admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-03-18T17:00:20.156090+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-03-18 17:03:48 +00:00
parent 2632ded10d
commit ffe3ab541c
189 changed files with 6794 additions and 676 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
CVE-2012/CVE-2012-58xx/CVE-2012-5853.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2012-5853",
"sourceIdentifier": "cve@mitre.org",
"published": "2015-01-08T01:59:00.047",
"lastModified": "2024-11-21T01:45:22.210",
"vulnStatus": "Modified",
"lastModified": "2025-03-18T15:11:20.680",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -63,9 +63,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ajax_search_project:ajax_search:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.2",
"matchCriteriaId": "10D56DC4-CA26-4E5D-AD75-6EBD3957F973"
"criteria": "cpe:2.3:a:vinojcardoza:ajax_post_search:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.3",
"matchCriteriaId": "EAC3CE54-DBEF-40BE-BEB8-07296266B508"
}
]
}

39
CVE-2018/CVE-2018-93xx/CVE-2018-9383.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2018-9383",
"sourceIdentifier": "security@android.com",
"published": "2025-01-17T23:15:12.020",
"lastModified": "2025-02-18T21:15:12.823",
"lastModified": "2025-03-18T15:15:39.420",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "En asn1_ber_decoder de asn1_decoder.c, existe una posible lectura fuera de los l\u00edmites debido a una neutra. Esto podr\u00eda provocar la divulgaci\u00f3n de informaci\u00f3n local con privilegios de ejecuci\u00f3n de System necesarios. No se necesita la interacci\u00f3n del usuario para la explotaci\u00f3n."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://source.android.com/security/bulletin/pixel/2018-06-01",

60
CVE-2021/CVE-2021-224xx/CVE-2021-22484.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-22484",
"sourceIdentifier": "psirt@huawei.com",
"published": "2024-12-28T07:15:18.723",
"lastModified": "2024-12-28T17:15:06.360",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-18T16:09:16.963",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -50,6 +70,16 @@
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -61,10 +91,30 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-wearables-202108-0000001135186780",
"source": "psirt@huawei.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "20112231-B840-44D3-A061-B9B9F80EE378"
}
]
}
]
}
],
"references": [
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-wearables-202108-0000001135186780",
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
}
]
}

14
CVE-2021/CVE-2021-263xx/CVE-2021-26344.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-26344",
"sourceIdentifier": "psirt@amd.com",
"published": "2024-08-13T17:15:17.113",
"lastModified": "2024-12-12T20:41:30.647",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-18T16:15:12.347",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -69,6 +69,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

60
CVE-2021/CVE-2021-370xx/CVE-2021-37000.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-37000",
"sourceIdentifier": "psirt@huawei.com",
"published": "2024-12-28T07:15:18.887",
"lastModified": "2024-12-28T17:15:06.793",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-03-18T16:30:48.110",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.5,
"impactScore": 5.2
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -50,6 +70,16 @@
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -61,10 +91,30 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-wearables-202108-0000001135186780",
"source": "psirt@huawei.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "20112231-B840-44D3-A061-B9B9F80EE378"
}
]
}
]
}
],
"references": [
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-wearables-202108-0000001135186780",
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
}
]
}

32
CVE-2022/CVE-2022-232xx/CVE-2022-23240.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-23240",
"sourceIdentifier": "security-alert@netapp.com",
"published": "2023-02-28T23:15:11.240",
"lastModified": "2024-11-21T06:48:15.080",
"lastModified": "2025-03-18T15:15:40.637",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "NVD-CWE-Other"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"configurations": [

12
CVE-2022/CVE-2022-259xx/CVE-2022-25978.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-25978",
"sourceIdentifier": "report@snyk.io",
"published": "2023-02-15T05:15:11.540",
"lastModified": "2024-11-21T06:53:16.640",
"lastModified": "2025-03-18T16:15:12.627",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -79,6 +79,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-329xx/CVE-2022-32933.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-32933",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-06-10T20:15:12.533",
"lastModified": "2024-11-21T07:07:15.917",
"lastModified": "2025-03-18T16:15:12.880",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-382xx/CVE-2022-38220.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-38220",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-03-01T00:15:10.823",
"lastModified": "2024-11-21T07:16:04.727",
"lastModified": "2025-03-18T15:15:41.067",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-400xx/CVE-2022-40032.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-40032",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-17T14:15:15.370",
"lastModified": "2024-11-21T07:20:45.390",
"lastModified": "2025-03-18T16:15:13.077",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-403xx/CVE-2022-40347.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-40347",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-17T13:15:10.650",
"lastModified": "2024-11-21T07:21:19.913",
"lastModified": "2025-03-18T16:15:13.300",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-442xx/CVE-2022-44216.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-44216",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-20T20:15:10.290",
"lastModified": "2024-11-21T07:27:45.847",
"lastModified": "2025-03-18T16:15:13.567",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-306"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-455xx/CVE-2022-45551.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-45551",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-03-03T13:15:10.710",
"lastModified": "2024-11-21T07:29:26.427",
"lastModified": "2025-03-18T16:15:13.773",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-306"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-457xx/CVE-2022-45701.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-45701",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-17T15:15:12.080",
"lastModified": "2024-11-21T07:29:36.463",
"lastModified": "2025-03-18T16:15:14.017",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"configurations": [

22
CVE-2022/CVE-2022-45xx/CVE-2022-4550.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4550",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-02-27T16:15:11.117",
"lastModified": "2024-11-21T07:35:28.293",
"lastModified": "2025-03-18T15:15:42.087",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},

22
CVE-2022/CVE-2022-46xx/CVE-2022-4679.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4679",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-02-27T16:15:11.193",
"lastModified": "2024-11-21T07:35:43.277",
"lastModified": "2025-03-18T15:15:42.313",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},

22
CVE-2022/CVE-2022-470xx/CVE-2022-47075.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-47075",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-28T23:15:11.317",
"lastModified": "2024-11-21T07:31:28.243",
"lastModified": "2025-03-18T15:15:41.377",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},

22
CVE-2022/CVE-2022-470xx/CVE-2022-47076.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-47076",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-28T23:15:11.390",
"lastModified": "2024-11-21T07:31:28.403",
"lastModified": "2025-03-18T15:15:41.650",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},

32
CVE-2022/CVE-2022-481xx/CVE-2022-48115.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-48115",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-17T22:15:11.907",
"lastModified": "2024-11-21T07:32:52.267",
"lastModified": "2025-03-18T16:15:14.220",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-483xx/CVE-2022-48329.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-48329",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-20T04:15:11.227",
"lastModified": "2024-11-21T07:33:10.770",
"lastModified": "2025-03-18T16:15:14.440",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-755"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-755"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-483xx/CVE-2022-48337.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-48337",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-20T23:15:12.243",
"lastModified": "2024-11-21T07:33:11.937",
"lastModified": "2025-03-18T16:15:14.647",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-78"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-483xx/CVE-2022-48338.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-48338",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-20T23:15:12.297",
"lastModified": "2024-11-21T07:33:12.090",
"lastModified": "2025-03-18T16:15:14.863",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-77"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-483xx/CVE-2022-48339.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-48339",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-20T23:15:12.350",
"lastModified": "2024-11-21T07:33:12.250",
"lastModified": "2025-03-18T16:15:15.070",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-116"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1116"
}
]
}
],
"configurations": [

22
CVE-2023/CVE-2023-01xx/CVE-2023-0168.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-0168",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-02-27T16:15:11.657",
"lastModified": "2024-11-21T07:36:40.573",
"lastModified": "2025-03-18T15:15:42.527",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},

22
CVE-2023/CVE-2023-03xx/CVE-2023-0381.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-0381",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-02-27T16:15:12.123",
"lastModified": "2024-11-21T07:37:05.027",
"lastModified": "2025-03-18T15:15:42.723",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},

38
CVE-2023/CVE-2023-04xx/CVE-2023-0482.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-0482",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-02-17T22:15:11.957",
"lastModified": "2025-02-10T13:12:32.147",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-18T16:15:15.277",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -32,13 +32,33 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "secalert@redhat.com",
"type": "Secondary",
"type": "Primary",
"description": [
{
"lang": "en",
@ -48,13 +68,23 @@
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-378"
}
]
}
],
"configurations": [

22
CVE-2023/CVE-2023-05xx/CVE-2023-0552.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-0552",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-02-27T16:15:12.610",
"lastModified": "2024-11-21T07:37:23.420",
"lastModified": "2025-03-18T15:15:43.027",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},

22
CVE-2023/CVE-2023-10xx/CVE-2023-1095.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-1095",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-02-28T23:15:11.460",
"lastModified": "2024-11-21T07:38:26.880",
"lastModified": "2025-03-18T16:15:16.013",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},

10
CVE-2023/CVE-2023-14xx/CVE-2023-1420.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-1420",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-04-24T19:15:09.487",
"lastModified": "2025-02-04T19:15:28.020",
"lastModified": "2025-03-18T15:21:33.470",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -64,15 +64,15 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ajax_search_project:ajax_search:*:*:*:*:lite:wordpress:*:*",
"criteria": "cpe:2.3:a:wp-dreams:ajax_search:*:*:*:*:lite:wordpress:*:*",
"versionEndExcluding": "4.11.1",
"matchCriteriaId": "C1EC9E83-5D02-4720-AD12-AD7BCE6F9F9A"
"matchCriteriaId": "29EAA46F-7186-4BE1-8F19-E262D67836FF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ajax_search_project:ajax_search:*:*:*:*:pro:wordpress:*:*",
"criteria": "cpe:2.3:a:wp-dreams:ajax_search:*:*:*:*:pro:wordpress:*:*",
"versionEndExcluding": "4.26.2",
"matchCriteriaId": "87EE2C87-BD59-4699-A6C7-3E0FA82B5B94"
"matchCriteriaId": "BE3EA907-24EB-4CAF-9E37-F91810823565"
}
]
}

6
CVE-2023/CVE-2023-14xx/CVE-2023-1435.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-1435",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-04-24T19:15:09.560",
"lastModified": "2025-02-04T17:15:10.380",
"lastModified": "2025-03-18T15:21:33.470",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -64,9 +64,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ajax_search_project:ajax_search:*:*:*:*:pro:wordpress:*:*",
"criteria": "cpe:2.3:a:wp-dreams:ajax_search:*:*:*:*:pro:wordpress:*:*",
"versionEndExcluding": "4.26.2",
"matchCriteriaId": "87EE2C87-BD59-4699-A6C7-3E0FA82B5B94"
"matchCriteriaId": "BE3EA907-24EB-4CAF-9E37-F91810823565"
}
]
}

