could lead to further compromise of the server."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/hx381/Sage-1000-v7.0.0-Exploit/blob/main/README.md",
"source": "cve@mitre.org"
}
]
}

21
CVE-2024/CVE-2024-486xx/CVE-2024-48648.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-48648",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-30T18:15:07.813",
"lastModified": "2024-10-30T18:15:07.813",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Reflected Cross-Site Scripting (XSS) vulnerability exists in the Sage 1000 v 7.0.0. This vulnerability allows attackers to inject malicious scripts into URLs, which are reflected back by the server in the response without proper sanitization or encoding."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/hx381/Sage-1000-v7.0.0-Exploit/blob/main/README.md",
"source": "cve@mitre.org"
}
]
}

Some files were not shown because too many files have changed in this diff Show More