32
CVE-2023/CVE-2023-209xx/CVE-2023-20948.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-20948",
"sourceIdentifier": "security@android.com",
"published": "2023-02-28T17:15:11.147",
"lastModified": "2024-11-21T07:41:52.527",
"lastModified": "2025-03-18T16:15:16.227",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-125"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-230xx/CVE-2023-23007.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-23007",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-17T16:15:10.997",
"lastModified": "2024-11-21T07:45:47.323",
"lastModified": "2025-03-18T16:15:16.440",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-234xx/CVE-2023-23452.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-23452",
"sourceIdentifier": "psirt@sick.de",
"published": "2023-02-20T23:15:12.447",
"lastModified": "2024-11-21T07:46:13.673",
"lastModified": "2025-03-18T15:15:44.050",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -55,6 +75,16 @@
"value": "CWE-306"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-234xx/CVE-2023-23453.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-23453",
"sourceIdentifier": "psirt@sick.de",
"published": "2023-02-20T23:15:12.517",
"lastModified": "2024-11-21T07:46:13.790",
"lastModified": "2025-03-18T15:15:44.323",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -55,6 +75,16 @@
"value": "CWE-306"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-235xx/CVE-2023-23524.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-23524",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-02-27T20:15:14.640",
"lastModified": "2024-11-21T07:46:21.153",
"lastModified": "2025-03-18T15:15:44.563",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-400"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"configurations": [

22
CVE-2023/CVE-2023-235xx/CVE-2023-23530.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-23530",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-02-27T20:15:14.773",
"lastModified": "2024-11-21T07:46:21.827",
"lastModified": "2025-03-18T15:15:44.803",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 6.0
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 6.0
}
]
},

22
CVE-2023/CVE-2023-241xx/CVE-2023-24104.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-24104",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-23T16:15:11.630",
"lastModified": "2024-11-21T07:47:24.257",
"lastModified": "2025-03-18T15:15:45.040",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},

32
CVE-2023/CVE-2023-241xx/CVE-2023-24114.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-24114",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-22T21:15:11.503",
"lastModified": "2024-11-21T07:47:24.707",
"lastModified": "2025-03-18T15:15:45.287",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-241xx/CVE-2023-24122.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-24122",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-03-01T21:15:11.057",
"lastModified": "2024-11-21T07:47:25.567",
"lastModified": "2025-03-18T16:15:16.760",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-241xx/CVE-2023-24123.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-24123",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-03-01T21:15:11.117",
"lastModified": "2024-11-21T07:47:25.717",
"lastModified": "2025-03-18T16:15:16.987",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-241xx/CVE-2023-24124.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-24124",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-03-01T21:15:11.177",
"lastModified": "2024-11-21T07:47:25.863",
"lastModified": "2025-03-18T16:15:17.197",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

36
CVE-2023/CVE-2023-243xx/CVE-2023-24320.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-24320",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-21T22:15:10.557",
"lastModified": "2024-11-21T07:47:40.207",
"lastModified": "2025-03-18T15:15:45.527",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-Other"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"configurations": [
@ -90,6 +120,10 @@
{
"url": "https://yuyudhn.github.io/CVE-2023-24320/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://yuyudhn.github.io/CVE-2023-24320/",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

32
CVE-2023/CVE-2023-243xx/CVE-2023-24369.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-24369",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-17T17:15:11.857",
"lastModified": "2024-11-21T07:47:43.847",
"lastModified": "2025-03-18T16:15:17.417",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-247xx/CVE-2023-24769.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-24769",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-17T22:15:14.407",
"lastModified": "2024-11-21T07:48:23.303",
"lastModified": "2025-03-18T16:15:17.883",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-247xx/CVE-2023-24785.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-24785",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-17T18:15:12.127",
"lastModified": "2024-11-21T07:48:24.490",
"lastModified": "2025-03-18T16:15:18.153",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-770"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-252xx/CVE-2023-25264.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25264",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-28T16:15:09.157",
"lastModified": "2024-11-21T07:49:22.163",
"lastModified": "2025-03-18T16:15:18.437",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-287"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-252xx/CVE-2023-25265.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25265",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-28T16:15:09.237",
"lastModified": "2024-11-21T07:49:22.303",
"lastModified": "2025-03-18T16:15:18.710",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-22"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [

22
CVE-2023/CVE-2023-252xx/CVE-2023-25266.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25266",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-28T16:15:09.297",
"lastModified": "2024-11-21T07:49:22.433",
"lastModified": "2025-03-18T16:15:19.013",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},

32
CVE-2023/CVE-2023-254xx/CVE-2023-25431.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25431",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-28T18:15:10.393",
"lastModified": "2024-11-21T07:49:30.000",
"lastModified": "2025-03-18T16:15:19.330",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

22
CVE-2023/CVE-2023-256xx/CVE-2023-25621.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25621",
"sourceIdentifier": "security@apache.org",
"published": "2023-02-23T09:15:10.023",
"lastModified": "2024-11-21T07:49:50.890",
"lastModified": "2025-03-18T15:15:45.757",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},

32
CVE-2023/CVE-2023-260xx/CVE-2023-26081.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-26081",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-20T03:15:10.313",
"lastModified": "2024-11-21T07:50:44.520",
"lastModified": "2025-03-18T15:15:45.960",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-668"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-668"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-262xx/CVE-2023-26255.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-26255",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-28T16:15:09.447",
"lastModified": "2024-11-21T07:50:59.180",
"lastModified": "2025-03-18T16:15:19.610",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-22"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [

39
CVE-2023/CVE-2023-344xx/CVE-2023-34401.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-34401",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-13T23:15:08.867",
"lastModified": "2025-02-13T23:15:08.867",
"lastModified": "2025-03-18T16:15:19.893",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "La unidad principal NTG6 de Mercedes-Benz contiene funciones para importar o exportar configuraciones de perfil a trav\u00e9s de USB. Dentro de la carpeta de perfil hay un archivo codificado con el c\u00f3dec propietario UD2. Debido a que no se realizan comprobaciones de tama\u00f1o en el archivo encapsulado, el atacante puede lograr una lectura fuera de los l\u00edmites en la memoria del mont\u00f3n."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N",
"baseScore": 3.7,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.2,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://securelist.com/mercedes-benz-head-unit-security-research/115218/",

51
CVE-2023/CVE-2023-366xx/CVE-2023-36681.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36681",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-12-13T15:15:17.880",
"lastModified": "2024-12-13T15:15:17.880",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-18T15:29:53.393",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -51,10 +71,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://patchstack.com/database/wordpress/plugin/cryptocurrency-price-ticker-widget/vulnerability/wordpress-cryptocurrency-widgets-price-ticker-coins-list-plugin-2-6-2-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:coolplugins:cryptocurrency_widgets:*:*:*:*:free:wordpress:*:*",
"versionEndExcluding": "2.6.3",
"matchCriteriaId": "EA692232-0CA4-4283-8710-51CD66C46770"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/cryptocurrency-price-ticker-widget/vulnerability/wordpress-cryptocurrency-widgets-price-ticker-coins-list-plugin-2-6-2-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

39
CVE-2023/CVE-2023-401xx/CVE-2023-40108.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-40108",
"sourceIdentifier": "security@android.com",
"published": "2025-01-21T23:15:11.320",
"lastModified": "2025-02-18T21:15:19.560",
"lastModified": "2025-03-18T15:15:46.217",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "En varias ubicaciones, existe una forma posible de acceder al contenido multimedia que pertenece a otro usuario debido a la falta de verificaci\u00f3n de permisos. Esto podr\u00eda provocar la divulgaci\u00f3n de informaci\u00f3n local sin necesidad de privilegios de ejecuci\u00f3n adicionales. No se necesita la interacci\u00f3n del usuario para la explotaci\u00f3n."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://source.android.com/security/bulletin/2025-01-01",

14
CVE-2023/CVE-2023-517xx/CVE-2023-51787.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-51787",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-15T06:15:46.067",
"lastModified": "2024-11-21T08:38:48.577",
"lastModified": "2025-03-18T15:15:46.463",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2023-51787",

14
CVE-2023/CVE-2023-61xx/CVE-2023-6123.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6123",
"sourceIdentifier": "security@opentext.com",
"published": "2024-02-15T21:15:08.500",
"lastModified": "2024-12-18T17:32:47.300",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-18T15:15:46.680",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -69,6 +69,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-707"
}
]
}
],
"configurations": [

8
CVE-2024/CVE-2024-07xx/CVE-2024-0709.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0709",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-02-05T22:16:04.553",
"lastModified": "2024-11-21T08:47:11.277",
"vulnStatus": "Modified",
"lastModified": "2025-03-18T15:33:26.187",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -80,10 +80,10 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:coolplugins:cryptocurrency_widgets:*:*:*:*:*:wordpress:*:*",
"criteria": "cpe:2.3:a:coolplugins:cryptocurrency_widgets:*:*:*:*:free:wordpress:*:*",
"versionStartIncluding": "2.0",
"versionEndIncluding": "2.6.5",
"matchCriteriaId": "B5C1CD91-B13B-4EBA-8287-D2F287E51F3B"
"matchCriteriaId": "454760FF-E8EF-42DD-A2F8-D817CB39F2C3"
}
]
}

6
CVE-2024/CVE-2024-114xx/CVE-2024-11482.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-11482",
"sourceIdentifier": "trellixpsirt@trellix.com",
"published": "2024-11-29T08:15:04.437",
"lastModified": "2024-11-29T08:15:04.437",
"lastModified": "2025-03-18T15:15:46.897",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -55,6 +55,10 @@
{
"url": "https://thrive.trellix.com/s/article/000014058#h2_0",
"source": "trellixpsirt@trellix.com"
},
{
"url": "https://hackerone.com/reports/2817658",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}

16
CVE-2024/CVE-2024-209xx/CVE-2024-20927.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20927",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2024-02-17T02:15:47.420",
"lastModified": "2024-11-29T14:08:26.950",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-18T16:15:20.147",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "secalert_us@oracle.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
@ -49,6 +49,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"configurations": [

16
CVE-2024/CVE-2024-210xx/CVE-2024-21006.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21006",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2024-04-16T22:15:14.580",
"lastModified": "2024-11-27T16:36:05.623",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-18T15:15:47.150",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "secalert_us@oracle.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
@ -49,6 +49,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
}
],
"configurations": [

16
CVE-2024/CVE-2024-210xx/CVE-2024-21055.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21055",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2024-04-16T22:15:23.010",
"lastModified": "2024-12-06T16:46:49.543",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-18T16:15:20.353",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "secalert_us@oracle.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
@ -49,6 +49,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"configurations": [

14
CVE-2024/CVE-2024-211xx/CVE-2024-21142.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-21142",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2024-07-16T23:15:15.407",
"lastModified": "2024-11-21T08:53:51.993",
"lastModified": "2025-03-18T15:15:47.363",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "secalert_us@oracle.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
@ -49,6 +49,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"configurations": [

14
CVE-2024/CVE-2024-211xx/CVE-2024-21185.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-21185",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2024-07-16T23:15:23.260",
"lastModified": "2024-11-21T08:53:57.030",
"lastModified": "2025-03-18T16:15:20.577",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "secalert_us@oracle.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
@ -49,6 +49,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"configurations": [

32
CVE-2024/CVE-2024-225xx/CVE-2024-22525.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-22525",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-06-06T22:15:10.127",
"lastModified": "2024-11-21T08:56:24.373",
"lastModified": "2025-03-18T16:15:20.850",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-476"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [

32
CVE-2024/CVE-2024-237xx/CVE-2024-23737.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-23737",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-01T22:15:02.857",
"lastModified": "2024-11-21T08:58:16.923",
"lastModified": "2025-03-18T15:15:47.677",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-352"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [

39
CVE-2024/CVE-2024-257xx/CVE-2024-25734.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-25734",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-27T03:15:12.077",
"lastModified": "2024-11-21T09:01:17.837",
"lastModified": "2025-03-18T15:15:47.980",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Se descubri\u00f3 un problema en dispositivos WyreStorm Apollo VX20 anteriores a la versi\u00f3n 1.3.58. El servicio TELNET solicita una contrase\u00f1a s\u00f3lo despu\u00e9s de introducir un nombre de usuario v\u00e1lido, lo que podr\u00eda facilitar a atacantes remotos la enumeraci\u00f3n de cuentas de usuario."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/177081",

153
CVE-2024/CVE-2024-267xx/CVE-2024-26746.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26746",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-04T09:15:07.783",
"lastModified": "2024-11-21T09:02:58.613",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-18T16:45:08.557",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,31 +15,140 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: dmaengine: idxd: garantiza una copia segura del registro de finalizaci\u00f3n para el usuario. Si CONFIG_HARDENED_USERCOPY est\u00e1 habilitado, copiar el registro de finalizaci\u00f3n desde la cach\u00e9 del registro de eventos al usuario desencadena un error en el kernel. [ 1987.159822] usercopy: Kernel memory exposure attempt detected from SLUB object 'dsa0' (offset 74, size 31)! [ 1987.170845] ------------[ cut here ]------------ [ 1987.176086] kernel BUG at mm/usercopy.c:102! [ 1987.180946] invalid opcode: 0000 [#1] PREEMPT SMP NOPTI [ 1987.186866] CPU: 17 PID: 528 Comm: kworker/17:1 Not tainted 6.8.0-rc2+ #5 [ 1987.194537] Hardware name: Intel Corporation AvenueCity/AvenueCity, BIOS BHSDCRB1.86B.2492.D03.2307181620 07/18/2023 [ 1987.206405] Workqueue: wq0.0 idxd_evl_fault_work [idxd] [ 1987.212338] RIP: 0010:usercopy_abort+0x72/0x90 [ 1987.217381] Code: 58 65 9c 50 48 c7 c2 17 85 61 9c 57 48 c7 c7 98 fd 6b 9c 48 0f 44 d6 48 c7 c6 b3 08 62 9c 4c 89 d1 49 0f 44 f3 e8 1e 2e d5 ff <0f> 0b 49 c7 c1 9e 42 61 9c 4c 89 cf 4d 89 c8 eb a9 66 66 2e 0f 1f [ 1987.238505] RSP: 0018:ff62f5cf20607d60 EFLAGS: 00010246 [ 1987.244423] RAX: 000000000000005f RBX: 000000000000001f RCX: 0000000000000000 [ 1987.252480] RDX: 0000000000000000 RSI: ffffffff9c61429e RDI: 00000000ffffffff [ 1987.260538] RBP: ff62f5cf20607d78 R08: ff2a6a89ef3fffe8 R09: 00000000fffeffff [ 1987.268595] R10: ff2a6a89eed00000 R11: 0000000000000003 R12: ff2a66934849c89a [ 1987.276652] R13: 0000000000000001 R14: ff2a66934849c8b9 R15: ff2a66934849c899 [ 1987.284710] FS: 0000000000000000(0000) GS:ff2a66b22fe40000(0000) knlGS:0000000000000000 [ 1987.293850] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1987.300355] CR2: 00007fe291a37000 CR3: 000000010fbd4005 CR4: 0000000000f71ef0 [ 1987.308413] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1987.316470] DR3: 0000000000000000 DR6: 00000000fffe07f0 DR7: 0000000000000400 [ 1987.324527] PKRU: 55555554 [ 1987.327622] Call Trace: [ 1987.330424] [ 1987.332826] ? show_regs+0x6e/0x80 [ 1987.336703] ? die+0x3c/0xa0 [ 1987.339988] ? do_trap+0xd4/0xf0 [ 1987.343662] ? do_error_trap+0x75/0xa0 [ 1987.347922] ? usercopy_abort+0x72/0x90 [ 1987.352277] ? exc_invalid_op+0x57/0x80 [ 1987.356634] ? usercopy_abort+0x72/0x90 [ 1987.360988] ? asm_exc_invalid_op+0x1f/0x30 [ 1987.365734] ? usercopy_abort+0x72/0x90 [ 1987.370088] __check_heap_object+0xb7/0xd0 [ 1987.374739] __check_object_size+0x175/0x2d0 [ 1987.379588] idxd_copy_cr+0xa9/0x130 [idxd] [ 1987.384341] idxd_evl_fault_work+0x127/0x390 [idxd] [ 1987.389878] process_one_work+0x13e/0x300 [ 1987.394435] ? __pfx_worker_thread+0x10/0x10 [ 1987.399284] worker_thread+0x2f7/0x420 [ 1987.403544] ? _raw_spin_unlock_irqrestore+0x2b/0x50 [ 1987.409171] ? __pfx_worker_thread+0x10/0x10 [ 1987.414019] kthread+0x107/0x140 [ 1987.417693] ? __pfx_kthread+0x10/0x10 [ 1987.421954] ret_from_fork+0x3d/0x60 [ 1987.426019] ? __pfx_kthread+0x10/0x10 [ 1987.430281] ret_from_fork_asm+0x1b/0x30 [ 1987.434744] . El problema surge porque la cach\u00e9 del registro de eventos se crea usando kmem_cache_create(), que no es adecuado para la copia del usuario. Solucione el problema creando un cach\u00e9 de registro de eventos con kmem_cache_create_usercopy(), lo que garantiza una copia segura para el usuario."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/5e3022ea42e490a36ec6f2cfa6fc603deb0bace4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/bb71e040323175e18c233a9afef32ba14fa64eb7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/d3ea125df37dc37972d581b74a5d3785c3f283ab",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/5e3022ea42e490a36ec6f2cfa6fc603deb0bace4",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/bb71e040323175e18c233a9afef32ba14fa64eb7",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/d3ea125df37dc37972d581b74a5d3785c3f283ab",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.4",
"versionEndExcluding": "6.6.21",
"matchCriteriaId": "584D76D2-1164-4D5F-A720-182A249B363A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.7.9",
"matchCriteriaId": "1C538467-EDA0-4A9A-82EB-2925DE9FF827"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9F4EA73-0894-400F-A490-3A397AB7A517"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc2:*:*:*:*:*:*",
"matchCriteriaId": "056BD938-0A27-4569-B391-30578B309EE3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc3:*:*:*:*:*:*",
"matchCriteriaId": "F02056A5-B362-4370-9FF8-6F0BD384D520"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc4:*:*:*:*:*:*",
"matchCriteriaId": "62075ACE-B2A0-4B16-829D-B3DA5AE5CC41"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc5:*:*:*:*:*:*",
"matchCriteriaId": "A780F817-2A77-4130-A9B7-5C25606314E3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc6:*:*:*:*:*:*",
"matchCriteriaId": "AEB9199B-AB8F-4877-8964-E2BA95B5F15C"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/5e3022ea42e490a36ec6f2cfa6fc603deb0bace4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/bb71e040323175e18c233a9afef32ba14fa64eb7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d3ea125df37dc37972d581b74a5d3785c3f283ab",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5e3022ea42e490a36ec6f2cfa6fc603deb0bace4",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/bb71e040323175e18c233a9afef32ba14fa64eb7",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d3ea125df37dc37972d581b74a5d3785c3f283ab",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

160
CVE-2024/CVE-2024-267xx/CVE-2024-26750.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26750",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-04T09:15:07.850",
"lastModified": "2024-11-21T09:02:59.203",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-18T16:49:59.607",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,47 +15,131 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: af_unix: elimine la referencia oob_skb antes de purgar la cola en GC. syzbot inform\u00f3 que otra tarea se colg\u00f3 en __unix_gc(). [0] El bucle while actual supone que todos los candidatos restantes tienen oob_skb y llamar a kfree_skb(oob_skb) libera los candidatos restantes. Sin embargo, me perd\u00ed un caso en el que oob_skb tiene fd autorreferenciado y otro fd y el \u00faltimo sk se coloca antes que el primero en la lista de candidatos. Luego, el ciclo while nunca contin\u00faa, lo que provoca que la tarea se bloquee. __unix_gc() tiene el mismo bucle justo antes de purgar el skb recopilado, por lo que podemos llamar a kfree_skb(oob_skb) all\u00ed y dejar que __skb_queue_purge() libere todos los sockets en vuelo. [0]: Env\u00edo de NMI desde la CPU 0 a las CPU 1: seguimiento de NMI para la CPU 1 CPU: 1 PID: 2784 Comm: kworker/u4:8 Not tainted 6.8.0-rc4-syzkaller-01028-g71b605d32017 #0 Nombre de hardware: Google Google Compute Engine/Google Compute Engine, BIOS Google 25/01/2024 Cola de trabajo: events_unbound __unix_gc RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x70 kernel/kcov.c:200 C\u00f3digo: 89 fb e8 23 00 00 00 48 8b 3d 84 f5 1a 0c 48 89 de 5b e9 43 26 57 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1e fa 48 8b 04 24 65 48 8b 0d 90 5 2 70 7e 65 8b 15 91 52 70 RSP: 0018:ffffc9000a17fa78 EFLAGS: 00000287 RAX: ffffffff8a0a6108 RBX: ffff88802b6c2640 RCX: ffff88802c0b3b80 RDX: 0000000000000000 RSI: 0 000000000000002 RDI: 0000000000000000 RBP: ffffc9000a17fbf0 R08: ffffffff89383f1d R09: 1ffff1100ee5ff84 R10: dffffc0000000000 R11: ffffed100ee5ff85 R12: 1ffff110056d84ee R13: ffffc9000a17fae0 R14: 0000000000000000 R15: ffffffff8f47b840 FS: 0000000000000000(0000) GS:ffff8880b9500000(0000) knlGS:00000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007ffef5687ff8 CR3: 0000000029b34000 CR4: 00000000003506f0 DR0: 00000000000000000 DR1: 00000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Seguimiento de llamadas: __unix_gc+0xe69/0xf40 net/unix/garbage.c:343 proceso _one_work kernel/workqueue.c:2633 [en l\u00ednea] proceso_scheduled_works+ 0x913/0x1420 kernel/workqueue.c:2706 trabajador_thread+0xa5f/0x1000 kernel/workqueue.c:2787 kthread+0x2ef/0x390 kernel/kthread.c:388 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1b/0x30 arch/x86/entry/entry_64.S:242 "
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/43ba9e331559a30000c862eea313248707afa787",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/6c480d0f131862645d172ca9e25dc152b1a5c3a6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/aa82ac51d63328714645c827775d64dbfd9941f3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/c4c795b21dd23d9514ae1c6646c3fb2c78b5be60",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e9eac260369d0cf57ea53df95427125725507a0d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/43ba9e331559a30000c862eea313248707afa787",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/6c480d0f131862645d172ca9e25dc152b1a5c3a6",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/aa82ac51d63328714645c827775d64dbfd9941f3",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/c4c795b21dd23d9514ae1c6646c3fb2c78b5be60",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/e9eac260369d0cf57ea53df95427125725507a0d",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.15.149",
"versionEndExcluding": "5.15.151",
"matchCriteriaId": "6F3A43DC-978D-470A-88C3-9EF55D158C7B"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/43ba9e331559a30000c862eea313248707afa787",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6c480d0f131862645d172ca9e25dc152b1a5c3a6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/aa82ac51d63328714645c827775d64dbfd9941f3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c4c795b21dd23d9514ae1c6646c3fb2c78b5be60",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e9eac260369d0cf57ea53df95427125725507a0d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/43ba9e331559a30000c862eea313248707afa787",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6c480d0f131862645d172ca9e25dc152b1a5c3a6",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/aa82ac51d63328714645c827775d64dbfd9941f3",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c4c795b21dd23d9514ae1c6646c3fb2c78b5be60",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e9eac260369d0cf57ea53df95427125725507a0d",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

119
CVE-2024/CVE-2024-267xx/CVE-2024-26762.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26762",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-03T17:15:52.470",
"lastModified": "2024-11-21T09:03:00.880",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-18T16:13:33.843",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,23 +15,114 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: cxl/pci: omita para manejar errores RAS si el dispositivo CXL.mem est\u00e1 desconectado. El modelo PCI AER no es adecuado para el manejo de errores CXL. Si bien la expectativa es que un dispositivo PCI pueda escalar hasta restablecer el enlace para recuperarse de un evento AER, el mismo restablecimiento en CXL equivale a una conexi\u00f3n en caliente sorpresa de cantidades masivas de memoria. Actualmente, el controlador de errores CXL intenta un manejo optimista de errores para desvincular el dispositivo del controlador cxl_mem despu\u00e9s de obtener algunos valores de registro RAS. Esto da como resultado un intento \"esperanzador\" de desconectar la memoria, pero no hay garant\u00eda de que tenga \u00e9xito. Una notificaci\u00f3n AER posterior despu\u00e9s del evento de desvinculaci\u00f3n de memdev ya no puede asumir que los registros est\u00e1n asignados. Verifique el enlace de memdev antes de obtener los valores del registro de estado para evitar fallas del tipo: ERROR: no se puede manejar el error de p\u00e1gina para la direcci\u00f3n: ffa00000195e9100 #PF: acceso de lectura del supervisor en modo kernel #PF: c\u00f3digo_error(0x0000) - p\u00e1gina no presente [. ..] RIP: 0010:__cxl_handle_ras+0x30/0x110 [cxl_core] [...] Seguimiento de llamadas: ? __morir+0x24/0x70 ? page_fault_oops+0x82/0x160? kernelmode_fixup_or_oops+0x84/0x110? exc_page_fault+0x113/0x170? asm_exc_page_fault+0x26/0x30? __pfx_dpc_reset_link+0x10/0x10 ? __cxl_handle_ras+0x30/0x110 [cxl_core] ? find_cxl_port+0x59/0x80 [cxl_core] cxl_handle_rp_ras+0xbc/0xd0 [cxl_core] cxl_error_detected+0x6c/0xf0 [cxl_core] report_error_detected+0xc7/0x1c0 pci_walk_bus+0x73/0x90 pcie_do_recovery+0x23f/0x330 A m\u00e1s largo plazo, es posible que sea necesario corregir el comportamiento de desvinculaci\u00f3n y PCI_ERS_RESULT_DISCONNECT. ser reemplazado por un nuevo PCI_ERS_RESULT_PANIC."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/21e5e84f3f63fdf44e49642a6e45cd895e921a84",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/eef5c7b28dbecd6b141987a96db6c54e49828102",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/21e5e84f3f63fdf44e49642a6e45cd895e921a84",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/eef5c7b28dbecd6b141987a96db6c54e49828102",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.7.7",
"matchCriteriaId": "575EE16B-67F2-4B5B-B5F8-1877715C898B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9F4EA73-0894-400F-A490-3A397AB7A517"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc2:*:*:*:*:*:*",
"matchCriteriaId": "056BD938-0A27-4569-B391-30578B309EE3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc3:*:*:*:*:*:*",
"matchCriteriaId": "F02056A5-B362-4370-9FF8-6F0BD384D520"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc4:*:*:*:*:*:*",
"matchCriteriaId": "62075ACE-B2A0-4B16-829D-B3DA5AE5CC41"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc5:*:*:*:*:*:*",
"matchCriteriaId": "A780F817-2A77-4130-A9B7-5C25606314E3"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/21e5e84f3f63fdf44e49642a6e45cd895e921a84",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/eef5c7b28dbecd6b141987a96db6c54e49828102",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/21e5e84f3f63fdf44e49642a6e45cd895e921a84",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/eef5c7b28dbecd6b141987a96db6c54e49828102",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

329
CVE-2024/CVE-2024-267xx/CVE-2024-26763.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26763",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-03T17:15:52.520",
"lastModified": "2024-11-21T09:03:00.980",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-18T16:40:18.300",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,79 +15,268 @@
"value": "En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: dm-crypt: no modifica los datos cuando se utiliza cifrado autenticado Se dijo que el cifrado autenticado podr\u00eda producir etiquetas no v\u00e1lidas cuando se modifican los datos que se est\u00e1n cifrando [1]. Entonces, solucione este problema copiando primero los datos en la biograf\u00eda del clon y luego cifr\u00e1ndolos dentro de la biograf\u00eda del clon. Esto puede reducir el rendimiento, pero es necesario para evitar que el usuario da\u00f1e el dispositivo escribiendo datos con O_DIRECT y modific\u00e1ndolos al mismo tiempo. [1] https://lore.kernel.org/all/20240207004723.GA35324@sol.localdomain/T/"
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/0dccbb93538fe89a86c6de31d4b1c8c560848eaa",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/1a4371db68a31076afbe56ecce34fbbe6c80c529",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/3c652f6fa1e1f9f02c3fbf359d260ad153ec5f90",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/43a202bd552976497474ae144942e32cc5f34d7e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/50c70240097ce41fe6bce6478b80478281e4d0f7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/64ba01a365980755732972523600a961c4266b75",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d9e3763a505e50ba3bd22846f2a8db99429fb857",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e08c2a8d27e989f0f5b0888792643027d7e691e6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/0dccbb93538fe89a86c6de31d4b1c8c560848eaa",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/1a4371db68a31076afbe56ecce34fbbe6c80c529",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/3c652f6fa1e1f9f02c3fbf359d260ad153ec5f90",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/43a202bd552976497474ae144942e32cc5f34d7e",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/50c70240097ce41fe6bce6478b80478281e4d0f7",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/64ba01a365980755732972523600a961c4266b75",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/d9e3763a505e50ba3bd22846f2a8db99429fb857",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/e08c2a8d27e989f0f5b0888792643027d7e691e6",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.19.308",
"matchCriteriaId": "B6FB6042-3E0F-4A36-8DED-B3C350612BDC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.270",
"matchCriteriaId": "5D8044B1-C7E8-44A4-9F03-A4D7BCDB1721"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.211",
"matchCriteriaId": "7DDA4DCF-671D-415D-94DF-6E3C77DF0704"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.150",
"matchCriteriaId": "CB6C60DE-9E0C-46C5-904D-D4F4031F8E95"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.80",
"matchCriteriaId": "BA7850CE-97C9-4408-A348-6173296BCA2B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.19",
"matchCriteriaId": "8D82004C-B2AE-4048-9344-32EFF65953B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.7.7",
"matchCriteriaId": "575EE16B-67F2-4B5B-B5F8-1877715C898B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9F4EA73-0894-400F-A490-3A397AB7A517"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc2:*:*:*:*:*:*",
"matchCriteriaId": "056BD938-0A27-4569-B391-30578B309EE3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc3:*:*:*:*:*:*",
"matchCriteriaId": "F02056A5-B362-4370-9FF8-6F0BD384D520"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc4:*:*:*:*:*:*",
"matchCriteriaId": "62075ACE-B2A0-4B16-829D-B3DA5AE5CC41"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc5:*:*:*:*:*:*",
"matchCriteriaId": "A780F817-2A77-4130-A9B7-5C25606314E3"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/0dccbb93538fe89a86c6de31d4b1c8c560848eaa",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/1a4371db68a31076afbe56ecce34fbbe6c80c529",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3c652f6fa1e1f9f02c3fbf359d260ad153ec5f90",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/43a202bd552976497474ae144942e32cc5f34d7e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/50c70240097ce41fe6bce6478b80478281e4d0f7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/64ba01a365980755732972523600a961c4266b75",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d9e3763a505e50ba3bd22846f2a8db99429fb857",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e08c2a8d27e989f0f5b0888792643027d7e691e6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/0dccbb93538fe89a86c6de31d4b1c8c560848eaa",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/1a4371db68a31076afbe56ecce34fbbe6c80c529",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3c652f6fa1e1f9f02c3fbf359d260ad153ec5f90",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/43a202bd552976497474ae144942e32cc5f34d7e",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/50c70240097ce41fe6bce6478b80478281e4d0f7",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/64ba01a365980755732972523600a961c4266b75",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d9e3763a505e50ba3bd22846f2a8db99429fb857",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e08c2a8d27e989f0f5b0888792643027d7e691e6",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
}
]
}

329
CVE-2024/CVE-2024-267xx/CVE-2024-26764.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26764",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-03T17:15:52.580",
"lastModified": "2024-11-21T09:03:01.100",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-18T16:36:22.457",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,79 +15,268 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: fs/aio: restringe kiocb_set_cancel_fn() a E/S enviadas a trav\u00e9s de libaio. Si se llama a kiocb_set_cancel_fn() para E/S enviadas a trav\u00e9s de io_uring, aparece la siguiente advertencia del kernel: ADVERTENCIA: CPU : 3 PID: 368 en fs/aio.c:598 kiocb_set_cancel_fn+0x9c/0xa8 Rastreo de llamadas: kiocb_set_cancel_fn+0x9c/0xa8 ffs_epfile_read_iter+0x144/0x1d0 io_read+0x19c/0x498 io_issue_sqe+0x118/0x27c io_submit_sqes+0x25c/0x5fc __arm64_sys_io_uring_enter+0x104/ 0xab0 invoke_syscall+0x58/0x11c el0_svc_common+0xb4/0xf4 do_el0_svc+0x2c/0xb0 el0_svc+0x2c/0xa4 el0t_64_sync_handler+0x68/0xb4 el0t_64_sync+0x1a4/0x1a8 Solucionar esto configurando el IOC Bandera B_AIO_RW para E/S de lectura y escritura enviada por libaio ."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/18f614369def2a11a52f569fe0f910b199d13487",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 3.3,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
{
"url": "https://git.kernel.org/stable/c/1dc7d74fe456944a9b1c57bd776280249f441ac6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/337b543e274fe7a8f47df3c8293cc6686ffa620f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/b4eea7a05ee0ab5ab0514421e6ba8c5d249cf942",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b820de741ae48ccf50dd95e297889c286ff4f760",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d7b6fa97ec894edd02f64b83e5e72e1aa352f353",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e7e23fc5d5fe422827c9a43ecb579448f73876c7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ea1cd64d59f22d6d13f367d62ec6e27b9344695f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/18f614369def2a11a52f569fe0f910b199d13487",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/1dc7d74fe456944a9b1c57bd776280249f441ac6",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/337b543e274fe7a8f47df3c8293cc6686ffa620f",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/b4eea7a05ee0ab5ab0514421e6ba8c5d249cf942",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/b820de741ae48ccf50dd95e297889c286ff4f760",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/d7b6fa97ec894edd02f64b83e5e72e1aa352f353",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/e7e23fc5d5fe422827c9a43ecb579448f73876c7",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/ea1cd64d59f22d6d13f367d62ec6e27b9344695f",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.19.308",
"matchCriteriaId": "B6FB6042-3E0F-4A36-8DED-B3C350612BDC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.270",
"matchCriteriaId": "5D8044B1-C7E8-44A4-9F03-A4D7BCDB1721"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.211",
"matchCriteriaId": "7DDA4DCF-671D-415D-94DF-6E3C77DF0704"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.150",
"matchCriteriaId": "CB6C60DE-9E0C-46C5-904D-D4F4031F8E95"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.80",
"matchCriteriaId": "BA7850CE-97C9-4408-A348-6173296BCA2B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.19",
"matchCriteriaId": "8D82004C-B2AE-4048-9344-32EFF65953B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.7.7",
"matchCriteriaId": "575EE16B-67F2-4B5B-B5F8-1877715C898B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9F4EA73-0894-400F-A490-3A397AB7A517"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc2:*:*:*:*:*:*",
"matchCriteriaId": "056BD938-0A27-4569-B391-30578B309EE3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc3:*:*:*:*:*:*",
"matchCriteriaId": "F02056A5-B362-4370-9FF8-6F0BD384D520"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc4:*:*:*:*:*:*",
"matchCriteriaId": "62075ACE-B2A0-4B16-829D-B3DA5AE5CC41"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc5:*:*:*:*:*:*",
"matchCriteriaId": "A780F817-2A77-4130-A9B7-5C25606314E3"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/18f614369def2a11a52f569fe0f910b199d13487",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/1dc7d74fe456944a9b1c57bd776280249f441ac6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/337b543e274fe7a8f47df3c8293cc6686ffa620f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b4eea7a05ee0ab5ab0514421e6ba8c5d249cf942",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b820de741ae48ccf50dd95e297889c286ff4f760",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d7b6fa97ec894edd02f64b83e5e72e1aa352f353",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e7e23fc5d5fe422827c9a43ecb579448f73876c7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ea1cd64d59f22d6d13f367d62ec6e27b9344695f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/18f614369def2a11a52f569fe0f910b199d13487",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/1dc7d74fe456944a9b1c57bd776280249f441ac6",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/337b543e274fe7a8f47df3c8293cc6686ffa620f",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b4eea7a05ee0ab5ab0514421e6ba8c5d249cf942",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b820de741ae48ccf50dd95e297889c286ff4f760",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d7b6fa97ec894edd02f64b83e5e72e1aa352f353",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e7e23fc5d5fe422827c9a43ecb579448f73876c7",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ea1cd64d59f22d6d13f367d62ec6e27b9344695f",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
}
]
}

176
CVE-2024/CVE-2024-267xx/CVE-2024-26765.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26765",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-03T17:15:52.633",
"lastModified": "2024-11-21T09:03:01.213",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-18T16:43:01.350",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,39 +15,155 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: LoongArch: deshabilite IRQ antes de init_fn() para CPU que no son de arranque. Deshabilite IRQ antes de init_fn() para CPU que no sean de arranque cuando se conectan en caliente, para silenciar dichas advertencias (y tambi\u00e9n evitar errores potenciales debido a problemas inesperados). interrupciones): ADVERTENCIA: CPU: 1 PID: 0 en kernel/rcu/tree.c:4503 rcu_cpu_starting+0x214/0x280 CPU: 1 PID: 0 Comm: swapper/1 No contaminado 6.6.17+ #1198 pc 90000000048e3334 ra 90000000047bd56c tp 900000010039c000 sp 900000010039fdd0 a0 0000000000000001 a1 0000000000000006 a2 900000000802c040 a3 0000000000000000 a4 00000000000 00001 a5 0000000000000004 a6 00000000000000000 a7 90000000048e3f4c t0 0000000000000001 t1 9000000005c70968 t2 0000000004000000 t3 000 000000005e56e t4 00000000000002e4 t5 0000000000001000 t6 ffffffff80000000 t7 000000000004000040000 t8 9000000007931638 u0 00000000000000006 s 9 0000000000000004 s0 0000000000000001 s1 9000000006356ac0 s2 9000000007244000 s3 0000000000000001 s4 0000000000000001 s5 900000000636f000 s6 7ffffffffffffffff s7 9000000002123940 s8 9000000001ca55f8 ra: 90000000047bd56c tlb_init+0x24c/0x52 8 ERA: 90000000048e3334 rcu_cpu_starting+0x214/0x280 CRMD: 000000b0 (PLV0 -IE -DA +PG DACF=CC DACM=CC -WE) PRMD: 00000000 (PPLV0 -PIE -PWE) EUEN: 00000000 (-FPE -SXE -ASXE -BTE) ECFG: 00071000 (LIE=12 VS=7) ESTAT: 000c0000 [BRK] (IS= ECode=12 EssubCode=0) PRID: 0014c010 (Loongson -64 bits, Loongson-3A5000) CPU: 1 PID: 0 Comunicaciones: intercambiador/1 No contaminado 6.6.17+ #1198 Pila: 0000000000000000 9000000006375000 9000000005b61878 900000010039c000 9000 00010039fa30 0000000000000000 900000010039fa38 900000000619a140 9000000006456888 9000000006456880 900000010039f950 0000000000000 0001 0000000000000001 cb0cb028ec7e52e1 0000000002b90000 9000000100348700 00000000000000000 000000000000000001 ffffffff916d12f1 00000000 00000003 0000000000040000 9000000007930370 0000000002b90000 0000000000000004 9000000006366000 900000000619a140 0000000000000000 00000000000000004 0000000000000000 0000 000000000009 ffffffffffc681f2 9000000002123940 9000000001ca55f8 9000000006366000 90000000047a4828 00007ffff057ded8 00000000000000b0 000 0000000000000 0000000000000000 0000000000071000 ... Seguimiento de llamadas: [<90000000047a4828>] show_stack+0x48/0x1a0 [<9000000005b61874>] dump_stack_lvl+0x84/0xcc [< 90000000047f60ac>] __advertir +0x8c/0x1e0 [<9000000005b0ab34>] report_bug+0x1b4/0x280 [<9000000005b63110>] do_bp+0x2d0/0x480 [<90000000047a2e20>] handle_bp+0x120/0x1c0 [<90000 000048e3334>] rcu_cpu_starting+0x214/0x280 [<90000000047bd568>] tlb_init +0x248/0x528 [<90000000047a4c44>] per_cpu_trap_init+0x124/0x160 [<90000000047a19f4>] cpu_probe+0x494/0xa00 [<90000000047b551c>] start_secondary+0x3c/0xc0 [ <9000000005b66134>] smpboot_entry+0x50/0x58"
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/1001db6c42e4012b55e5ee19405490f23e033b5a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/8bf2ca8c60712af288b88ba80f8e4df4573d923f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/a262b78dd085dbe9b3c75dc1d9c4cd102b110b53",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/dffdf7c783ef291eef38a5a0037584fd1a7fa464",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/1001db6c42e4012b55e5ee19405490f23e033b5a",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/8bf2ca8c60712af288b88ba80f8e4df4573d923f",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/a262b78dd085dbe9b3c75dc1d9c4cd102b110b53",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/dffdf7c783ef291eef38a5a0037584fd1a7fa464",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.80",
"matchCriteriaId": "68B819D6-60AD-446F-A1CF-814A2ADCB42C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.19",
"matchCriteriaId": "8D82004C-B2AE-4048-9344-32EFF65953B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.7.7",
"matchCriteriaId": "575EE16B-67F2-4B5B-B5F8-1877715C898B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9F4EA73-0894-400F-A490-3A397AB7A517"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc2:*:*:*:*:*:*",
"matchCriteriaId": "056BD938-0A27-4569-B391-30578B309EE3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc3:*:*:*:*:*:*",
"matchCriteriaId": "F02056A5-B362-4370-9FF8-6F0BD384D520"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc4:*:*:*:*:*:*",
"matchCriteriaId": "62075ACE-B2A0-4B16-829D-B3DA5AE5CC41"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc5:*:*:*:*:*:*",
"matchCriteriaId": "A780F817-2A77-4130-A9B7-5C25606314E3"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/1001db6c42e4012b55e5ee19405490f23e033b5a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8bf2ca8c60712af288b88ba80f8e4df4573d923f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a262b78dd085dbe9b3c75dc1d9c4cd102b110b53",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/dffdf7c783ef291eef38a5a0037584fd1a7fa464",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/1001db6c42e4012b55e5ee19405490f23e033b5a",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8bf2ca8c60712af288b88ba80f8e4df4573d923f",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a262b78dd085dbe9b3c75dc1d9c4cd102b110b53",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/dffdf7c783ef291eef38a5a0037584fd1a7fa464",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

314
CVE-2024/CVE-2024-267xx/CVE-2024-26773.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26773",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-03T17:15:53.080",
"lastModified": "2024-11-21T09:03:02.380",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-18T16:47:14.460",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,79 +15,253 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: ext4: evite asignar bloques de un grupo da\u00f1ado en ext4_mb_try_best_found() Determine si el mapa de bits del bloque del grupo est\u00e1 da\u00f1ado antes de usar ac_b_ex en ext4_mb_try_best_found() para evitar asignar bloques de un grupo con un bloque da\u00f1ado mapa de bits en la siguiente concurrencia y empeorando la situaci\u00f3n. ext4_mb_regular_allocator ext4_lock_group(sb, group) ext4_mb_good_group // verifica si el bbitmap del grupo est\u00e1 da\u00f1ado ext4_mb_complex_scan_group // El grupo de escaneo obtiene ac_b_ex pero no lo usa ext4_unlock_group(sb, group) ext4_mark_group_bitmap_corrupted(group) // El mapa de bits del bloque se corrompi\u00f3 durante // el grupo desbloquea la brecha. ext4_mb_try_best_found ext4_lock_group(ac->ac_sb, group) ext4_mb_use_best_found mb_mark_used // Asignaci\u00f3n de bloques en un grupo da\u00f1ado de mapa de bits de bloques"
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/0184747b552d6b5a14db3b7fcc3b792ce64dedd1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/21f8cfe79f776287459343e9cfa6055af61328ea",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/260fc96283c0f594de18a1b045faf6d8fb42874d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/4530b3660d396a646aad91a787b6ab37cf604b53",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/4c21fa60a6f4606f6214a38f50612b17b2f738f5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/927794a02169778c9c2e7b25c768ab3ea8c1dc03",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a2576ae9a35c078e488f2c573e9e6821d651fbbe",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f97e75fa4e12b0aa0224e83fcbda8853ac2adf36",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/0184747b552d6b5a14db3b7fcc3b792ce64dedd1",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/21f8cfe79f776287459343e9cfa6055af61328ea",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/260fc96283c0f594de18a1b045faf6d8fb42874d",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/4530b3660d396a646aad91a787b6ab37cf604b53",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/4c21fa60a6f4606f6214a38f50612b17b2f738f5",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/927794a02169778c9c2e7b25c768ab3ea8c1dc03",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/a2576ae9a35c078e488f2c573e9e6821d651fbbe",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/f97e75fa4e12b0aa0224e83fcbda8853ac2adf36",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.19.308",
"matchCriteriaId": "B6FB6042-3E0F-4A36-8DED-B3C350612BDC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.270",
"matchCriteriaId": "5D8044B1-C7E8-44A4-9F03-A4D7BCDB1721"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.211",
"matchCriteriaId": "7DDA4DCF-671D-415D-94DF-6E3C77DF0704"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.150",
"matchCriteriaId": "CB6C60DE-9E0C-46C5-904D-D4F4031F8E95"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.80",
"matchCriteriaId": "BA7850CE-97C9-4408-A348-6173296BCA2B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.19",
"matchCriteriaId": "8D82004C-B2AE-4048-9344-32EFF65953B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.7.7",
"matchCriteriaId": "575EE16B-67F2-4B5B-B5F8-1877715C898B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9F4EA73-0894-400F-A490-3A397AB7A517"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc2:*:*:*:*:*:*",
"matchCriteriaId": "056BD938-0A27-4569-B391-30578B309EE3"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/0184747b552d6b5a14db3b7fcc3b792ce64dedd1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/21f8cfe79f776287459343e9cfa6055af61328ea",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/260fc96283c0f594de18a1b045faf6d8fb42874d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4530b3660d396a646aad91a787b6ab37cf604b53",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4c21fa60a6f4606f6214a38f50612b17b2f738f5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/927794a02169778c9c2e7b25c768ab3ea8c1dc03",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a2576ae9a35c078e488f2c573e9e6821d651fbbe",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f97e75fa4e12b0aa0224e83fcbda8853ac2adf36",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/0184747b552d6b5a14db3b7fcc3b792ce64dedd1",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/21f8cfe79f776287459343e9cfa6055af61328ea",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/260fc96283c0f594de18a1b045faf6d8fb42874d",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4530b3660d396a646aad91a787b6ab37cf604b53",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4c21fa60a6f4606f6214a38f50612b17b2f738f5",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/927794a02169778c9c2e7b25c768ab3ea8c1dc03",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a2576ae9a35c078e488f2c573e9e6821d651fbbe",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f97e75fa4e12b0aa0224e83fcbda8853ac2adf36",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
]
}
]
}

174
CVE-2024/CVE-2024-267xx/CVE-2024-26780.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26780",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-04T09:15:07.903",
"lastModified": "2024-11-21T09:03:03.370",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-18T16:52:16.970",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,47 +15,145 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: af_unix: se corrigi\u00f3 la tarea bloqueada al purgar oob_skb en GC. syzbot inform\u00f3 que se hab\u00eda colgado una tarea; al mismo tiempo, GC hac\u00eda un bucle infinito en list_for_each_entry_safe() para OOB skb. [0] syzbot demostr\u00f3 que list_for_each_entry_safe() en realidad no era seguro en este caso. Un solo skb podr\u00eda tener referencias para m\u00faltiples sockets. Si liberamos dicho skb en list_for_each_entry_safe(), los sockets actual y siguiente podr\u00edan desvincularse en una sola iteraci\u00f3n. unix_notinflight() usa list_del_init() para desvincular el socket, por lo que el siguiente socket precargado forma un bucle y list_for_each_entry_safe() nunca se detiene. Aqu\u00ed, debemos usar while() y asegurarnos de buscar siempre el primer socket. [0]: Env\u00edo de NMI desde la CPU 0 a las CPU 1: seguimiento de NMI para la CPU 1 CPU: 1 PID: 5065 Comm: syz-executor236 Not tainted 6.8.0-rc3-syzkaller-00136-g1f719a2f3fa6 #0 Nombre del hardware: Google Google Compute Engine/Google Compute Engine, BIOS Google 25/01/2024 RIP: 0010:preempt_count arch/x86/include/asm/preempt.h:26 [en l\u00ednea] RIP: 0010:check_kcov_mode kernel/kcov.c:173 [en l\u00ednea] RIP : 0010:__sanitizer_cov_trace_pc+0xd/0x60 kernel/kcov.c:207 C\u00f3digo: cc cc cc cc 66 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 65 48 8b 14 25 40 c2 03 00 <65> 8b 05 b4 7c 78 7e a9 00 01 ff 00 48 8b 34 24 74 0f f6 c4 01 74 RSP: 0018:ffffc900033efa58 EFLAGS: 00000283 RAX: ffff88807b077800 RBX: ffff88807b077800 RCX: 1ffffffff27b1189 RDX: ffff88802a5a3b80 RSI: ffffffff8968488d RDI: ffff88807b077f70 RBP: ffffc900033efbb0 R08: 00000000000000001 R09: ffffbfff27a900c R10: ffffffff93d48067 R11: ffffffff8ae000eb R12: ffff88807b077800 R13: dffffc0000000000 R14: ffff88807b077e40 R15: 00000000000000001 FS: 0000000000000000(0000) GS:ffff888 0b9500000(0000) knlGS: 0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000564f4fc1e3a8 CR3: 000000000d57a000 CR4: 00000000003506f0 DR0: 00 00000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Seguimiento de llamadas: unix_gc+0x563/0x13b0 net/unix/garbage.c:319 unix_release_sock+0xa93/0xf80 net/unix/af_unix.c:683 unix_release+0x91/0xf0 net/unix/af_unix.c:1064 __sock_release+0xb0/0x270 net/socket.c:659 sock_close+0x1c/0x30 net/socket.c:1421 __fput+0x270/0xb80 fs/file_table.c:376 task_work_run+0x14f/0x250 kernel/task_work.c:180 exit_task_work include/linux/task_work. h:38 [en l\u00ednea] do_exit+0xa8a/0x2ad0 kernel/exit.c:871 do_group_exit+0xd4/0x2a0 kernel/exit.c:1020 __do_sys_exit_group kernel/exit.c:1031 [en l\u00ednea] __se_sys_exit_group kernel/exit.c:1029 [ en l\u00ednea] __x64_sys_exit_group+0x3e/0x50 kernel/exit.c:1029 do_syscall_x64 arch/x86/entry/common.c:52 [en l\u00ednea] do_syscall_64+0xd5/0x270 arch/x86/entry/common.c:83 Entry_SYSCALL_64_after_hwframe+0x6f/ 0x77 RIP: 0033:0x7f9d6cbdac09 C\u00f3digo: No se puede acceder a los bytes del c\u00f3digo de operaci\u00f3n en 0x7f9d6cbdabdf. RSP: 002b:00007fff5952feb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 RAX: ffffffffffffffda RBX: 00000000000000000 RCX: 00007f9d6cbdac09 RDX: 00000000 0000003c RSI: 00000000000000e7 RDI: 00000000000000000 RBP: 00007f9d6cc552b0 R08: ffffffffffffffffb8 R09: 0000000000000006 R10: 00000000000000006 R1 1: 0000000000000246 R12: 00007f9d6cc552b0 R13: 0000000000000000 R14: 00007f9d6cc55d00 R15: 00007f9d6cbabe70 "
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/25236c91b5ab4a26a56ba2e79b8060cf4e047839",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/2a3d40b4025fcfe51b04924979f1653993b17669",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/36f7371de977f805750748e80279be7e370df85c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/69e0f04460f4037e01e29f0d9675544f62aafca3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/cb8890318dde26fc89c6ea67d6e9070ab50b6e91",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/25236c91b5ab4a26a56ba2e79b8060cf4e047839",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/2a3d40b4025fcfe51b04924979f1653993b17669",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/36f7371de977f805750748e80279be7e370df85c",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/69e0f04460f4037e01e29f0d9675544f62aafca3",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/cb8890318dde26fc89c6ea67d6e9070ab50b6e91",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "CWE-835"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.1.78",
"versionEndExcluding": "6.1.81",
"matchCriteriaId": "85752186-97BF-451B-A0A1-B9181CD9F5D5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.6.17",
"versionEndExcluding": "6.6.21",
"matchCriteriaId": "4E553753-6598-4B25-B84D-3DB82F691AFC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7.5",
"versionEndExcluding": "6.7.9",
"matchCriteriaId": "EF2110E3-BADE-4676-95D2-56D0C24589C1"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/25236c91b5ab4a26a56ba2e79b8060cf4e047839",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/2a3d40b4025fcfe51b04924979f1653993b17669",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/36f7371de977f805750748e80279be7e370df85c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/69e0f04460f4037e01e29f0d9675544f62aafca3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/cb8890318dde26fc89c6ea67d6e9070ab50b6e91",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/25236c91b5ab4a26a56ba2e79b8060cf4e047839",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/2a3d40b4025fcfe51b04924979f1653993b17669",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/36f7371de977f805750748e80279be7e370df85c",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/69e0f04460f4037e01e29f0d9675544f62aafca3",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/cb8890318dde26fc89c6ea67d6e9070ab50b6e91",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

153
CVE-2024/CVE-2024-267xx/CVE-2024-26783.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26783",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-04T09:15:08.077",
"lastModified": "2024-11-21T09:03:03.733",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-18T16:53:41.060",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,31 +15,140 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: mm/vmscan: corrige un error al llamar a wakeup_kswapd() con un \u00edndice de zona incorrecto Con el equilibrio numa activado, cuando se ejecuta un SYSTEM numa donde un nodo numa no tiene su memoria local por lo que no tiene zonas administradas, se ha observado lo siguiente. Es porque se llama a wakeup_kswapd() con un \u00edndice de zona incorrecto, -1. Se solucion\u00f3 verificando el \u00edndice antes de llamar a wakeup_kswapd(). > ERROR: no se puede manejar el error de p\u00e1gina para la direcci\u00f3n: 00000000000033f3 > #PF: acceso de lectura del supervisor en modo kernel > #PF: error_code(0x0000) - p\u00e1gina no presente > PGD 0 P4D 0 > Ups: 0000 [#1] SMP PREEMPT NOPTI > CPU: 2 PID: 895 Comm: masim Not tainted 6.6.0-dirty #255 > Nombre del hardware: PC est\u00e1ndar QEMU (i440FX + PIIX, 1996), BIOS > rel-1.16.0-0-gd239552ce722-prebuilt.qemu .org 01/04/2014 > RIP: 0010:wakeup_kswapd (./linux/mm/vmscan.c:7812) > C\u00f3digo: (omitido) > RSP: 0000:ffffc90004257d58 EFLAGS: 00010286 > RAX: ffffffffffffffff RBX: ffff88883f ff0480RCX: 0000000000000003 > RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88883fff0480 > RBP: ffffffffffffffff R08: ff0003ffffffffff R09: ffffffffffffffff > R10: ff ff888106c95540 R11: 0000000055555554 R12: 0000000000000003 > R13: 0000000000000000 R14: 00000000000000000 R15: ffff88883fff0940 > FS: 0000 7fc4b8124740(0000) GS: ffff888827c00000(0000) knlGS:0000000000000000 > CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 > CR2: 00000000000033f3 CR3: 000000026cc08004 CR4: 0000000000770ee0 > DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 > DR3: 00000000000000000 DR6: 00000000ffe0ff0 DR7: 000 0000000000400 > PKRU: 55555554 > Rastreo de llamadas: > > ? __morir > ? page_fault_oops > ? __pte_offset_map_lock > ? exc_page_fault > ? asm_exc_page_fault > ? wakeup_kswapd > migrar_misplaced_page > __handle_mm_fault > handle_mm_fault > do_user_addr_fault > exc_page_fault > asm_exc_page_fault > RIP: 0033:0x55b897ba0808 > C\u00f3digo: (omitido) > RSP: 002b:00007ffeefa821a0 EFLAGS: 00 010287 > RAX: 000055b89983acd0 RBX: 00007ffeefa823f8 RCX: 000055b89983acd0 > RDX: 00007fc2f8122010 RSI: 0000000000020000 RDI: 000055b89983acd0 > RBP: 00007ffeefa821a0 R08: 0000000000000037 R09: 00000000000000075 > R10: 0000000000000000 R11: 0 000000000000202 R12: 0000000000000000 > R13: 00007ffeefa82410 R14: 000055b897ba5dd8 R15: 00007fc4b8340000 > "
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/2774f256e7c0219e2b0a0894af1c76bdabc4f974",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/bdd21eed8b72f9e28d6c279f6db258e090c79080",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/d6159bd4c00594249e305bfe02304c67c506264e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/2774f256e7c0219e2b0a0894af1c76bdabc4f974",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/bdd21eed8b72f9e28d6c279f6db258e090c79080",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://git.kernel.org/stable/c/d6159bd4c00594249e305bfe02304c67c506264e",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.18",
"versionEndExcluding": "6.6.22",
"matchCriteriaId": "A6D9B00F-1C32-42E5-A982-2FB0E9273753"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.7.9",
"matchCriteriaId": "1C538467-EDA0-4A9A-82EB-2925DE9FF827"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9F4EA73-0894-400F-A490-3A397AB7A517"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc2:*:*:*:*:*:*",
"matchCriteriaId": "056BD938-0A27-4569-B391-30578B309EE3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc3:*:*:*:*:*:*",
"matchCriteriaId": "F02056A5-B362-4370-9FF8-6F0BD384D520"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc4:*:*:*:*:*:*",
"matchCriteriaId": "62075ACE-B2A0-4B16-829D-B3DA5AE5CC41"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc5:*:*:*:*:*:*",
"matchCriteriaId": "A780F817-2A77-4130-A9B7-5C25606314E3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc6:*:*:*:*:*:*",
"matchCriteriaId": "AEB9199B-AB8F-4877-8964-E2BA95B5F15C"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/2774f256e7c0219e2b0a0894af1c76bdabc4f974",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/bdd21eed8b72f9e28d6c279f6db258e090c79080",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d6159bd4c00594249e305bfe02304c67c506264e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/2774f256e7c0219e2b0a0894af1c76bdabc4f974",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/bdd21eed8b72f9e28d6c279f6db258e090c79080",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d6159bd4c00594249e305bfe02304c67c506264e",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

12
CVE-2024/CVE-2024-273xx/CVE-2024-27382.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-27382",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-06-05T19:15:14.957",
"lastModified": "2024-11-21T09:04:29.837",
"lastModified": "2025-03-18T16:15:21.107",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-125"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [

60
CVE-2024/CVE-2024-279xx/CVE-2024-27953.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-27953",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-03-13T17:15:48.993",
"lastModified": "2024-11-21T09:05:29.663",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-18T15:20:11.773",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.2,
"impactScore": 3.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.2,
"impactScore": 3.4
}
]
},
@ -51,14 +71,38 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://patchstack.com/database/vulnerability/cryptocurrency-price-ticker-widget/wordpress-cryptocurrency-widgets-plugin-2-6-8-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
},
"nodes": [
{
"url": "https://patchstack.com/database/vulnerability/cryptocurrency-price-ticker-widget/wordpress-cryptocurrency-widgets-plugin-2-6-8-broken-access-control-vulnerability?_s_id=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:coolplugins:cryptocurrency_widgets:*:*:*:*:free:wordpress:*:*",
"versionEndExcluding": "2.6.9",
"matchCriteriaId": "6F78E719-F36B-4379-B92E-5FDD05ADB1E4"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/cryptocurrency-price-ticker-widget/wordpress-cryptocurrency-widgets-plugin-2-6-8-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://patchstack.com/database/vulnerability/cryptocurrency-price-ticker-widget/wordpress-cryptocurrency-widgets-plugin-2-6-8-broken-access-control-vulnerability?_s_id=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

22
CVE-2024/CVE-2024-28xx/CVE-2024-2885.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2885",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2024-03-26T21:15:53.220",
"lastModified": "2024-12-19T16:04:04.557",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-18T16:15:21.350",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -42,11 +42,11 @@
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
@ -54,7 +54,7 @@
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.6,
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
@ -69,6 +69,16 @@
"value": "CWE-416"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [

32
CVE-2024/CVE-2024-297xx/CVE-2024-29785.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-29785",
"sourceIdentifier": "dsap-vuln-management@google.com",
"published": "2024-06-13T21:15:52.180",
"lastModified": "2024-11-21T09:08:19.567",
"lastModified": "2025-03-18T15:15:48.267",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-908"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-908"
}
]
}
],
"configurations": [

63
CVE-2024/CVE-2024-298xx/CVE-2024-29831.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-29831",
"sourceIdentifier": "security@apache.org",
"published": "2024-08-12T13:38:18.560",
"lastModified": "2024-11-21T09:08:25.767",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-18T15:56:38.357",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -49,16 +69,51 @@
"value": "CWE-20"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:dolphinscheduler:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.2",
"matchCriteriaId": "CA3F4CF0-C52D-4EC7-AEA3-4B49F30F0B9C"
}
]
}
]
}
],
"references": [
{
"url": "https://lists.apache.org/thread/x1ch0x5om3srtbnp7rtsvdszho3mdrq0",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/08/09/6",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
]
}
]
}

51
CVE-2024/CVE-2024-318xx/CVE-2024-31805.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-31805",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-08T13:15:08.500",
"lastModified": "2024-11-21T09:13:54.427",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-18T16:04:21.413",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,51 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/4hsien/CVE-vulns/blob/main/TOTOLINK/EX200/CI_5_setTelnetCfg/CI.md",
"source": "cve@mitre.org"
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:totolink:ex200_firmware:4.0.3c.7646_b20201211:*:*:*:*:*:*:*",
"matchCriteriaId": "DFAA2333-6AF0-4F2C-8695-0DE2024C634E"
}
]
},
{
"url": "https://github.com/4hsien/CVE-vulns/blob/main/TOTOLINK/EX200/CI_5_setTelnetCfg/CI.md",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:totolink:ex200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCFDF09E-D255-4F5B-A099-71EE37A56492"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/4hsien/CVE-vulns/blob/main/TOTOLINK/EX200/CI_5_setTelnetCfg/CI.md",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/4hsien/CVE-vulns/blob/main/TOTOLINK/EX200/CI_5_setTelnetCfg/CI.md",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

49
CVE-2024/CVE-2024-318xx/CVE-2024-31806.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-31806",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-08T13:15:08.550",
"lastModified": "2025-03-13T14:15:25.800",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-18T16:04:16.430",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,49 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/4hsien/CVE-vulns/blob/main/TOTOLINK/EX200/DoS_RebootSystem/DoS.md",
"source": "cve@mitre.org"
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:totolink:ex200_firmware:4.0.3c.7646_b20201211:*:*:*:*:*:*:*",
"matchCriteriaId": "DFAA2333-6AF0-4F2C-8695-0DE2024C634E"
}
]
},
{
"url": "https://github.com/4hsien/CVE-vulns/blob/main/TOTOLINK/EX200/DoS_RebootSystem/DoS.md",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:totolink:ex200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCFDF09E-D255-4F5B-A099-71EE37A56492"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/4hsien/CVE-vulns/blob/main/TOTOLINK/EX200/DoS_RebootSystem/DoS.md",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/4hsien/CVE-vulns/blob/main/TOTOLINK/EX200/DoS_RebootSystem/DoS.md",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2024/CVE-2024-318xx/CVE-2024-31807.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-31807",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-08T13:15:08.603",
"lastModified": "2024-11-21T09:13:54.877",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-18T16:04:11.190",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,51 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/4hsien/CVE-vulns/blob/main/TOTOLINK/EX200/CI_2_NTPSyncWithHost/CI.md",
"source": "cve@mitre.org"
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:totolink:ex200_firmware:4.0.3c.7646_b20201211:*:*:*:*:*:*:*",
"matchCriteriaId": "DFAA2333-6AF0-4F2C-8695-0DE2024C634E"
}
]
},
{
"url": "https://github.com/4hsien/CVE-vulns/blob/main/TOTOLINK/EX200/CI_2_NTPSyncWithHost/CI.md",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:totolink:ex200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCFDF09E-D255-4F5B-A099-71EE37A56492"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/4hsien/CVE-vulns/blob/main/TOTOLINK/EX200/CI_2_NTPSyncWithHost/CI.md",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/4hsien/CVE-vulns/blob/main/TOTOLINK/EX200/CI_2_NTPSyncWithHost/CI.md",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

51
CVE-2024/CVE-2024-318xx/CVE-2024-31808.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-31808",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-08T13:15:08.650",
"lastModified": "2024-11-21T09:13:55.113",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-18T16:04:05.817",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,51 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/4hsien/CVE-vulns/blob/main/TOTOLINK/EX200/CI_3_setWebWlanIdx/CI.md",
"source": "cve@mitre.org"
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:totolink:ex200_firmware:4.0.3c.7646_b20201211:*:*:*:*:*:*:*",
"matchCriteriaId": "DFAA2333-6AF0-4F2C-8695-0DE2024C634E"
}
]
},
{
"url": "https://github.com/4hsien/CVE-vulns/blob/main/TOTOLINK/EX200/CI_3_setWebWlanIdx/CI.md",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:totolink:ex200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCFDF09E-D255-4F5B-A099-71EE37A56492"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/4hsien/CVE-vulns/blob/main/TOTOLINK/EX200/CI_3_setWebWlanIdx/CI.md",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/4hsien/CVE-vulns/blob/main/TOTOLINK/EX200/CI_3_setWebWlanIdx/CI.md",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

51
CVE-2024/CVE-2024-318xx/CVE-2024-31809.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-31809",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-08T13:15:08.700",
"lastModified": "2024-11-21T09:13:55.333",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-18T16:03:53.180",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,51 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/4hsien/CVE-vulns/blob/main/TOTOLINK/EX200/CI_4_setUpgradeFW/CI.md",
"source": "cve@mitre.org"
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:totolink:ex200_firmware:4.0.3c.7646_b20201211:*:*:*:*:*:*:*",
"matchCriteriaId": "DFAA2333-6AF0-4F2C-8695-0DE2024C634E"
}
]
},
{
"url": "https://github.com/4hsien/CVE-vulns/blob/main/TOTOLINK/EX200/CI_4_setUpgradeFW/CI.md",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:totolink:ex200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCFDF09E-D255-4F5B-A099-71EE37A56492"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/4hsien/CVE-vulns/blob/main/TOTOLINK/EX200/CI_4_setUpgradeFW/CI.md",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/4hsien/CVE-vulns/blob/main/TOTOLINK/EX200/CI_4_setUpgradeFW/CI.md",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

51
CVE-2024/CVE-2024-318xx/CVE-2024-31811.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-31811",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-08T13:15:08.750",
"lastModified": "2024-11-21T09:13:55.707",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-18T16:03:42.680",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,51 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/4hsien/CVE-vulns/blob/main/TOTOLINK/EX200/CI_1_setLanguageCfg/CI.md",
"source": "cve@mitre.org"
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:totolink:ex200_firmware:4.0.3c.7646_b20201211:*:*:*:*:*:*:*",
"matchCriteriaId": "DFAA2333-6AF0-4F2C-8695-0DE2024C634E"
}
]
},
{
"url": "https://github.com/4hsien/CVE-vulns/blob/main/TOTOLINK/EX200/CI_1_setLanguageCfg/CI.md",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:totolink:ex200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCFDF09E-D255-4F5B-A099-71EE37A56492"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/4hsien/CVE-vulns/blob/main/TOTOLINK/EX200/CI_1_setLanguageCfg/CI.md",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/4hsien/CVE-vulns/blob/main/TOTOLINK/EX200/CI_1_setLanguageCfg/CI.md",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

49
CVE-2024/CVE-2024-318xx/CVE-2024-31812.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-31812",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-08T13:15:08.800",
"lastModified": "2024-11-21T09:13:55.930",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-18T16:03:37.920",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,49 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/4hsien/CVE-vulns/blob/main/TOTOLINK/EX200/Leak_getWiFiExtenderConfig/Leak.md",
"source": "cve@mitre.org"
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:totolink:ex200_firmware:4.0.3c.7646_b20201211:*:*:*:*:*:*:*",
"matchCriteriaId": "DFAA2333-6AF0-4F2C-8695-0DE2024C634E"
}
]
},
{
"url": "https://github.com/4hsien/CVE-vulns/blob/main/TOTOLINK/EX200/Leak_getWiFiExtenderConfig/Leak.md",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:totolink:ex200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCFDF09E-D255-4F5B-A099-71EE37A56492"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/4hsien/CVE-vulns/blob/main/TOTOLINK/EX200/Leak_getWiFiExtenderConfig/Leak.md",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/4hsien/CVE-vulns/blob/main/TOTOLINK/EX200/Leak_getWiFiExtenderConfig/Leak.md",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

49
CVE-2024/CVE-2024-318xx/CVE-2024-31813.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-31813",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-08T13:15:08.840",
"lastModified": "2024-11-21T09:13:56.147",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-18T16:03:30.870",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,49 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/4hsien/CVE-vulns/blob/main/TOTOLINK/EX200/Missing_Authentication/missauth.md",
"source": "cve@mitre.org"
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:totolink:ex200_firmware:4.0.3c.7646_b20201211:*:*:*:*:*:*:*",
"matchCriteriaId": "DFAA2333-6AF0-4F2C-8695-0DE2024C634E"
}
]
},
{
"url": "https://github.com/4hsien/CVE-vulns/blob/main/TOTOLINK/EX200/Missing_Authentication/missauth.md",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:totolink:ex200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCFDF09E-D255-4F5B-A099-71EE37A56492"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/4hsien/CVE-vulns/blob/main/TOTOLINK/EX200/Missing_Authentication/missauth.md",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/4hsien/CVE-vulns/blob/main/TOTOLINK/EX200/Missing_Authentication/missauth.md",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2024/CVE-2024-318xx/CVE-2024-31814.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-31814",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-08T13:15:08.887",
"lastModified": "2024-11-21T09:13:56.373",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-18T16:03:02.557",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,51 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/4hsien/CVE-vulns/blob/main/TOTOLINK/EX200/Login_Bypass/bypass.md",
"source": "cve@mitre.org"
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:totolink:ex200_firmware:4.0.3c.7646_b20201211:*:*:*:*:*:*:*",
"matchCriteriaId": "DFAA2333-6AF0-4F2C-8695-0DE2024C634E"
}
]
},
{
"url": "https://github.com/4hsien/CVE-vulns/blob/main/TOTOLINK/EX200/Login_Bypass/bypass.md",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:totolink:ex200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCFDF09E-D255-4F5B-A099-71EE37A56492"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/4hsien/CVE-vulns/blob/main/TOTOLINK/EX200/Login_Bypass/bypass.md",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/4hsien/CVE-vulns/blob/main/TOTOLINK/EX200/Login_Bypass/bypass.md",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

49
CVE-2024/CVE-2024-318xx/CVE-2024-31816.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-31816",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-08T13:15:08.987",
"lastModified": "2024-11-21T09:13:56.820",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-18T16:02:17.737",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,49 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/4hsien/CVE-vulns/blob/main/TOTOLINK/EX200/Leak_getEasyWizardCfg/Leak.md",
"source": "cve@mitre.org"
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:totolink:ex200_firmware:4.0.3c.7646_b20201211:*:*:*:*:*:*:*",
"matchCriteriaId": "DFAA2333-6AF0-4F2C-8695-0DE2024C634E"
}
]
},
{
"url": "https://github.com/4hsien/CVE-vulns/blob/main/TOTOLINK/EX200/Leak_getEasyWizardCfg/Leak.md",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:totolink:ex200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCFDF09E-D255-4F5B-A099-71EE37A56492"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/4hsien/CVE-vulns/blob/main/TOTOLINK/EX200/Leak_getEasyWizardCfg/Leak.md",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/4hsien/CVE-vulns/blob/main/TOTOLINK/EX200/Leak_getEasyWizardCfg/Leak.md",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

98
CVE-2024/CVE-2024-340xx/CVE-2024-34092.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-34092",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-06T16:15:13.770",
"lastModified": "2024-11-21T09:18:04.823",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-18T15:22:43.557",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,23 +15,93 @@
"value": "Se descubri\u00f3 un problema en Archer Platform 6 antes del 2024.04. La autenticaci\u00f3n se manej\u00f3 mal porque el bloqueo no finaliz\u00f3 una sesi\u00f3n existente. 6.14 P3 (6.14.0.3) tambi\u00e9n es una versi\u00f3n corregida."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://archerirm.com",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
{
"url": "https://www.archerirm.community/t5/platform-announcements/archer-update-for-multiple-vulnerabilities/ta-p/720963",
"source": "cve@mitre.org"
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"url": "https://archerirm.com",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://www.archerirm.community/t5/platform-announcements/archer-update-for-multiple-vulnerabilities/ta-p/720963",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"lang": "en",
"value": "CWE-613"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:archerirm:archer:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.14.0.3",
"matchCriteriaId": "E4643898-6CFC-4F96-8564-BE6A46E7B75F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:archerirm:archer:2024.03:*:*:*:*:*:*:*",
"matchCriteriaId": "14B1EA5F-1E5D-4A30-88E5-4460188A7D19"
}
]
}
]
}
],
"references": [
{
"url": "https://archerirm.com",
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://www.archerirm.community/t5/platform-announcements/archer-update-for-multiple-vulnerabilities/ta-p/720963",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://archerirm.com",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://www.archerirm.community/t5/platform-announcements/archer-update-for-multiple-vulnerabilities/ta-p/720963",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

80
CVE-2024/CVE-2024-340xx/CVE-2024-34093.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-34093",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-06T16:15:13.817",
"lastModified": "2024-11-21T09:18:04.953",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-03-18T15:26:21.247",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
@ -51,22 +71,52 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://archerirm.com",
"source": "cve@mitre.org"
},
"nodes": [
{
"url": "https://www.archerirm.community/t5/platform-announcements/archer-update-for-multiple-vulnerabilities/ta-p/720963",
"source": "cve@mitre.org"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://archerirm.com",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.archerirm.community/t5/platform-announcements/archer-update-for-multiple-vulnerabilities/ta-p/720963",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"vulnerable": true,
"criteria": "cpe:2.3:a:archerirm:archer:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2024.03",
"matchCriteriaId": "FB9541F4-9921-4907-ABCF-EFB8B0674BCF"
}
]
}
]
}
],
"references": [
{
"url": "https://archerirm.com",
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://www.archerirm.community/t5/platform-announcements/archer-update-for-multiple-vulnerabilities/ta-p/720963",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://archerirm.com",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
]
},
{
"url": "https://www.archerirm.community/t5/platform-announcements/archer-update-for-multiple-vulnerabilities/ta-p/720963",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

14
CVE-2024/CVE-2024-354xx/CVE-2024-35426.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-35426",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-08T23:15:03.580",
"lastModified": "2024-11-12T15:35:05.420",
"lastModified": "2025-03-18T15:15:50.280",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"references": [
{
"url": "https://gist.github.com/haruki3hhh/9d2a5a139a8b72517009953d0ba7338c",

46
CVE-2024/CVE-2024-35xx/CVE-2024-3596.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-3596",
"sourceIdentifier": "cret@cert.org",
"published": "2024-07-09T12:15:20.700",
"lastModified": "2024-12-30T19:23:20.437",
"vulnStatus": "Analyzed",
"lastModified": "2025-03-18T16:15:22.140",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.2,
"impactScore": 6.0
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"baseScore": 9.0,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 6.0
}
]
},
@ -53,6 +73,28 @@
"value": "CWE-924"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
},
{
"lang": "en",
"value": "CWE-328"
},
{
"lang": "en",
"value": "CWE-354"
},
{
"lang": "en",
"value": "CWE-924"
}
]
}
],
"configurations": [

12
CVE-2024/CVE-2024-363xx/CVE-2024-36359.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-36359",
"sourceIdentifier": "security@trendmicro.com",
"published": "2024-06-10T22:15:11.413",
"lastModified": "2024-11-21T09:22:01.040",
"lastModified": "2025-03-18T16:15:21.627",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

14
CVE-2024/CVE-2024-374xx/CVE-2024-37479.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-37479",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-02T08:15:06.190",
"lastModified": "2024-11-21T09:23:54.570",
"lastModified": "2025-03-18T15:15:50.993",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-98"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/lastudio-element-kit/wordpress-la-studio-element-kit-for-elementor-plugin-1-3-8-1-local-file-inclusion-vulnerability?_s_id=cve",

32
CVE-2024/CVE-2024-376xx/CVE-2024-37675.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-37675",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-06-21T17:15:11.143",
"lastModified": "2024-11-21T09:24:13.560",
"lastModified": "2025-03-18T15:15:51.737",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

14
CVE-2024/CVE-2024-388xx/CVE-2024-38816.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-38816",
"sourceIdentifier": "security@vmware.com",
"published": "2024-09-13T06:15:11.190",
"lastModified": "2024-12-27T16:15:24.313",
"lastModified": "2025-03-18T15:15:52.397",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://spring.io/security/cve-2024-38816",

32
CVE-2024/CVE-2024-392xx/CVE-2024-39248.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-39248",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-03T17:15:04.303",
"lastModified": "2024-11-21T09:27:21.960",
"lastModified": "2025-03-18T15:15:52.563",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

Some files were not shown because too many files have changed in this diff Show More